#site-support

#room-bugs

room: ccstego
so when I install stegoveritas it asks me to add a path manually
I've been adding path using

export PATH=$PATH:/home/usr/.local/bin ```
I have to run it everytime I open a new terminal
tried adding path to ~.bashrc it doesn't work

@vale berry are you a newer kali that uses the zsh by default? try putting the export PATH=whatever in .zshrc

no clue what .zshrc is 🤣
but I'm gonna try it anyways

dunno if that'll work but its worth a shot

its the config file for zsh, like .bashrc for bash

hmm alright

what is zsh

its a different kind of shell: bash, dash, sh, zsh, ksh, many more 🙂

zsh is newer than bash and kail has been using zsh instead of bash for a year or so?

woah

lemme try adding it to path hopefully it will work

try adding it to .profile?

misread what you typed above, thought you tried .profile already

thanks its working

Gave +1 Rep to @pulsar sparrow

~.bashrc isn't what you are thinking of. If that's what you edited, be sure you add a /. so it reads ~/.bashrc - note this only works for bash reliably, other shells (such as zsh) may not pick it up.

Hi. Is it normal that THM's access page shows im still connected to OpenVPN even if I've ctrl+C'd out of it, or killed the process in kali?

page doesnt auto refresh

oh I think it was ~/.bashrc

use the hard refresh with the browser

adding to .profile seems to work

hard refresh, is that ctrl+f5?

yes

Usually

You want it to dump the cache. Just using the refresh button on the GUI doesn't do that

alright, thanks, I will try that next time I've disconnected

speaking about the access page it somehow doesn't work reliably for me I always check 10.10.10.10
is that normal?

access page?

I assume he means the same page I was talking about, tryhackme.com/access, the one showing if you're connected to OpenVPN or AttackBox

I'm currently connected to a machine but this page doesn't update

It won't update until you refresh it.

Remember web is stateless.

Can someone help me with this one

When I run openvpn I get this error

2021-12-23 01:58:58 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2021-12-23 01:58:58 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-12-23 01:58:58 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021
2021-12-23 01:58:58 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-12-23 01:58:58 OpenSSL: error:0909006C:PEM routines:get_name:no start line
2021-12-23 01:58:58 OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
2021-12-23 01:58:58 Cannot load inline certificate file
2021-12-23 01:58:58 Exiting due to fatal error

I run thm-troubleshoot but no luck

have tried re-downloading your openvpn config file or changing servers such as EU-regular-1 or 2?

are EU-VIP-1 and EU-VIP-2 vpn servers for subscribers only?

(or any "VIP" server for that matter)

yeh

ok thanks!

by the way, I was getting the same error as Miloz just now trying to connect to EU-VIP-2. Regenerated my config file and so on but didn't help. Switching to EU-VIP-1 and regenerating my file fixed it, just thought I'd share

do you guys install the metapackages when you make a fresh install for kali linux , or just go with the default and get tools as you need em ?

well, I install the tools as I need 'em so that I have more space for vm files and you don't use all the tools so it's a waste of my internet package too but it's your call if you want convenience regarding tools!

yeah I had done that 3 times , kali-install-everything package, but now I dont think its worth it , atleast when I em doing ctfs/rooms in THM

yeah most tools you need are installed by default and most others are less than 10MB(download size), soo it's not really worth that install everything package

Hello crew

Hello. Just ask your question and someone might be able to help you here.

started Day 22 task -- clipboard not working copying from THM page to the VM... any settings I should check why this isn't happening? anyone had this before?

https://media.discordapp.net/attachments/692456966802374687/921063860318924800/clipboard.gif

what u capture gifs with :3

was the first thing I went looking for...

@sand olive Found this once looking through the source code of a THM page.

restarted the attackbox a couple times to see if clipboard tool missed getting loaded

@amber stream interesting, why not. Trying to think of a different way... 🤔

Is this attack box or split view target

Because i see windows

its a weird one for sure, thought someone might've seen it and got a little hack to make it work 😄

attackbox - yea win machine

@amber stream i personally used xfreerdp to connect to all of them

The tasks provide rdp creds usually

me too and tried that, but login details on this one I can find (the 'i' tab says username=n/a, password=n/a)

little bit out of the ordinary

For day22

What you are looking at is when you want to SSH to a machine.

@amber stream

ah perfect, was down the bottom, that's a handy place to have it /s. thanks @sand olive appreciate it 🙏🏽

Gave +1 Rep to @sand olive

thanks for your help too @naive dust 🙏🏽

+rep @naive dust

Gave +1 Rep to @lone karma

Hello. I completed all the rooms in intro to web hacking module before jr pentester path was released, and maybe due to that I haven't received the badge for intro to web hacking. Pls help.
This is my thm profile: https://tryhackme.com/p/suds4131

So did you complete all the rooms in there: https://tryhackme.com/module/intro-to-web-hacking ?

yes

A screenshot of it ?

k

Mhh, well not sure if it's a bug. So you might be best with sending an email with these screenshots and asking about why you didn't received the badge.

oh ok. Thanks.

Gave +1 Rep to @crystal marlin

you can try resetting one room, and completing it again (save the flags somewhere to recomplete it quick)

It might trigger the badge

oh thanks, will try.

