The message at the far bottom is just a warning.

Then it also terminates the attack box

Attackbox is totally seperate

If you are using the AttackBox, you do not need the VPN.

sure , but I when I try to start another tab in there, I get this:

and it terminates

fair, i was using it in addition to kali, but your point is valid

Unless you are SSHing in or transfering files.

Not sure what you mean.

the question is now why can't i get that immunity process in the bufferoverflowprep to stay running long enough for me to run the exploit.py against it

it just terminates as above

I'm honestly struggling to follow your problem.

Which machine are you performing the exploit from (AttackBox or Your own or the room or both)?
What happens exactly (Screenshots are extremely helpful)?
Have you tried restarting the machine?
If you are using your home machine, have you tried the AttackBox (and vice versa)?
Does this usually happen at a certain task or is it entirely random?
Does this happen on any other machines?
Does this only happen on specific machines (e.g. Linux or Windows)?
Are you doing something that makes this happen?

I'm performing the exploit from kali, my own. What happens exactly (now after restarting the vpn several times) is that the process oscp.exe just terminates even after i let it run / f9. I started on the attackbox and moved to the kali because i get to keep the files, so now working from that. this is happening at task 2 of the bufferoverflow prep room. I don't know if this happens on other machines. No, afaik, this happens only on the windows instance of immunity debugger in that task. I'm following the instructions there.

(I think that answers your qs in order)

There's two (ish) explanations for what is going on:

You're doing it wrong

or

The machine is broken

Right, so following the instructions carefully, if the machine is broken what do you suggest/ or have you seen this before

To my knowledge, I have not seen this before. I am hoping that someone else could take over because I have no idea tbh.

Yeah, I'm scratching my head here.

I could move onto another room but i'd like the practice

The machine isn't broken afaik

Are you crashing the oscp.exe?

before i even run the script it Terminates in immunity

should i just start another?

machine in there

Yeah I'd definitely try redeploying the target.

it should at least wait for me to run the script to terminate

ok

lemme see

Is this network room coming soon?

Soon™️

Might wanna change February 2021 to something else.

Hi guys, more than year and a half I joined to THM in that time I joined to Burp Suite room but now I returned to THM I see that room is only for subscribed ones, I want to leave that room but it's not possible because it sends me direct to the subscribe page. Any help or suggestion about this?
Yes, perhaps in future I'll become a subscribed user but for now I just want to leave that room in order that it doesn't appear in my "to do" rooms list. Could someone in this support channel help me or where I should to write an email requesting that? Btw, thank you in advance.

Hi I am in introductory networking and have downloaded task files for Task 5. I haven't used Wireshark before and am having trouble loading these files. Any help appreciated.

Got a concerning issue with one of the rooms: Linux: Local Enumeration, Task 7, question2. I enter the correct payload and get an incorrect response plus an error code: "Uh-oh! Undefined." My antivirus then pops up stating that it blocked a payload from acting. I'm going to put this one in the #room-bugs as well

Are you running bitdefender?

yup. @barren birch just filled me in on the AVs thinking its malicious and you all in the process of asking them to cut it out

BitDefender is generally overzealous

It also MITMs all your HTTPS traffic

With only two weeks of experience with it I am starting to see that lol. Problems been taken care of w/whitelisting the IP

Hi guys what version of Kali-Linux should i use for doing the task in THM?

Can i just download the newest version or should i download certain version?

You don't need a specific version. It helps to be up to date.

Anyone else gotten unable to connect to x.x.x.x
Error: protocol security negotiation or connection failure

(wondering if this is related to the vpn issues, but they seem to have been resolved. and this is on the dedicated box)

Whatever you're asking, it really really needs context

Because we have no idea where you're seeing that message

Sure it's on the buffer overflow prep room, and is on the dedicated kali machine, task 2

Screenshot.

when trying to connect to the windows machine via xfreerdp, so actually task1

sure:

I'm not getting foothold on the user i used all kinds of payloads but not getting it😅

I was wondering if id_rsa is like a backup key for ssh logins or is it something else? Sorry, I’m still new to this

Is it possible to hide the titlebar without going full screen? I would like to keep my windows task bar

have you tried seamless mode?

Well that one is quite practical, i thought i have tried it

but i didn't, thx @swift vortex 😄

👍

it has its flaws though, its not perfect

well if its not as bugged as our work citrix, i think i'll be fine ^^

@zealous yoke @eager fulcrum Guys, 2nd flag (admin dashboard) from [Severity 8] Insecure Deserialization - Cookies Practical https://tryhackme.com/room/owasptop10 misconfigured.
I can retrieve it just by going to the /admin

Hmm.. so the web interface of THM shows that the deployed vm got suspended(tho I added an hour to the time) but I can still connected to the box.. is it a known bug thingy, I mean its a bit annoying as I can't add another hr or close the vm : /

Mhm, it is known. Refresh your page and the machine details will re-appear.

oh, okay thankya

Known issue -- it's on my to-do list as I revisit the web pathways. Appreciate the reminder @grizzled sinew 👍

Hey, anyone that can shed light on this CredSSP issue when RDPing into VM?

Someone have an issue with the vpn ?

I can't connect to tryhackme network, even after redownload the file .ovpn

Hi @ocean hatch , give if you give me an IP from your network, I will look into that.

It's ok now, thank you 🙂

I will give you my fix, install MATE or Gnome, those are very customizable and you can even disappear that bar, personally I have that bar at the bottom (Windows Style xD). I don't think that by default kali has that characteristic.

well i've meant the title bar of the virtual box window

if you mean the panel, you can move it in xfce as well ^^

i need a help

my gf ig acoount is hacked. can you guys get it back or just deactivate it?

@graceful garden

Another one

??

You should contact Instagram.

Thats what we would do

They're banned

I swear, I think I'm too nice sometimes.

They had to agree to the rules before being able to access the server.

My parrot OS virtual machine turns black everytime I reach the installer

This channel is for VPN and other technical questions related to TryHackMe

Please use #infosec-general

is there an issue with 63.35.110.70:1194, the EU-VIP2 VPN gateway? My cert doesn't work today

I have internet connectivity, can ping that gateway, google dns, etc
I have rebooted, updated & upgraded
Haven't regenerated my .opvn file yet because I know my IP address off by heart and I'd rather not change it lol
My relevant logging (ie till before it starts to repeat) is here https://pastebin.com/tp5aKkp8

on a related note, I have an old opvn file for EU2 and it connects without an issue

I'm doing the NMAP room, I'm connected to THM vpn but which user do I use on ssh command?

Yep I had the same sort of issues yesterday. I don't know if it's fixed today but can try after work

You do not.

Ok?

You don't SSH.

they are not connected, go back to the nmap room and read what you have to do, it guides you through step by step. In some rooms you need to SSH, but in this room you do not

good luck!

Ok @craggy kayak ty
I thought I could ssh all rooms
Thx

I purchased a voucher for a year as an extension to my current account that expires at the end of the month. I see no where to apply the voucher I purchased. Did I mess up in buying the voucher and my account was going to auto-renew?

Cancel the auto-renew if it is on

When your sub ends, a new option should appear on your profile to insert the voucher code

Thanks. I'll do that. 👍

Had that error while trying to setup openvpn, in the last sentence it says "System can't find the required file."

hello everybody

could anybody tell me why i can't download my Complete Beginner Path certificate ?

i've finished everything, 100% everywhere but still not able to download it

other paths also

Hey, I tried connecting to the TryHackMe Vpn but I after I imported my cert and pressed connect, I will receive the following error within the log file

"Creds: Username/Password Empty"

Can someone help walk me through installing OpenVPN on Kali?

!vpn

Kali comes with openvpn preinstalled tho

It does?

It does.

@eager fulcrum doing this room already. Downloaded the .ovpn file for Windows, imported it into OVPN GUI client. On Connect -> "Creds: UsernameEmpty/PasswordEmpty"

It was addressed at the other user

Oh. Sorry

Thank you I appreciate it

Okay after regenerating 6 times and downloading the cert which was either corrupted or completely empty I somehow now received a valid one 😄

is there any issues with US-WEST-VIP server at the moment?

Hey, i've been having some difficulties with my john the ripper. I don't understand why it can't crack some of the hashes. and when I watch some walkthroughs it cracks it just for them in the videos. If I manually add the password to the rockyou.txt file then it will crack it

I even noticed it with the directory2.3medium wordlist

It seems like my streak and "event" count isn't updating today. If that bugs out, is there a way to retroactively correct/maintain the streak?

i had the same thing happen to me to and reset my streak counter

even though i did answer some questions

I'd hate to lose my streak 😦

i did. i had to start over

Does anyone have any suggestions for preventing that? Or, if it does get bugged it, can it be manually fixed by an admin later?

you could try emailing support@tryhackme.com and they might be able to help you out with the streak issue

as for JohnTheRipper and Rockyou, I've not had a single challenge where they were mentioned and or referenced that they did not work

never added anything to rockyou lol

i think i have do a purge to john and reinstall

i don't understand why sometimes it wont crack them

well, next time you get stuck, post in room hints with your command and what task you are doing and someone can probably assist

yeah, ill try that

Hi guys!! I am trying to upload a vbox to create my own room, but it is still at 0.00%. I started 3 hours ago. Not a network issue for sure. Is something wrong here???

hey everyone i am new to this and i am trying to connect my kali machine to the rooms and i am unable to download the config file

Nvm i think i figured it out

iwant some help my conutry ban openvpn

iwant to connect it can any one tell me how

I just completed the blue defence path and it says 100% complete, but when I go to download the certificate I get an error message saying I haven't earned it yet. I went back to all the rooms to make sure I didn't miss anything and they are all done. Can I get some help on how to download my certificate?

HI, can any one help , I cannot copy flag from attacker machine to questions in paths..

Use the sidebar on the left

great , it worked, thanks

Hi!

Can anyone help me in command of jtr

I was trying Crack the hash room

there is a hash : 279412f945939ba78ce0758d3fd83daa
it is md4

That's unsalted, so I'd try online tools first

in jtr I tried : john --format=raw-md4 --wordlist=/usr/share/wordlists/rockyou.txt Target.hash

it works well online but why not on jtr or hashcat

Probably because it's not in rockyou?

It's not salted. No reason to waste the time and compute power cracking it.

thanks

What about this:

$2y$12$Dwt1BZj6pcyc3Dy1FWZ5ieeUznr71EeNkJkUlypTsgbX1H68wsRom

hashid or hash-identifier can't detect the type

It should be able to

But remember $ is a special character in bash/zsh so you need to put the hash in single quotes

hash analyzer find it as bcrypt

i tried in hashcat but it is still running for an hour but no success

Any suggestion or instruction??

hello anyone????

what did you type into hashcat

and are you cracking it on a vm or your main system

It's running.

So where's the problem?

hashcat -m 3200 Target.hash /usr/share/wordlists/rockyou.txt

in my main system

well that should be OK, you will just have to wait really

Hello , got a bit of a problem if anyone knows why when I scan with nmap some machine ips it only shows port 53 tcp open

Hey is there a way i can change my username on THM ?

Email support! support@tryhackme.com

Old: <old username here>
New: <new username here>
Email: <Email of your THM account here>

Hi!

Can someone help me out with

Hash: e5d8870e5bdd26602cab8dbe07a942c8669e56d6
Salt: tryhackme

I used this:
hashcat -m 110 e5d8870e5bdd26602cab8dbe07a942c8669e56d6:tryhackme /usr/share/wordlists/rockyou.txt
I don't know is it ok or not.

@fading cypress This channel is for tech support

Please use #room-hints

oh sorry

Hi, I'm doing to fundamental linux challenges course, and I keep getting "failed to connect to server" any help here?

Disregard, I think I know what the issue is.

Hello support team,

I am constantly having a problem with accessing websites from machines.

I am currently trying to do the OWASP TOP 10 room but I can't get access to the website.

I run Kali on a virtual box, I have full internet access on that ( can visit any website with no problem at all).

I have tried using both of the VIP connections for EU via openvpn.

If I try to access 10.10.10.10 , it will show me that I am connected and my IP address is : nothing
because the website is loading all the time.

The same thing happens with the machines I am trying to access.
for example: http://10.10.156.215/evilshell.php

I can ping the machine and will get some solid results.

But the web page is not loading at all:
It's just telling me "waiting for 'IP-ADDRESS'"

I tried to use a different browser and to turn of kaspersky.
I uninstalled openvpn and reinstalled it.
I even installed a fresh kali box and got stuck on the same issue...

If I try to access 10.10.10.10 , it will show me that I am connected and my IP address is : nothing because the website is loading all the time. - This is a key symptom of the MTU issue. The fix for it is: sudo ip link set dev tun0 mtu 1200

@neon remnant ^ Hope that helps

thanks for your answer, I am getting an error saying tun0 doesn't exist

The VPN should be running in Kali, not on the host OS @neon remnant

yea the VPN is running inside the kali terminal on my vbox

https://github.com/tryhackme/openvpn-troubleshooting

We're beyond that

hello is there anyway i can unverify my account?

!docs verify

Please follow the steps there, then send a screenshot of the output of the OpenVPN command

yea I am loosing it if I am reading the trouble shoot again

unverify

i want to link this to another account

Sorry, you already have a token on this account.

Hey guys, sorry to barge into the conversation but I signed up yesterday and I tried starting an attack box, it just gives me a white screen

Hey i have a question related to the my tryhackme subscription can i ask you guys ??

my thm subscription got renewed and i want to cancel it , so will i get a refund ???

As we said earlier

Email support.

You need to email support.

support@tryhackme.com??|

yes.

james you seem a bit stressed helping so many people 🤣

No, just annoyed when people don't listen

https://tenor.com/view/cute-cat-cry-three-sad-gif-15849691

@eager fulcrum can you answer

i can't unverify?

Remember. Everyone here is a volunteer. We help when we want and when we can.