Ah, why I didn't think about that to try ^^ 5head Fluff

Thank you both it worked

@sand olive too smart for me, I would have bothered Jabba right away Glad that solved it

Guys i need some help

For some reason terminal just freezes when i login to tryhackme

It works for a little the freezes

Are you on your own machine or the attackbox ? And what room you are doing ?

My machine and i am trying to do linux

Linux fundamentals part 2

It happens to my pc and laptop

Are you using a VM on your local machine?

Yes i am using kali Linux

Is openvpn running directly in your VM or on your host machine?

I dont know

I just do sudo openvpn ...

Okay, so that means you are running openvpn inside your virtual kali machine and not on your windows machine (the one that is hosting your virtual machine) ?

If you do ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc. ?

Yes

Yes to what ?

refresh the page,on some browsers it shows even when you terminated

it happend to me

I am running the open vpn to my kali linux that is on VM not windows

I see ather tuns also

Then run sudo killall openvpn then connected to the vpn again, then run ip a s again to make sure there is only a tun0 interface.

Hey guys, how can I make a student subscription

Thank you very much for your time

Gave +1 Rep to @crystal marlin

!docs student

hello how can I change it
Sorry this token is already used by someone.?

You have to reach out to a mod to unlink your token from your discord account.

I don't have that accont

but I have accont in tryhackme websit

websuit

They can unlink it with your token that's on the thm website

ok

how

i have a token

Great, then reach out to one of the mods (just mods, not staff)

ok

thnaks

I

I was trying to pay for a subscription via visa, it kept on saying "your card issuer bank has declined this payment" for sometime and I tried later I got the same error but money was deducted from my account and yet I haven't got the premium status

Hello where i have to put that discord token ?? i am not able to find. can someone help!!

you should email to the support, you can send the invoice as attachment

you dm to the @sharp bison Bot, and type !verify <token>

@odd patio This was my ID i lost access to it.

Thank you sir.

Gave +1 Rep to @modest sonnet

if you have verified before, you need to tell mods to remove token from that account

OK, yes.

Hello... I am in the process of creating a room for a course.

I am trying to figure out if I can add a group to the room after the room has been created.

Or can you only add a group when you first create the room?

Can you please let me know?

Hey, hope you're all well. Would any one be able to assist me with some openvpn config file issues? (will give more details)

I think you will have more success in getting an answer if you point out the issue right away 🙂

hi

i just started to play with the wreath machine

and it suddenly stopped working

i ran a ping on ip and it gave me

PING 10.200.186.200 (10.200.186.200) 56(84) bytes of data.
From 10.50.183.1 icmp_seq=2 Destination Host Unreachable
From 10.50.183.1 icmp_seq=6 Destination Host Unreachable
From 10.50.183.1 icmp_seq=7 Destination Host Unreachable
From 10.50.183.1 icmp_seq=8 Destination Host Unreachable
From 10.50.183.1 icmp_seq=9 Destination Host Unreachable
From 10.50.183.1 icmp_seq=10 Destination Host Unreachable

any tips ? how to solve this issue

I'm not at home now, but basically i had run the command to connect to the vpn, the output said all was fine, as it does typically, but on the THM website it was marked as not connected, and i didn't have an attributed IP. So i refreshed and redownloaded the config file. But this time i got a Depreciation message, basically saying that the cipher in the config wasn't in the data-cipher area, and a few other recommendations. So i managed to edit the config file and get rid of that message, but then got a Warning message because compression was enabled, so i read abit about it online and managed to remove the argument enabling compression. And i am left with two errors (don't remember specifically the names, will send screen shots later), but basically saying that the part indicating the beginning of the key wasn't in the config file ( - - - - begin key - - - -). I kind of stopped the trouble shooting there because i don't know much about vpn config files, and im assuming the goal of these config files given by THM are that the end user doesn't need to modify them (correct me if im wrong). I did try running the THM troubleshooting tool, it says that open VPN isn't installed (even though it is), and when i try to install it via the tool, it tells me that i don't have the apt package (even thoufg i do because I'm using Parrot OS). I am using Openvpn version 2.5.1
Thanks in advance for any help, i get the feeling that the issue is coming from my Parrot OS, maybe something to do with a recent update? I will try from another Linux distribution later tonight

Gave +1 Rep to @crystal marlin

Okay, so your issue started because of the access page on THM said you are not connected ? As you can just ignore that because it's not too reliable. These warnings in openvpn about cipher and so on you can ignore too. As long as it says Initialization Sequence Completed you should be fine. Your vpn IP you can find by either entering ip a s in your terminal, it will be the IP of your tun0 interface. Verifying if you are connected successfully you can do by opening 10.10.10.10 in your machines browser or with curl 10.10.10.10/whoami (where you should get a reply with your THM IP)

True, i could've have tried to see if i had an IP assigned elsewhere, but the reason why i went straight to the trouble shooting is because i had a similar issue in the past, but the initialization sequence didn't complete and i got the same Depreciation message as the one mentionned above. I managed to get it solved by switching my config file from EU-vip1 to vip2, but right now i can't get the connection to work with any of the EU config files. So not too sure what i can try out to fix this

also just to add ...while generating new ovpn, if you leave 30 seconds to go, you get a reliable ovpn file. i saw couple of times, the <cert> portion was missing

Thanks for the reply, i will try that when i can

Gave +1 Rep to @hidden sluice

Ye, that missing cert part I saw a lot with the EU-VIP servers already, dunno what this is about. Maybe just try to regenerate and wait 2+ mins before trying to download it. Or just switch servers and regenerate and then download the new config for that server.