Pinging me to tell me to answer isn't going to make me answer. It's going to make me ignore you.

ok 🐣

You are appreciated king, thank you for your efforts

Also i'm from india, is it okay if i download the Indian vpn config fie or do i select another country?

config file

if you select country that goes on your profile and for ranking

It shouldn't bring up any technical issues though right?

because same country

no

Awesome, thanks mate!

Nope, we've had the Indian VPN server setup for a little while -- it's only as of the latest code push (very recently) that it was accessible on the site

Already a fair bit of traffic going in/out despite how new it is

I can't download the config file though

Trying to download EU-REG-2

Please allow at least a minute after regenerating your config prior to downloading

There's a bit of a bug where it might take a couple of tries (and/or a different server before switching) which the patch for is hoping to be released this week afaik

But waiting at the very minimum a minute after generating prior to downloading is super important as the certificate & keys have to be generated on the server

To buy a subscription, i try to avail student discount but unable to get discount. Eventhough i changed my personal email address to student email id provided by my university, but it showing the same price without discount only.

Cant verify my account at discord because another account was verified before that doesn't exists anymore..

I've completed the Complete Beginner Path an hour ago and am trying to Download the Cert it says you have not earned Cert yet

Administrator and Moderators, I just finished my first certification on the website, but it print's my username (that I can't change) instead of my full name.

Just as a heads up, that's not what discord moderators are for

They're not site staff. Not primarily here for support either.

You can't change your name once it's generated.

So I wont be able to change my name in the certification? I did all those hours for nothing?

It's a site issue that will be fixed

Set your full name in your profile for future certificates.

Who I have to contact to change that for me?

Because this is the only certification I wanted

and now I'm very frustrated.

To change what for you?

Getting frustrated isn't going to make anything get fixed faster.

To have my fullname on my Offensive Pentest Certification

Email support, but I don't think there's anything they can do.

Hey guys, i wanna consult something

I can not see my badges, is it general issue?

https://prnt.sc/10ngz24

!docs verify

Work through that then you can post images.

thanks

how can i show my badge. the thumbnail is not loading

Guys, I want to use wireguard instead of openvpn to connect to the tryhackme network. Any idea how to do this?
Perhaps convert .ovpn file to .conf file somehow?

i have the same problem, the LinkedIn share is dead too.

@versed socket Not really possible unless supported, OVPN uses more "legacy" encryptions algorithms then wireguard so there will be a big mismatch, also the OVPN server wont accept wireguard clients..

@eager fulcrum can I send you a PM ?

Can I ask why?

No, you can't. There's no wireguard VPN server.

Just curious how to become support for THM discord

There is no official role for it in the discord

Be helpful, be accurate

I see thanks.
Its just that with my current openvpn connections, I keep getting disconnected every 2-3 minutes

Do you get an error ?

which makes me unable to have shell connections open, do nmap scans, rdp sessions etc

Try a different VPN server

Gotcha thanks!

Make sure you're not running two instances of the VPN by mistake

i would like to deploy my own kali machine as i want to get used to it...have subscribed but I'm a bit unclear on accessing the tryhackme machines...

i have my own vpn up...do i need to close that and use the openvpn system?

closed my vpn and used the openvpn ...says I'm connected but a curl request is no producing any info

if you build your own kali host, you will want to run the THM vpn from there, not sure if your home vpn would interfere though

can someone remove my token

please 🐣

can i have some help with my token please?

Hi to all, may a simple question but how would one download the files for the challenges to the machine if you are using the attack box in a browser?

if you're a subscriber your atttack box has internet connection

otherwise you can upload it with scp, but that may be a hassle

SCP is a good shout atm

looking into making it easier for that sort of stuff

but pro tip: you can use "up" in the terminal and it launches a python web server that hosts files using python3 (it's an alias)

If you can't SCP then just logging into the THM site and downloading the materials on the attackbox is probably the easiest / is purely in-browser

can someone remove my token pls? 🙂

I've asked a moderator to do so for you. Appreciate you've been patient for atleast a few hours

But yeah

I've asked a Moderator as they're the only ones who can do it properly without me logging into the DB etc

hopefully they'll get to you shortly but just gotta wait it out otherwise (:

ok thanks 🙂 🐣

can someone help me install my ssd

i have a doubt

i see a plastic cover on the nvme slot

Look over Youtube bro

Its the best way

yes i looked it up but cant understand, there is a mounting clip already installed

cant seem to installmy ssd on top of it

should i try to remove the clip?

i mean its not coming off

@crude prism this chat is for site support ask in #infosec-general or #general

ok sorry man 😔

!docs

when ever i try to download my vpn config file of IN server

this page opens up

If you are receiving a 404 error after attempting to download the OpenVPN Configuration file please try these steps:

• Press regenerate, wait 2 minutes and then try downloading again

• Change VPN server and try downloading again

• Log out of your account and log back in.

thanks jabba lemme try these out

i can download other vpn server but not IN one

Which one is giving you a 404?

IN regular 1

Regenerate, log out, log back in download.

ok

@deep trellis IN-Reg is giving a 404. Both me, Varg and Evil have tried it.

@warm spear Still no reply from support

We're looking into this now:) Thanks for reporting

Thank you 😁

Ashu fixed it - Looks good to go now:)

Thank you!

@proud tusk Should be sorted.

thanks lemme try again

yep works fine now thanks mods and admins

Hi there, did't find flag 26 while work on Linux Challenges
https://tryhackme.com/room/linuxctf
Can't find requested string 4bceb
find / -type f -name "4bceb*"

looks like you are searching for a file name there

Greetings i have done the Cyber Defense learning path all rooms which available at this time (there are still few in development) and I am failing to generate certificate

So you haven't done all the rooms in the path

You've done all the rooms that are available RN.

Yes everything what’s available at this point of time @eager fulcrum

But that isn't everything. So you haven't completed the path.

Which means I have to wait until all rooms doable even the ones in development then . Thank you 👍

I can see how the Path Progress at 100% is confusing, as it calculates completion against available rooms/tasks in the Learning Path (or calculates the unreleased rooms as having 0 tasks). It would be more clear if it would calculate by rooms completed out of all rooms included in the Learning Path (including the ones that are coming soon and have not been released yet).

Ok I see, but
grep -r -h "4bceb*" / 2>/dev/null | grep -E '[[:alnum:]]{32}'
eternity woкed

Yep

So the difference is that second command searches file content

The first searches file names

Thank you dude 🙂
It's finally working thanks to that mtu change.
Didn't know I have to run openvpn while typing the command >.>

thx that helped me too -> had problems with EU-VIP-1 although EU-1 worked normal

Not optimized, cause too routine to wait common task to finish;(
Maybe place it under /Users

My openvpn keeps disconnecting...

2021-03-17 10:04:39 [server] Inactivity timeout (--ping-restart), restarting
2021-03-17 10:04:39 SIGUSR1[soft,ping-restart] received, process restarting
2021-03-17 10:04:39 Restart pause, 5 second(s)

Anyone know what might cause this?

Not my box, #room-bugs
It was already changed to make it easier.

Bit of a spoiler

But ok

Hi all,

I just recently started to learn with tryhackme free rooms and in room "Web Fundamentals" I had to delpoy a server for ctf. The server loaded and I got the ip. However, I was not able to connect to the server with curl or with browser, but when i tried doing the same from AttackBox all went fine. Is this a problem from my side or is it suppose to work like this?

there's a VPN that you need to connect to in order to get access to the machines from your pc

!docs vpn

!vpn

@weak granite ^

thank you 🙃

hey i put my student mail but dont work the discount

same happened with me

@fervent ether you cant use student id i changed mine it worked

yes you can

@fervent ether You'll probably need to email

!docs student

I am having issues with the VPN too, I am using US-east-regular

I changed to us-west-vip and it seems to be working now

ohh

thanks

when u change the location need new perfile

what u mean?

They were wrong

Then why my student ID not working in it

Probably glitch

Anyhow

I'm signed in

Now by other email

If your student email is not being recognised, email support and they will reply back with a list of instructions to completed before applying the discount to your account.
Please note: Read their instructions clearly, if you do not do them correctly, they will deny their service if you do not.

They're doing something totally different. You're having trouble signing up. They were trying to get the student discount.

Im trying to complete the advent of cyber 1 and i get this message when i try to access the machine

An error occurred during a connection to 10.10.154.195:3000. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

anyone know whats the issue ? please ? 🙂

@paper silo http not https?

oh right, thx i don`t know why when i just put the ip in it goes to https instead of http

Thank you @eager fulcrum

hello, i'm trying to set up tor and proxychains on ubuntu, i'm trying to edit /etc/proxychains.conf but i keeps telling me permission denied, can someone help please

#infosec-general

i'll ask there thanks

can someone help me resetting my discord token since i used it on a different account plz

can you log in from that account and ask for it to be unlinked?

-tokenremove 322370795168989186

Wrong bot

!tokenremove 322370795168989186

Done, no more entry with UID "322370795168989186".

@wind lichen

thx!

hey im trying to use openvpn for a room, and i can get ahold of 10.10.10.10 but the ip address that the room gives me wont let me connect, any pointers?

You can't open the IP in your browser if it isn't running a webserver

What room?

https://tryhackme.com/room/linux2

Keep working through the steps

would i need to download SSL software?

You're not meant to access it in your browser

SSH*

You need an SSH client. Don't confuse it with SSL. I think you can just use Powershell.

hello can someone please remove my token? :)

Yes I am a subscriber. When I open the page to download the files the box repeatedly opens so it's impossible for me to open.

looks like the website does not detect the vpn connection. I normally use EU-VIP1 but that started failing some days ago. now I moved to EU-VIP2 but the website shows the red button at top and not the green one with my vpn ip

Yeah, that widget and the one on the access page is unreliable

iwant some help i cannot connect to openvpn bec my country blocks it how can i bypass it plz iwant some help that not my foilt that my country blocks it

Use 10.10.10.10 instead

What country?

egypt

yeah I usually just check the room IP

It'd be illegal for us to help you so please stop asking @flat swallow

What?

The room IP is different to your own IP

my own ip i get from ifconfig

it was to check if the vpn is up

10.10.10.10 is good for that

would love to get my access for VIP1 back though. had a nice and easy IP to remember 🙂

ahh it actually looks like I got it even after regenerating my config

and it works again 😄

Is there any advice for those use who use the Kali machine for challenges, but when you open the challenge the kali machine gets looped into reopening the challenge over and over again?

I have tried to connect to rooms with the room code that might be interesting to me and I joined Wreath but leaved as soon as i saw it worked.Do I have to worry?I dont want my account to be banned.

If you left then probably not

hello can someone please remove my token 🙂

You've been told where to look

You were not told to repost your question

Check the pinned nessages here. Use the MTU fix.

Oh! 🤣

Plz help me,
I can't seem to find it

It's late. I'm sure you can find it if you spend an extra 5 minutes looking.

i just gave you a link in #room-help

10 minutes ago

Oh man, it workedd!!!
You're the best

Thanks guys for your help, i really appreciate it!

Im am trying to use hydra dictionary attack to bypass a login page on a tryhackme room however i get the following error.
[ERROR] optional parameter must start with a '/' slash!

I can't spot an error with the following hydra command I used
hydra 10.10.61.223 -t 20 -vV -l R1ckRul3s -P /usr/share/wordlists/rockyou.txt http-form-post "/login.php:username=^USER^&password=^PASS^:F=Invalid"

Can someone please guide me on what I am doing wrong

Ask in #room-hints or #room-help cause this channel is for queries related to site and VPN.

noted

US/EU vpns won't connect on windows, but will on Linux. Double checked the installs and regenerated each time, so I've no clue of the issue.
I'm assuming my region is sparking up VPNs again because of an upcoming hackathon, but that should be affecting all OS

need help

with crunch

The discord verify bots doesnt work for me, I deleted my account last year that was linked to this Discord.. Also could a mod provide me the CCNA and Sec+ role ?

Is this the correct room to inquire about how to get the student discount? I subscribed, but can't seem to find where to do the thing, I didn't see it while subscribing and can't find it now.

https://help.tryhackme.com/billing/student-discount

Not sure if this is what you searched for but saw it flashing by in the bots-command chat..

That fully explained it. Arigato Gozaimas

Banner link to my room that was released yesterday is gone for some reason. I can add it again without any reevaluation right?

@naive dust it was removed because of how it looked. Preferably don't add the same one back

I understand, it's actually harder for me to fit into this format, so I guess I will leave it like this

Email support: support@tryhackme.com

If you are receiving a 404 error after attempting to download the OpenVPN Configuration file please try these steps:

• Press regenerate, wait 2 minutes and then try downloading again

• Change VPN server and try downloading again

• Log out of your account and log back in.

if i buy 1 year can i cancel when pass one year?

You can cancel sub at any time, you get what you paid for. Your subscription will not be removed if you cancel auto renewal before the date that it expires

Hi how are you?

I have a problem getting my cert of the Complete beginner path,finish all the path but still cannot get it.

that path is currently undergoing some changes from what I have heard so you may have to wait a bit for it to be available for certification.

Yes they add more content But i completed all

And my member expire in 1 day

:/

I have 8/8 badges and 100%

yeah I think its some unreleased changes, you might need to email support as I don't think the discord team can assist with this (though some of the other support staff do look here time to time, email might be best)

!email

Ok i will send it a mail thanks

Hi, I am in the Sysmon room in TryHackMe . How do I access the machine for the Sysmon room? The Sysmon room says "For this room, we have already created an environment with Sysmon and configuration files for you. Deploy and use this machine for the remainder of this room. "

Machine IP: 10.10.35.69
User: THM-Analyst
Pass: 5TgcYzF84tcBSuL1Boa%dzcvf

As with most Windows machines, probably RDP?

Recent activities are not visible with phone. THM.com/p/<profile>

Rotate your device 90 degress to the right

Two screenshots: vertical and horizontal

Ah, I see. I believe this has been reported before in the bugs channels.