This seems to make the most sense, thanks guys for your help. I will give an update when I'm back home

Hey, I've send email to change my username account and it's been around 2 weeks with no response from thm. anything to do further?

Mh, you sure you sent it to the correct email address ?

I did send it to support@tryhackme.com‬

Well my bad not 2 weeks, 5 days.

It's just felt like 2 weeks xD

Well, 2 weeks would have seemed long to me, but 5 days while advent of cyber might not too long as they are probably pretty busy with a lot of emails. I would wait another 2 days and in case you still don't get a reply, send a follow up email to make sure they even received your mail.

Alrighty, thank u! 🙂

hello i cannot change my country it is showing the wrong country and i cannot change it from about you part in my profile

#site-support message

hi guys , i don't know why can't display web pages for tryhackme machines after i deploy them , my openvpn well configured i tried to restart but nothing changes , otherwise i can ping the machine and can some stuffs like curl or nmap ........ 😢 anyone can help please !

You sure the machine is even supposed to have a webpage ?

yes I'm sure

also when i put 10.10.10.10 in my browser it shows me the flag of verified , and not showing my vpn ip

What room are you doing ?

it's not a specific room , i tried a lot of rooms have webpage but it's not working for me

Then please go to one of the rooms where it's not working, start the target machine and then let me know which room it is.

@crystal marlin okay , I start OWASP Juice Shop room

it's keep loading with a full white page

Can I try to access that machine? And if yes, please let me have the IP

yes you can , 10.10.62.36

Are you using a VM like kali or so ? Or an installed operating system ?

I always use kali in a vm , but now I'm using just windows , and the problem is shown for both in vm and windows

I don't know about how to do that setting in windows. So might try it with your VM. Make sure you are not connected to the vpn on windows and your VM simultaneously, so only in your VM and then try sudo ip link set dev tun0 mtu 1200

wow it's works , thanks bro you saved my life , can i get explanation about that command ?

It's just reducing the max packet size. But you better off to google about mtu if you want to know about that 🙂

okay thanks 🙂

Gave +1 Rep to @crystal marlin

hey guys, got some issue with hashcat, says status exhausted , and I'm getting some error like :

ATTENTION! Pure (unoptimized) backend kernels selected.
Using pure kernels enables cracking longer passwords but for the price of drastically reduced performance.
If you want to switch to optimized backend kernels, append -O to your commandline.
See the above message to find out about the exact limits.

and right below it it says :

Watchdog: Hardware monitoring interface not found on your system.
Watchdog: Temperature abort trigger disabled.

my linux VM slows down to oblivion while preforming the task but it ends up unsuccesful

when hashcat runs, it's gonna use up a lot of cpu power because it's trying to crack the hash as fast as possible. You probably didn't dedicate a lot of cores and your actual cpu isn't that good so it took a while and was slow.

I think it was probably unsuccessful because you ran the wrong module, send me the hash and i'll try

So I've tried this, still not working. Here is the output

@crystal marlin , @hidden sluice

I've checked my config file. And the cert seems to be there, i can also send my config file if that helps

You still using the EU VIP servers?

I switched from 1 to 2, should i try the regular? Or a vip from another location?

Ye try a regular one, the EU VIP servers seem to be a bit finicky with generating the config file, it seems you have to catch them on a good day somehow ^^

Haha i see

That worked, thanks a lot :) . I would still be curious to know the issue with the vip config, if ever you get the info one day.
Is there a big difference in speed between the VIP and regular?

@abstract grove I got it , it seems the hash was just unsuccesful, rockyou didnt have it, so I saw a writeup and echo'ed the pass into rockyou, then ran it again and it worked, downloading the seclists right now...

Tbh, I didn't noticed a big difference. Ye, I'm also a bit curious, so if I get to know it I'll let you know 🙂

Good to know, I'll just stop using VIP, i thought since it was with the subscription it was much better. Thanks again and have a great day

Gave +1 Rep to @crystal marlin

Hiii at tech support I need your help at streak reset I've written two mails pls

I don't know if I answer a new question will affect it

How long ago have you sent the emails ?

Early this morning (midnight and some hours ago

Lmao please be patient

Well, then you can't expect to get an answer that fast. Especially because of the Advent of Cyber event + Christmas

Ow that's true
Guess I got impatient

Yesterday journey was rough and lack of sleep causes lack of patience and all

I'm very sorry if I came out strong

I guess it's fine, just give them a couple of days and I'm sure they'll reply to you, although be aware the streak reset is a courtesy, so you can't demand it anyways :=)

I know it's a privilege not a right

I'll never demand anything 😂

So can I continue with my day to day tasks 😂

I have a specific issue: when I start a machine, the "Expires" timer freezes when I'm not focused on the tab or the window, so I can't really ever know when the machine will truely expire, sometimes it does expire when 30 minutes are left or whatever

Is there a way for the Expires countdown to keep counting down even when the tab is not focused ?

Or should I just install an addon to disable the page visibility API ?