Yea, I wasn’t sure if I should report this here.

Hey guys i had a problem with my old account and now i got verified with the new one is there a way to get my token back? Because when i send it to the bot it says it's already used

Are you still able to access your old account?

No unfortunately

Is it in the Discord server currently?

Do you mean this server? yeah

Ping it for me please:)

@naive dust

And finally: What is your site account's name?

NotaHacker

Alright, I'll ping you when the token is removed.

Thanks

Cant access Upload Vulnerabilities room machine anymore. I got as far as to the Challenge task, and managed to upload a nodejs shell file that masquaraded as a jpg file. After that the whole thing stopped responding. I've already killed that machine and popped open a new one, but nothing works anymore. I disconnected from openvpn and that didnt help either. I restored the hosts file, then put in the stuff in it again. Didnt work. Any ideas whats happening? Firefox just returns "Connection has timed out"

cant access any of the sites like overwrite.uploadvulns.thm, jewel.uploadvulns.thm etc

and yes the THM VM is running, its got 1h40m left

did you prefix with http://?

it worked previously without http prefix, now I tried with and still dont work

is the ip still set properly in the hosts?

uh oh

on the task page it says "sudo sed -i '$d' /etc/hosts" to use that command to restore the host file

it does not restore it

MACHINE_IP overwrite.uploadvulns.thm shell.uploadvulns.thm java.uploadvulns.thm annex.uploadvulns.thm magic.uploadvulns.thm jewel.uploadvulns.thm
10.10.8.137 overwrite.uploadvulns.thm shell.uploadvulns.thm java.uploadvulns.thm annex.uploadvulns.thm magic.uploadvulns.thm jewel.uploadvulns.thm

still have those two lines in the host file after "restoring" it

i imagine that is the issue

nuke the MACHINE_IP line

that sed command just deletes the last line

ah I see, thanks!

replace the ip with the correct target machine ip

did it, works now, thanks for the help

hello, i cant connect to the vpn, can someone help me?

im getting TLS Error: TLS handshake failed

tried to run the troubleshooting script but did not work :(

Are you in a country that blocks OpenVPN?

its working now :)

i needed to regenerate it 3 times tho

Hey guys, I could use some help. I'm pretty new to all this stuff, so please bear with me. I have set up Kali in VB and configured the VPN with the provided profile. I can connect and on the THM "Access via OpenVPN"-page it shows me as connected. So far so good. Currently I'm working on the NMAP room, task 14. I started the machine and tried an Xmas scan with: nmap -sX -p 0-999 10.10.23.76 and I just get:

Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-18 11:03 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.27 seconds

It tells you what to do there

It works with the AttackBox, so somehow there seems to be an issue with my VPN connection, even though it shows "connected". I tried the troubleshooting-script but even though it is right next to my openVPN config file it just gives me "config not located".

New issue with the Upload Vulnerabilities machine. I can no longer run gobuster on the machine, it crashes it. I was able to run it just fine previously, even with 200 threads. Now it crashes with default 10 threads. I get "[ERROR] 2021/03/18 17:44:42 [!] Get http://jewel.uploadvulns.thm/content/FMR: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
"

error, on several tens of those wordlist entries

after stopping the gobuster run, the machine stays unresponsive and I'm forced to boot a new one

You say that, that's not quite what's happening.
You see, Windows has something called a "Zoned" firewall. It treats traffic from the attackbox as more trusted than traffic from your VPN IP, which is why you can ping from the attackbox.
Use -Pn like nmap suggests.

Hi @eager fulcrum thanks for the reply! -Pn gives me something. So does that mean, that I have to use -Pn for all the commands in the lessons, when using the VB Kali instead of the attack box? I apologise for the maybe obvious question, drinking from a fire hose right now. Everything is new to me.

You need to use -Pn for machines that don't respond to pings. Here, the target will respond to pings from the attackbox because it is more trusted

Ok, thank you!

now gobuster instantly crashes the machine even with 2 threads

its only getting worse

something wrong with this machine in this room Upload Vulnerabilities

"Error: error on running goubster: unable to connect to http://jewel.uploadvulns.thm/content/: Get http://jewel.uploadvulns.thm/content/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)" Instant error after running gobuster on a brand new booted target machine. And yeah I visited the url first to see if it was up, it was

hello, how much does it normally take to scan a machine? cause it took me about 30 min to do an "nmap -A -p-" scan.

Depends on the machine

This channel is for tryhackme related tech support. #infosec-general @naive dust

hello can someone remove my token :)

!tokenremove @naive dust

Done, no more entry with UID "@naive dust".

Goddamnit Hors

!tokenremove 729048276271104051

Done, no more entry with UID "729048276271104051".

You wouldn't happen to be using another VPN would you?

Also make sure you don't have duplicate entries in /etc/hosts

thanks @barren birch 🙂

Just openvpn, the same one I was using until problems begin. Same connection. I then did restart that connection as well.

also I cleaned the host file 4 times already

As in, do you have another VPN elsewhere?

no, I dont

Odd

Start up a box for me please?

I've seen it before with duped entries in hosts, works fine in firefox but doesn't in gobuster

Box started, the Upload Vuln one

Ooh, good shout that one

Could you show us your /etc/hosts file?

This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:

[network]

generateHosts = false

127.0.0.1 localhost
127.0.1.1 DESKTOP-xxxxx.localdomain DESKTOP-xxxxx

The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

I have not configured it yet for the 5th time

The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
10.10.31.177 overwrite.uploadvulns.thm shell.uploadvulns.thm java.uploadvulns.thm annex.uploadvulns.thm magic.uploadvulns.thm jewel.uploadvulns.thm

now I have

Lemme have a look at that

I got everything ready here, all I need is for the target box to stay up when I run the gobuster on it so I can see what my payload name is generated into

Working fine for me

That's using your IP

okay, let me try now

└─$ gobuster dir -u jewel.uploadvulns.thm/content -x jpg -w ~/Desktop/wordlist.txt

Gobuster v3.0.1
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@FireFart)

[+] Url: http://jewel.uploadvulns.thm/content
[+] Threads: 10
[+] Wordlist: /home/user/Desktop/wordlist.txt
[+] Status codes: 200,204,301,302,307,401,403
[+] User Agent: gobuster/3.0.1
[+] Extensions: jpg
[+] Timeout: 10s

2021/03/18 23:49:40 Starting gobuster

Error: error on running goubster: unable to connect to http://jewel.uploadvulns.thm/content/: Get http://jewel.uploadvulns.thm/content/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

nope, instant crash

Yeah, no idea what's going on there I'm afraid. It's working fine for me with a literal copy and paste from your hosts file

Might be to do with WSL which is often really weird with networking

I was suspecting that as well, as nothing else makes sense Muir. But weirdly it was working fine all the way until Task 11, the Challenge

@strange edge Are the other subdomains working fine?

That might be to do with how NodeJS handles requests

It's definitely different to the PHP method

yes they worked just fine with gobuster, even 250 threads no problem

now I cant use gobuster with 2 threads against the jewel subdomain

So is it just this jewel one in specific that's not working?

yes

Maybe try to remove some of the other subdomains, essentially making the line in /etc/hosts shorter

Maybe WSL doesn't like too much stuff in /etc/hosts, just a random thought

I'll try that one and if it doesnt work I'll hit the bed and continue to tackle this tomorrow. Thanks for the idea!

this is my hosts file now

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
10.10.157.68 overwrite.uploadvulns.thm jewel.uploadvulns.thm

Cant even connect or ping the box anymore

back to it tomorrow

#site-support Whenever I run gobuster on the Upload Vuln page I keep getting this error message.

[!] unable to connect to http://shell.uploadvulns.thm/: Get http://shell.uploadvulns.thm/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

Any idea what may be causing this?

Check your VPN

Check you don't have duplicate entries in /etc/hosts

Ah, yep. Duplicate hosts.

Switching to this channel because it's more relevant here. I am able to connect to my kali machine using ssh so the VPN correctly works.

I run the nmap form the THM kali it works but not from my machine any idea ?

Can you access 10.10.10.10 ?

Where did you get the IP that you're scanning? How long has it been up?

yes I can ping 10.10.10.10
I got the ip from the nmap room, it's just up for 15 minutes.

Where in the room?

from the active machine information tab on top of all the tasks (title further Nmap) i actually succeed to run the nmap from the THM machine but it doesn't work from my machine

Try nc PutTheTargetMachineIPHere 22

10.10.12.113: inverse host lookup failed: Unknown host

Screenshot?

Ok so it can't talk to the target

So I'm not so sure your VPN is actually working?

Can you go to http://10.10.10.10 in your browser?

flag{connection_verified}

Does it show your IP?

yes 10.9.5.11

Terminate and redeploy the target

alright

still the same result from nc

oh damn I meant to write 21

Lemme start a box

try again now

got something 1

So you can talk to it

Try scanning now.

You used a shortcut there because I remembered FTP was open.

Just to make sure you could connect

need to add the -Pn switch but the scan works

don't even know how

I knew FTP was open. If you could reach FTP, then you could talk to the box for sure

Just explaining what we were doing

ah okay

IDK why it was broken before

don't know, strangly i was able to talk to it from the THM machine

Thanks for the help anyway 😉

Is there an admin I can talk to?

Someone just unsubscribed me from THM, my account was compromised.

Email support

Alright thank you

I lost my daily streak despite doing challenges daily?

RDP to the machine in Sysmon Lab to access Windows environment does not work. What next?

Whats the error or you're getting?

RDP can't connect to the remote computer for one of these reasons: 1) Remote access to the server is not enable; 2) The remote computer is turned off; 3) The remote computer is not available on the network. Make sure the remote computer is turned on and connected to the network and that remote access is enabled.

attackbox not working 😦

attack box IP = 10.10.24.59

@warm spear my streak 😢

Is there someone online that can remove the token attached to my account pls ;S

To get the best answer, ask this in room-help and/or room-hints

@slim hearth thanks

Moved to room-help

hey, is there anyone who can help me with the arduino simulation program?

#site-support is for support related to site or VPN.

Just a noob question - is there a difference between regular vpn server and vip servers..

I have a question

Hi all...I accidentally navigated away from a room with an attack box running, and when I try to launch any room now, the room hangs on the loading spinner. Is there any way to shutdown my attack box from outside of the rooms?

If i completed a subscribe only room and after that my subscription ends can i enter that room like if it was walkthrough and i want to review something ?

There's a very noticeable difference between the two types. This screenshot is just an average of the last 15mins of the inbound trafffic

You can use the https:///tryhackme.com/my-machine page (:

What about my question 😕

Thank you!

I don't know for sure--I do know that after my Throwback subscription expired, I no longer had access to the content.

No, you lose access once your subscription expires

You do not lose progress

The machine is hanging in this portal, still. Probably explains why I can't get into the rooms, but is there anything I can do besides waiting for it to expire?

Is there someone online that can remove the token attached to my account pls ;S

Logging out clear cache and log back in

Tried that

Hey guys my vpn won't connect. In the past I have had no issues

Hey, if you could verify and take a screenshot and I'll try my best to help

!docs verify

Just verified. Screenshot incoming

If you try ctrl + c and then run it again, see if that works, sometimes that happens to me and it works when I do that

I've tried like 4-5 times this morning

Ah ok, have you tried regening your config file and waited for 30-60 seconds?

Can you show me the final output ?

Is the socket already in use ?

socket meaning port for the vpn connection?

Blackout - I will try to regen my vpn file

It just restarts over and over again

Hello i have infinite load in the rooms. Error 504 with api.

@copper karma Press regenerate on the access page, wait 2 minutes, try again. If that doesn’t work, make sure your VM time (if you’re using one) is in sync with your host time. If that doesn’t work, change VPN server

TY

Hey Team, I just paid for the premium package and it shows that it went through my bank account. However, it's not reflecting in my THM account.

Email support

!email

Thanks, just sent an email to support.

hey, it says unable to connect.. how do i fix it?

You are not meant to put the IP into your browser

Follow the steps in the room

lol

i also have blue isssues

then what do i do?

it says scan

but im very new

so

metasploit

yep

scan means nmap scan i think

So you're gonna wanna work through the fundamentals first

!docs freepath

!docs free-path

ethpex

check hints

ill post my issue here

#room-help probably

ok

can someone give me a link to the nikto help menu? lmfaoo

That's not really a tech support question, and I'm sure you can google it yourself or look at the help menu locally.

Any chance I can get my latest certificate for a learning path regenerated with my full name?My current handle is rather... unprofessional 🙂

Nope, that's not possible at the moment

Okay, had to try lol. Thanks

im trying to download zap and its saying it cant find java runtime or something

what do i do?

Install JRE...

You'll find it a lot easier to use Kali though.

Make a Kali VM

...

hey guys i need help. my laptop out of no where started haveing gfx issues lines and discoloration what could have gon wrong with my laptop. did my gfx chip go bad im freaking out

after a reboot i still have lines ?....has anyone come accrosss an issue like this?

This channel is for VPN and other technical questions related to TryHackMe

o

james, i downloaded jre and it says it still cant locate it.. what do i do

I highly highly recommend making a Kali VM.

But really, #infosec-general because this channel is for VPN and other technical questions related to TryHackMe

if im being honest i dont know what that means

ight

Make an Kali-VM, then connect trough Openvpn with tryhackme then spawn the machine in the room then you can access it.. Start with the beginners guide/rooms first especially if you dont know what kali etc is..

@eager fulcrum can you remove the token that is connected to this discord account for me ?

!tokenremove 217652604493234186

Done, no more entry with UID "217652604493234186".

Thankss

Also Ninja can you give me the following tags ? CCNA R&S and sec+ ?

Does anybody know how to use Tor with openvpn?
Today I am having network problems and oddly enough only Tor lets me browse the internet.
But openvpn is giving me TLS errors now..

Are you in a country that blocks OpenVPN?