Also the popups saying the machine will expire soon / is expired are buggy and appear after a while even after I manually clicked on Terminate

Hi

I can't spawn the last machine in AoC3 because the previous one still hangs out

Even if I already terminated it

I rebooted my machine, cleared cache in browser

logged out from THM

still the machine from Day 23 hangs preventing me from spawning the one from Day 24

Could someone assist pls?

guys

i asked this yesterday

but I can't figure out what's wrong

I have verified my email to get student discount but still thm tries to charge full price from me.

Any help appreciated

Check syntax. /tmp/mount is where you want to mount the share. Also, you are missing share name and there's a space after share name.

Send mail to support@tryhackme.com .

from my student mail or daily one ?

Use whichever you are using for tryhackme.

what do you mean?

Hey quick question, me losing my streak won't affect my AoC events and all right ?

look at this and your code

you didn't include share instead of it you appended /tmp/mount

let's say you wanted to mount myshare

sudo mount -t nfs 10.10.66.236:/myshare /tmp/mount/ -nolock

oo

should be something like this

I thought I had to replace that word

thank you very much

by the way

how do you do that code thing

in discord

this

`

.hello

?

copy that 3 times to the start of the string, and the end of it

oh

'''test'''

string

it's not quotes

`

altgr + the button that you use to make comma

ohh

thanks a lot

´´´thank you´´´

what

direction of it is wrong 🤔

` just copy this

i have an italian keyboard

ohh

lemme see on google

As far as I know, it don't.

As far as I know, streaks only affect streak badges

test

nice

how does one get the "split screen" view for attack box?

there is a button for that at the top of the page

Question:How can I see the machines started without having to go to each one of them, this in order to turn them off?

guys

same issue

i cant get it to work

idk y

Okay thanks.

Gave +1 Rep to @urban wraith

try to understand the syntax?

how do u guys face inferior complexity or imposter syndrome . Like watching a 17 yo to crack devices and having cert like oscp and ceh makes a begineer like me to doubt myself

You gotta accept that there's always someone smarter or more skilled than you

yes i do accept that

but still idk i feel like lagging behind

Other than that, it's mostly just making peace with that fact. You won't know everything, and I won't either. Best we can do is to keep learning.

For me, that feeling of impostor is always there but then I find the solution to X or Y problem and I think 'hmm, maybe I'm not half bad'

And then it comes back until I solve something else haha

this channel is for THM related support.

although it's not really a #site-support question haha

nvm i was just curious

maybe move the convo to #general if you want

oh

i am in wrong channel mybad

neat part, you don't

Is there any way I can recover my streak? I was just a couple minutes late completing the task?

i dont know whats wrong

#site-support message

#site-support message

i wrote /home for that

but it didnt work

Thanks

Gave +1 Rep to @lament trout

did you try :home ? @forest yoke

instead of :/home

ohh

i entered the command

but i got no output

why :home tho

and not :/home

Hey! I’m having issues running xsrfprobe

I have it successfully installed but I’m having issues running it

mates

im trynna use my own ubuntu terminal

i have installed packages and everything

now someone explain me why it doesnt work

what happens when you ping 10.10.66.236

nothing

no response

and you are using your own machine, this means you are probably not connected to the THM VPN

i have to?

if you are not using the AttackBox provided by THM (which is already on the THM network) then you will need to use the THM VPN to access the THM network and thus be able to access your target

thanks

but

how do i?

https://tryhackme.com/access?o=vpn

what do i do with it

once downloaded

sudo openvpn /path/to/file

like i have it downloaded

oh

lemme try

you should use a VM though, it's always best to avoid using your main OS

now?

why

almost haha, you need to specify the ovpn file itself too

like ~/Downloads/username.ovpn

lemme try

Better protection mostly. And you can also use kali/blackarch/parrot and have most tools you'll need built-in.

yeah but

And it's also practical to have snapshots so your machine isn't filled with stuff from multiple challenges

i installed ubuntu just for that

to code/hack

and i have windows for school

You can keep using ubuntu, it's good to become more familiar with linux. You can use virtualbox or Qemu/KVM.
I'm not forcing you to get a VM haha, just a friendly advice.

idk mate

what do you use

a professional

it is blocked here

what do i do

you're connected

it means you're connected

oops

didnt mean to reply to that

haha

so i can close the terminal

no otherwise you're also gonna close the connexion haha

^^

do i need to do that every time i wanna connect

you could open a terminal in Workspace 2 and type the command there

yes

ok

thanks a lot mates

I use arch linux as a daily driver, but I use kali/blackarch in VMs for pentesting/OSINT etc

still

i get still these errors

dont see any errors in that image

appears like the mount was successful

wait

really

i thought that i had to have outputs

well in that case

success!

ya most programs do not give much output unless you specify a verbose flag of some kind

hello

guys

i have a problem ,i use my terminal to access tryhackme but my terminal freezes and i cant write anything,what can i do?

yesterday i tried to do sudo killall openvpn but it didnt solve my problem

guys

last challenge 3rd section networking 2

it keeps happening

you sure its on port 22?

some challenges have ssh on a different port

at least i think that the username is cappucino

i have no idea

link to the room?

it did it automatically

https://tryhackme.com/room/networkservices2

which task?