No, and normally it's working but I never used it together with Tor

It's telling me that the TLS handshake failed

Ah okay I get it. It has to do with my network problems today

TLS handshake failed is for a few reasons:
• Your Virtual Machine's (if you are using one) date is out of sync with the host. This can be within a second.

• OpenVPN is being blocked by either your ISP or Country.

• There is something wrong with the file/ server.

I will not help you setup Tor on OpenVPN, but I will suggest this:

• Regenerate your VPN configuration file, wait 2 minutes and re-download it.

• Change VPN servers.

• Make sure your VM is in sync with your Host.

If it's your network problems then none of these fixes will work I'm afraid.

Yeah, I don't why... Today I am not at home in anew network and I always get the error that host addresses cannot be resolved..
It's really annoying 😖
But with Tor everything is working.. I don't get it
I really need to fresh up with networking 😂😂

But thanks anyway that's a nice go to list when I have vpn errors I am gonna save this

hey guys, i have 2360 points this month but my name is not on the leaderboard. can you tell me why?

Hi, I can't log in to my account, it keeps saying my email or password is incorrect and block me for 10 and 5 mins.
I reset the password , I did everything but yet 😭

Hi everyone. a while ago I created a secondary tryhackme account but bow i wanna delete it. How can I do this?

go to profile then other and you will be able to delete it

"I suggest using nmap with the -A and -p- tags."

Takes like 50 mins?

try it without the -A and with -T4 or -T5 so it goes faster

Just think it's weird that they would recommend doing something that obv takes like 1h+

Thanks tho Termack, will try it

Went Faster, Thanks.

How do I get my path certificate to show my name? It only shows my username

set your Name on your THM profile

I did, it doesn't change the certificate when I redownload

I believe thats an issue now that the cert is generated

Yep, can't currently change it

Not really, if it takes to long you need to restart it.. Seems like a little bug but that worked for me

I have a question, in your profile you can see your discord token. Why you shouldn't share it with anyone?

I meant in your tryhackme profile

I just completed the beginner path in THM and unable to donwload the certificate, Do i have to wait for some time before downloading it ?

Because it is linked to you, so someone can impersonate your achievements on discord @bleak junco

And also if someone impersonate as you and is being really rude it is linked to your THM account

wait

ohhh now I got it

thx @slim hearth

I was kinda confused bc it wasn't the same as my real discord token

i'm using Kali Vm in Oracle Virtual Box,
I'm doing wgel CTF,
I connected in IN-Regular-1 Server.
i'm often facing connection issues.

I run the ./thm-troubleshoot & everything is fine...

But when i run nmap or gobuster or dirb... often i'm getting connection failed error. and It takes more time to result the output while comparing to the attackbox provided online
Any help / guidance would be much appreciated...

Might be just because of the delay that u got from your home connection to the vpn

@slim hearth You sure? The "tutorials/guides" specifically says "i recommend using -p- and -A" but doing that for every port would take well over an hour

Yeah pretty sure, idk why it bugs sometimes or takes so long but I normally restart the scan or first do the -A or something and after that it doesnt take that long anymore

If you press enter it will show you the progress

I am unable to connect to the active machine for the django room.
I am connected to the VPN, but I can see that my real IP address is leaking when doing a "what is my ip address" search.
Is anyone else experiencing something similar?

The subscription for monthly is 10 dollars per month so if I am from India then will it show in rupees or will it cut respective to the dollars?

Also what is the machine ip when using the attach machine?

Your paying the 10 dollar amount in rupees so : amount rupees = 1 dollar x 10

ok

Atleast that is how it is in NL i am paying the amount of euro worth 10 dollar

Can you answer this?

@slim hearth

Is different every time you start the machine

Like where is it written

The machine name will be the IP and show up on the top of the page

ok

Let me make a screen real quick

If you have one active it will show up at the red bar

Your own private ip is the one that shows in the red bar

The active machine shows below it

I am facing problem in the "Linux Fundamentals part 2" where it says to do the ssh with the machine ip

So the machine ip will be the one which is shown?

The machine IP of the lab

ok

The first task top right says start machine

yes

You need to click that button and there will show up a bar above task 1

After 60 seconds the IP of the lab machine will show up ( lab machine is the vm that you will exploit )

okkk so I have to put that in machine ip right?

Yes, do you know how ssh works ?

Or are u brand new to all of this ?

yes i am doing through linux, so it would be ssh username@machine_ip

Yes correct

okkk thank you

I have finished the comptia pentest+ path and when I try to download my Certificate an S3 XML error page comes in instead of the png

Is this due to that the picture file policy hasn't been changed yet?

anyone else having issues download the beginner cert other than myself? i have it at 100% and get "fetching cert please wait" followed by "you have not earned this cert yet" ☹️

The path is still under development, so there are still rooms uncompleted for you that you cant see..
( This is the problem in the blue team path not sure 100% if it is also the same problem in beginners )

@zealous yoke Can u confirm this for me ?

hmmm.....good to know. I have noticed a few changes in the path as rooms would appear and disappear.

We will have unlimited time for using the attackbox in premium/vip profiles?

Yes

every now and then my terminal does that. The text wasn't pasted-in, the formatting is utf-8, I restarted my system a dozen times. Does anybody have a clue of what this black magic might be?

I had a query regarding my streak, the yearly activities tab is showing a continuous activity which i actually did but my streak broke yesterday. Can someone help me with that.

Hi, I cannot access to the link http://10.10.142.62/evilshell.php. in OWASP Top 10 room, although I'm connecting to OVPN and I can ping 10.10.142.62 without any issue.

The heatmap tracks different activities to the streak

Okayy thanks 😊

Is it possible to change user name ?

Yep, email support and follow the template in pins

!email

I can't get the openvpn downloaded to my macos?
I get the following error msg...
sudo apt install openvpn
Unable to locate an executable at "/Library/Java/JavaVirtualMachines/jdk-16.jdk/Contents/Home/bin/apt" (-1)

I'm lost, could anyone please help me understand what I need to do now?

You're in macos

Don't use apt.

apt is a package manager for Debian based Linux.

Mac is not debian based linux. It is not linux.

!vpn

Ah ha... Thank You NinjaJc01!!!

OK.. So, I was already connected. ugh
So, I guess my real issue is that I can't get my terminal to ssh to the attack box?
$ ssh shiba2@10.10.142.254
ssh: connect to host 10.10.142.254 port 22: Operation timed out

You need to be connected to the VPN. But you shouldn't be SSHing into the attackbox here.

The attackbox is not the right machine

I'm trying to follow the Beginner instructions. So now I'm really lost... 😉
As an alternative to putty, you may have an ssh binary on your computer. That binary is accessed by going to your terminal(cmd/MacOS Terminal), and typing ssh.

The syntax on how to use this command is ssh <user>@<host>. So to ssh into the machine you'll need to type in ssh shiba2@10.10.142.254. It will prompt you for the user password, which in this case is also pinguftw.

The target machine is not the attackbox

If it's timing out, you're probably not connected to the VPN.