3rd

last task

the section name is enumerating nfs

maybe the time ran out on the box?

your command looks ok, 10.10.66.236 is the target and not your machine?

there is still 9 min left

but it doesn't let me add 1 hour

hrm, i have had boxes die on me when that said 15 minutes

ping the box? still got your NFS mounted, try and go to that dir and type ls

if it hangs, the box died

silence

absolute silence

i think youre right

yeah, when the timer gets down to around 20 minutes i add more time. dont want to take any chances ya know

well

i might end it myself

terminate the box (lol if you can) refresh the page, and start it again

THE ENTIRE PROCESS?

like

all the challenges

again

you know what

You already have the id_rsa no need to do all the challenges again

oh

thanks

lol

i was starting to get worried

ya, once the box is up should be able to just ssh in

thamks

as long as you copied that id_rsa from the NFS mount to your local machine 😛

if not you'll have to remount the NFS to get it

thank you so much

i have been hacking (or atleast trying to hack) for the entirety of christmas eve

imma go to bed

thank you so much @pulsar sparrow

Gave +1 Rep to @pulsar sparrow

you are such an amazing guy

and thanks to all other people

bye

guys please help me

i want to use tryhackme but my terminal freezes and i cant write

i tried vim terminal and the same happened

your terminal freezes when?

i connect to tryhackme and after some time i cant write anymore\

i dont think it freezes completely the cursor blinks but i cant move it or write

so, you open a terminal, do something like sudo openvpn /some/file and then you cant type anymore?

i open the first terminal and i do sudo openvpn i wait till it connects,after that i open a second terminal and i do ssh tryhackme@ip i wait a lot for it after it loads i type the password and i am in.after that i can type some commands like ls,i change window from terminal to browser to see the exercise and then back to terminal but i cant type

so you connect, and the connection appears to drop out after awhile? maybe try a different config?
https://docs.tryhackme.com/docs/openvpn/troubleshooting/openvpn-troubleshooting/

try going through that?

do you think i should download the newest .ovpn

i can use it only for one hour

i have premium

Have you solved your issue with the ssh part?

Who do I reach out to about a streak issue?

Im about to cry. Lol

Nvm emailing support now.

Hope you are all having a great night! I tried to DM TryHackMe BOT with a verify message, but it didn't get delivered. I don't want to spam it, heh. Am I in the right place?

Check you privacy settings in discord and allow direct messages from server members

Oh, thank you, I'll check now. Edit: That was exactly it. Thank you so much, @crystal marlin !

Gave +1 Rep to @crystal marlin

Network services 2 this link is dead https://packages.ubuntu.com/xenial/nfs-common

are you trying to install nfs?

Hello. Is there a way to get a refund? I paid for premium, but, it's not very easy to use the website on the phone. So maybe I'll get back to premium, when gonna get a laptop.
I paid few hours ago, so I don't think I used any of the premium content yet.

heyyy
if i replace my hdd with ssd do i have to reinstall the os on that ssd again and if yes so how will i do it ????

can anyone help ????

okkk

thanks

i am using windows now

Hi, What is the different between the tryhackme attackbox and the tryhackme kali linux, both on browser?

Ah cheers :D

hey i have a problem with a buffer overflow

i need to invoke the special function

so after

14 A's

i put the adress of the function

i know it's little endian

so i did something like this aaaaaaaaaaaaaax67\x05\x40\x00\x00\x00

but it didnt work

i get segmentation fault all the time

someone pls help?

no i havent,i dont know what to do

You have the target machine started so we can try ?

what is the target machine?

is the machine that gives me the ip? and then i do ssh tryhackme@ip ?

Yes, you are doing linux fundamentals 2 room, right?

10.10.54.190

Mh, that's not an answer to my question 🙂

yes i have started it,sorry for not understanding

Not a problem, but it's the linux fundamentals 2 room, right ? Or which room is it ?

linux fundamentals 3

i had problem on linux fundamentals 2 too

Okay. And you are trying to connected to that machine from your local machine, or from the attackbox ?

this is my problem

Let's make it easier as I think you don't understand me correctly. On your machine, enter ip a s and send me a screenshot of that via direct message pls.

Enter 10.10.10.10 in your machines browser pls and let me know if you can succesfully open that site right now ? @round garden

i can

it says you are connected to tryhackme

Then enter sudo ip link set dev tun0 mtu 1200 and try to ssh into the target machine after that

but how am i connected,i am not running the openvpn

Mh? Do you have openvpn running on your windows machine as well and not only inside your kali VM?

oh i have no idea,i havent done anything from windows

Okay, so if you haven't set up openvpn on your windows machine and connected to the thm vpn then you most likely don't ^^

So just enter sudo ip link set dev tun0 mtu 1200 in your kali machine and then try to ssh into the target machine and let me know if it's working now

i did it and it wants me to enter password

i dont know what password to use

Ye of course it want's you to, as there is a password ^^

i use my kalis password but it doesnt work

The ssh credentials are in the room, check the credentials to use.

i have paid for a month then won a 6 month voucher, how do i enter that code please?

Cancel your current subscription and wait until it expires, then you can use the voucher.

And gz to the win 😄

current runs out 13 jan i think, so i cancel now, keep access till 13th and put code in then?

Right

thanks i wasnt happy to cancel incase i lost access now/ immediate

Ye, you will not lose access as you paid until the expire date 🙂

great, thank you very much! have a good christmas - new year, im off to bed now boxing day allready here. 😴

how you won the voucher?