OK.. I got it now I think... The correct ssh ip is the ip from the VPN it seems..
$ ssh shiba2@52.4.198.155
The authenticity of host '52.4.198.155 (52.4.198.155)' can't be established.
ECDSA key fingerprint is SHA256:0TuZDk/gZZ+Kvgx96Efa6mq7GMCw4wBItg6hNgJ/5Cw.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '52.4.198.155' (ECDSA) to the list of known hosts.
shiba2@52.4.198.155: Permission denied (publickey).
But I'm still denied?

The correct ssh ip is the ip from the VPN it seems.. No.

You're trying to SSH into the VPN server.

@haughty ocean The IP is the one displayed under Active Machine Information in the room

If you do not see this, click the Start machine button in task 1

OK that's what I was calling attack machine...
Active Machine Information
Title
Linux Walkthrough (Web-Based)
IP Address
10.10.142.254

Yeah so that's the IP you need to use

if you can't access http://10.10.10.10 in your browser then you're not properly connected

I'm unable to get connected to that ip...
But openvpn shows a connection?
Not sure what I've done wrong at this point.

Then you are not properly connected

!docs verify

Follow those instructions, then you can post screenshots.

I have ip's listed below:
open vpn - 52.4.198.155
openvpn private ip - 10.6.67.61
root@10.10.50.35
Internal Virtual IP Address 10.6.67.61

I don't get a msg box when I go to my profile

Does smb else also have a problem fetching their certificate at 100% path progress? am I missing smth?

It's a bug @oak oriole

@haughty ocean Please DM your token to the bot.

so im just gonna wait a couple of days? 🙂

@jabba How would I go about sending a DM to the bot?

Here is my openvpn showing connected

anyone who uses terminator, do you ever get that small bit of delay when switching to a new panel? like it just hangs for a second or 2?

@proven stratus #infosec-general

This channel is for directly tryhackme related help and support like site or VPN issues.

Hey Tech Support! I'm getting login errors from my credentials saved in my PW manager. I've sent requests to reset my PW but haven't gotten any e-mails. I already shot an e-mail to support, but wanted to cover my bases. Could you guys help me out?

Nope, it's gonna be something that you need to handle with support via email

I cannot access to the link http://10.10.167.51/evilshell.php
in OWASP Top 10 room, although I'm connecting to OVPN and I can ping 10.10. 167.51 without any issue.

Do you have the correct VM deployed?

Yes, tried many browsers, Firefox, chrome, edge, Internet explorer, same result.

!docs verify

verify done

Now you can send screenshots

Check your VPN

Can you access http://10.10.10.10 ?

no

Then you are not connected to the VPN properly

but I can ping to it

Without VPN, impossible to ping it

Do you have a proxy or something running? What's the error when you try to load it?

If you can't access 10.10.10.10 then you aint connected.

no proxy at all

from chrome

Ok, you're not properly connected then.

shall I add static route ?

what do you suggest to do ?

You shouldn't need to. Do you have a VM or something?

no, directly from my windows laptop

no vm used.

windows 10 fully updated

Troubleshooting the VPN on windows is a pain

I agree with you, is there some document reference I could use it ?

the windows is fresh installed from scratch from few months ago

also, disabled antivirus, same issue, I use Kaspersy Endpoint Security for windows

worked now

the issue has been rrsolved

thanks for your support

hello i am doing advent of cyber 2 day 24 last one
and server is shutting down for no reason but it is still showing on tryhackme website
i cant ping/nmap/gobust/go on website with browser server is down, i think vpn is fine
can someone help?

Can't post comments on a thread? The XHR request has no response!

Tried here (https://tryhackme.com/thread/60563abdf5aa287350a04cae) and here (https://tryhackme.com/thread/605251b0eaa0bf200d5442ff)

Response came after some time, it was 504 HTTP response code.

Hello, sorry to bother you guys but I've completed the beginner path today and whenever I try to claim the certificate it still says "You have not earned this certificate yet." I've tried refreshing the page, even with ctl+F5, signed completely out and back in all to the same effect. Does it take a day or so to update?

Hey guys, I'm trying to install openvpn3 in my kali vm but when I do sudo apt install openvpn3 it gives me an error "openvpn3 : Depends: libjsoncpp1 (> 1.7.4) but it is not installable."

I'm currently working out trying to get it working but the methods I have come across don't do anything for me, has anyone come across this before and is able to help? Cheers

Is this for tryhackme?

Yes

hey just an idea: for several rooms where you remote into a windows machine, modern windows pcs will usually throw the credssh error. there is an easy way to get around this by modding group policy - not sure if we could post a tutorial to this somewhere?

Then you don't need to install anything for kali. Openvpn comes pre installed.

strange, I couldn't find openvpn3 on mine. I managed to fix it though by adding a debian mirror to my sources list and it let me install libjsoncpp1 from there. Haven't had any issues since that

Just wondering, can I tell if someone is bruteforcing my login page, if not, is there a way to prevent this?

check web server's logs?

Oh ok, thanks

But would that be something I’d have to check regularly or can I automate it to tell me if there’s too many login attempts?

You can write a bash script (there might be many open-source already) to check the IP hits against a specific endpoint (with the HTTP request method -> POST).

Sort the results and find count (>100) in a day? Then use webhooks of your discord server to report it.

Oh, thank you so much

Sorry for the dumb questions...

Either all this, or just modify your application's source code and add a logger (which I won't recommend), which will record login attempts against an IP with more details (i.e. UA? Request body?).

You can then analyze those logs.

Thank you

Add an captcha will prevent a lot of these botted attempts 🙂

If it is SSH, just allow only login from your rsa key 🙂

I have bought the subscription voucher for the TryHackMe, also before buying this I emailed to asked if invoice would be provided. After buying I am not given any invoice. Please can someone help in this regard as we have bought it for educational institute and they are asking to cancel and refund the amount without any invoice

hello i am doing advent of cyber 2 day 24 last one
and server is shutting down for no reason but it is still showing on tryhackme website
i cant ping/nmap/gobust/go on website with browser server is down, i think vpn is fine
can someone help?

https://tryhackme.com/classrooms You can contact them there about educational institute related questions

Close the lab machine and try again

hello, I'm having issues with the vulnversity VM

I'm up to task 3 where I have to locate directories with gobuster

however, port 3333 appears to be closed

#room-help

thanks @slim hearth

Your welcome

Thanks @slim hearth , I tried contacting them but there was no reply. Thats the reason posted here hoping to get any response.

It is sunday so you probally wont get response today.. You can also try to contact the regular support

I did that many times

Try to open the attack machine

And check if you have connectivity to the lab

If so it is probally your VPN

@deep hull Not sure if this is the same for education purchases but under profile is a tab called Receipts if you enter the date you get your receipt

I have tried almost everything in the books. Mailed them 5 days ago . Still no response.
Just wanted to ask does TryHackMe provides refund for the vouchers if not redeemed?

Did you send an email to support@tryhackme.com?

Yes

I'll forward this to staff. 🙂

Ok Thanks

Do you need any details ?

Hey.
Sorry for the long wait, I have just transferred into the support position. I will create your invoice when I complete the emails later today.