Raffle on tea with a hacker, cyber insecurity on you tube

i cant post here screenshot

You have to verify first in order to send screenshots in here

!docs verify

You are not specifying a username for your ssh command. It's ssh tryhackme@10.10.135.24

ok i just connected,but this is what i do everytime and it keeps freezing

Do you still have the mtu set to 1200 or you killed openvpn and restarted it ?

oh i forgot we did sudo ip link set dev tun0 mtu 1200

should i do sudo ip link set dev tun0 mtu 1200 before the openvpn?

No, after openvpn

do i have to do this every time

Yes, in case you always face these connection issues. You can edit your .ovpn file so it will get set to mtu 1200 automatically when you run it

same problem again,oh my god i am tired of this shit

i will try to run ubuntu app from windows store

it keeps losing connection

how to install vpn config?

ok

thx

its works noice

Hi I recently downloaded new open vpn config file but it showed inline certificate error.

 !  ~  ➜ sudo openvpn ~/Downloads/darkRaspberry.ovpn
2021-12-25 19:38:28 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-12-25 19:38:28 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 17 2021
2021-12-25 19:38:28 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
2021-12-25 19:38:28 OpenSSL: error:0909006C:PEM routines:get_name:no start line
2021-12-25 19:38:28 OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
2021-12-25 19:38:28 Cannot load inline certificate file
2021-12-25 19:38:28 Exiting due to fatal error

which clearly says there is no inline certificate on further inspection I see the config file is doesn't include the certificate but empty tags

....
Bs8w+l1NKrn0Yp7JnMVND2kI/d8UxQ==
-----END CERTIFICATE-----
</ca>
<cert>         <---- There must be a certificate
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgw4..
....

Pls any bigger(authorized) people fix it. It only happen in server IN-Regular.

Try regenerating your config file and always wait 2 mins before trying to download after that. If that doesn't help, switch to another vpn server and repeat the regeneration and waiting 2 min.

anyone who is using IN-server can send me that certificate I can copy paste And it should work

I waited alot. It only happen in IN-server. EU is working fine

Hi! I accidentally put a dot at the end of my username. I have been meaning to contact tech-support way before but I couldn't get chance. Can someone please help?

#site-support message

Thanks, I also found it from the pinned messages after I posted my question. I am emailing support in the suggested format now.

Hey everyone I have a real quick question. I'm trying to execute a command on a windows machine through meterpreter, and while that's working. How do I save the output of that command locally?

Question: how can i verify me again if change my discord account?

There is no option to change or re-verify you need to contact mods

basic copy paste

hi mods, i want to remove my discord token to associate to another account

a few mods can fix but today is a short staffed day so you might want to ask again tomorrow or wait

hey
my token is not acceptable it says already used in another account but I scheduled that account delete

I need the role
can anyone help?

wait till a mod can fix that. Only mod can fix any token issue

@spare flare can I dm you?

ok

Hi, i would like to rquest for a streak restore

hello?

Hey again. There still seems to be a bug/glitch with the Nmap room for me, and I haven't been successful fixing it with any of the normal troubleshooting methods. Is there a specific way to contact the mods about issues like this?

#site-support message

you can try showing what you're doing and maybe someone can point out something obvious in it.

Alright, I'll share another screenshot.

I could have sworn that it gave me an actual IP before, but when I came back to the room later it only says "( MACHINE_IP )"

I tried stopping and restarting the machine, no dice.

I tried resetting my progress and leaving the room and rejoining. Still nothing.

@crystal coral did you start the machine linked to the task number 1?

also, please tag if you reply to me ^^

@lament trout I did. Am I supposed to be nmapping my "own" machine? I thought I had connected to a different one remotely...

@crystal coral so when you click on start machine button in task 1, does it give you an IP?

It does.

you gotta use that IP. run nmap on that IP.

once you have started the machine, you should see the IP here as well.

Alright. I think I misunderstood what the IP represented. I assumed that was the IP for my virtual host machine.

Thanks!

Gave +1 Rep to @lament trout

Anyone using OpenVPN server IN-Regular-1 please I need to copy ur certificate as creating new is not working.

Currently the bot commands don't seem to work for me. I try to check my rank and it says it cannot find an account associated with me.

I currently doing Buffer Overflow Prep
There seems to be a problem when I have found my JMP ESP point

I have updated the exploit to use my ESP address in little endian format in the retn variable, but when i run the exploit it does not land on my EIP address. I did a little test and replace retn variable with "BBBB" and when I run the exploit script the "BBBB" are seen n the EIP address.

I can't seem paste screen shot in discord

Can support please advise

Hello
I hope everyone is doing great and healthy
I'cant retrieve my Advent of Cyber 3 Certificate
it says fetching certificate and then it does nothing

check if your browser is blocking the popup

Why can't I paste images here???

hey just started a path but cant reach the ip website

i did a ping to the ip and got a response (running openvpn) did also a gobuster and nmap of it

guys

i dont know this question

like

where is the bash executable?

in the victims computer there is only this

Hi, is it just me or is the server 10.10.169.100 (AOC2019 DAY 9) unresponsive? The server is up but it does not respond on port 3000.

yesterday someone told me

that if your machine has about 10min left

it hangs

idk

im a noob

but so i was told

well i was trying to get to a port 3333 website but couldnt connect

had the same issue in a htb box but others work fine

i can acces the ip trough nmap and gobuster but not from browser

@unreal tiger ya me too, nmap say service on port 3000 is "ppp" and it is filtered.

maybe some1 need to reboot that machine

yeah prob cos i could acces other websites on other boxes on thm and htb with the same vm

@unreal tiger its been like this for over a month but I guess not a lot of people do AOC2019 atm

https://discordapp.com/channels/521382216299839518/522158539129618453/924387525798281216

Hi!, I have an issue with my username. So I sent an email requesting to change it. Now, in day 25 of AOC3, there is a form which asks for username. My username change request is not accepted yet. And I don't want to give my current username in that form. Because I think this username is confusing. I have a dot (.) at the end of my username. Someone else has the same username without the dot. I am not sure what to do now.

If I give my current username in the form and my username is changed later(during this AOC3 event), will the change of my username make me non-eligible for the prizes?

Ah okay thanks

Gave +1 Rep to @lament trout

yo guys

could you help me

with this

no rudeness meant

that would be in #room-help and with a description of what room and task it is in

there are no writeups

it says to download the bash

but idk from where

You can ask your particular questions related to rooms in #room-help channel by giving the information such as room name, which task,etc

When subscribing as a student will I get 20% on the annual subscription as well?

hey I have an issue using OpenVPN

when I go to download my .conf file, it says Error 404

i had an streak over +250 points then i lost it....i started answering question and get a new streak, now i want to try to restore the old one but now i cant beacuse i had 7 streak point? i mean it's this rigth?

did you try another server?

nope not yet

try it?

i tried another regeneration too

sure

it works fine

why

idk

but thanks @lament trout

Gave +1 Rep to @lament trout

i'm a big noob, but i completed the aoc3 and the survey but i did not get the flag for it .. what did i do wrong ?

The flag was in the one before the last page of that survey.

okey will check that out thnx

Look out for something like THM{whatever.....}

i must have mist it i guess

got it now 🙂

thnx @naive dust

In my profile I can't change my country of residence to US where I actually live. It always goes back to Afghanistan, why? Help please

Try this first:
https://tryhackme.com/api/user/update-timezone

That worked

Thanks

@magic copper Glad.

Good Morning/Afternoon/Evening and Merry Christmas!! I am having issues with my local Kali VM connecting to THM via OpenVPN. The OpenVPN is working, I check the THM page and it shows me connected. When I ping the module Machine (Solar, exploiting log4j) it works, but when I attempt to run Nmap I get the message on the screenshot. I am sure I am missing something, and I would appreciate any feedback. Thank you!

I am not familiar with that room, but you tried adding -Pn?

@naive dust trying it now.

@naive dust it looks like that works. So anytime I want to scan from my local VM I will need to use them? I do NOT remember having to do that for previous rooms. Thank you!!

Gave +1 Rep to @lone karma

Not any time. Usually, if the target is a Windows machine.

Ahh, awesome...thanks!!

I am having issues with my local Kali VM connecting to THM via OpenVPN

No just reading about it for learning how it works

ip -br -c a what's your output?

No conflicting tunnels, Hmm. Wonder why I see tun1 instead of tun0 in the log output.

Try sudo openvpn. Just based on the permission issue on interface setup.

same with sudo permission also

Might be on the server side then.
Switch your target server and download a new config file. Yes against that

Hi, Does anyone tried to install Debian or Ubuntu on a new model of Dell - XPS 15 9510? I wanna know all hardware is supported on Linux because Dell doesn't provide any driver for Linux on this model.

Show the openvpn output when you run it with sudo

Which GPU?

Linux include most of hardware driver. You don't ever need to install anything it will automatically done. Except for propitiatory drivers .

Hi, I am a newbie and never used discord before. I hope to get some help with the Linux fundamentals room (Part 3, Task 4) where one should serve files via python3 webserver.

The command is python3 -m http.server

when I enter this in the terminal of the attack box it shows ( as supposed):

Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...
but it never establishes a connection.
It seems to time out. I never get a new command line that works.
Known issue?

how to cancel such a command then?

Ctrl + C or Ctrl + Z usually works for me

First of all, you have to run that command while you got a shell on the target machine, so after you ssh into it. Secondly, it's not timing out, it's running in that terminal, so there is no new line, so you need a second terminal (a terminal on your attackbox, so don't ssh into the target machine with that 2nd terminal as you want to download the file to your attackbox) to use wget.

Ctrl + c will shut down the python server again

thanks for the hint. Willl try. Merry christmas to all of you!

In case you still stuck, come back here 🙂

Hey,how do i find the buffer address?

This very kind of you and it seems to be necessary since I now established the shell. (Thank you very much for the hint) but still won´t get a new command line after python3 -m http.server
there should be one, right?

No, as I said, there should be none because the python server is running in that terminal now.

You will have to open another terminal on your attackbox

And use wget in that new terminal

Because if you press ctrl + c you will get back the command line, but you will also shut down the python server again.

works like a charm. Thank you so much I was so lost, it seems I have lost the ability to even read carefully what you wrote. TY very much!

Gave +1 Rep to @crystal marlin

Not a problem 🙂 You are welcome

Hey.

when i run any nmap scan in my kali i get: the host seems down no matter what i do. But when i run the scan through the try hack me attack box it works

Connected to VPN?

yep

is there a way i can confirm im connected?

Visit 10.10.10.10

You should be able to see your tun0 IP at the bottom @dawn olive

cant visit 10.10.10.10

the ip i my kali task bar matches the ip on try hack me

@dawn olive If you can not visit 10.10.10.10 then you are not connected

Did you run sudo openvpn <your_downloaded_file> from the terminal?

yep

What's the last line from that terminal saying?

does resetting the vm kill the vpn?

Define resetting. Like shutting down Kali? Yes.

last line says initialization sequence successful

@dawn olive And that's a terminal within Kali, right? Now, open a different terminal window and ping 10.10.10.10

im just resetting it again one sec

No prob. The best would be you would verify and be able to upload screenshots :)

!docs verify

so i just reset everything (for the second time) and it works

thanks for your help

Hi,
quick note - when trying to access the https://tryhackme.com/room/vulnversity room, it is loading indefinitely. Trying to access other rooms seems to prompt no issues. The only possible issue seems to be with page trying to load zencdn.net/7.6.0/video.js, domain of which is in some of PiHole blacklists. What is interesting is that if I don't need walkthrough and the video, the whole page fails to load, which is probably not a desired behavior, i.e. when video hosting is blocked I would expect for a video player to fail to load, not have a whole page to be in a loading state indefinitely.

Hi I can access it normally. And it works fine. Further After blocking zencdn.net on this webpage still i can't replicate the issue. It might be some cache issue, or temporary issue related to specific you.

can you retry it on incognito tabs?

After blocking the domain again and using incognito the behavior is the same. 🤷

hi guys, how can i solve extending the machine expiring time problem? ( machines always expire, No matter how often I click the buttons. it said 1 hour after I clicked button and then it expired 1 min later )

Target boxes?

Hi guys, does someone know why ssh2john is not on the attackbox and how to install it? It appears to be no longer included in jumbo john

It...is?

Where can i find it then? I checked /usr/share/john/ssh2john.py (not even /usr/share/john is where is supposed to be) /opt/ssh2john.py

With find i couldnt find it, but i'm not sure if i used the right syntax

does using the command ssh2john directly not work?

Nope it says "command not found"

oh

Hi guys, anyone know if its it possible to regenerate a certificate for a room or learning paths after I added my name so its in my name and not in my username?

I only have download option for the certificate

Found it, its in /opt/john/ssh2john.py

You can not regenerate it with your full name after you already generated it once. #site-support message

Hello, i am having trouble getting my Certificate for advent of cyber 2021. I didn’t receive it and it seem like I can’t even retrieve it.

Okay, thanks for info!

Gave +1 Rep to @crystal marlin

.

Reach out to a mod to get your token unlinked.

Maybe to omega

Is there a way to download the openvpn config file? When I try to download it from the access tab i get a 404 error. Thanks for any help

Try another server. IN-Regular-1 is not creating correct config

#site-support message this might help

Regenerate, wait ten minutes and try download again. If it doesn't work, try another server.

thanks a lot it worked :)

Hey. Could i ask for the subscriptions? I wanna know what are the currency taxes.

Anyone know why my Openvpn does not showcase my tun0 ip
ip addr show tun0 says it doesnt exist at all but my vpn is running and all
I am kind of dependent on THM's kali machine but would like to do it without that online kali machine

!docs verify

Please follow these steps so that you can send screenshots

OpenVPN is running, I can access machines and am connected to THM

output of ip addr show ????

i.e without the tun0 at the end of the command

Are you using a VM? Is the VPN running on the guest or host if so?

No VM.

OpenVPN command line, or a GUI app eg part of the OS?

I use an installed GUI app yes

So idk what my localport id should be when receiving a reverse shell

I practically tried all of those in ip addr show

Highly recommend against using those, personally.

you mean LHOST? Port is unrelated

yep lhost mb

I'll try the command line alternative for now

So once executing sudo openvpn etc

Do you need to keep that window open?

So now, Im connected to THM, it does show a tun0 (my machine ip) but when I go to a machine's ip in my browser. The page is stuck loading

Anyone who can please help me this?

So you are using the CLI now or still the GUI ?

Hey, I just completed the CC: Steganography room

But why did I got only 176 score?

While others have 660

CLI

https://docs.tryhackme.com/docs/rooms/how-points-work/

Are you on linux ?

Yep

If you enter ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc ?

Isn't this the all time score?

Only see tun0 interface

What room are you doing ?

I had just finished Pickle Rick

Now that I use CLI, the site doesnt load

Well I'm not sure about the monthly and all time leaderboard part, but that's not the important one, the important one is that you get more points when you are first to answer a question.

So the site for pickle rick doesn't load ?

Correct

Are you using a VM ?

No vm

Try sudo ip link set dev tun0 mtu 1200 and then check again if the site will load

Unfortunately still doesnt work

Can I try to open the page for your target machine? If yes, let me have the IP pls

10.10.13.36

Meanwhile, try if you can open 10.10.10.10

Still loading

Did you close the terminal where openvpn is running ?

Nah it's still running

And you sure you disconnected the GUI ?

ip a on another terminal shows me tun0

yup switched GUI off

Mh, well I would try to restart your machine and then connect to the vpn via cli again and try again if the site doesn't load

Okay I'll try that

Thanks tho

Frustrating stuff lol, still doesnt work

Have you done the mtu setting again ?

mtu?

sudo ip link set dev tun0 mtu 1200

Yeah

Could you show a screen of your openvpn output

Check ip a s again and let me know if there is ONLY tun0 and not any extra like tun1, tun2 etc

target machine is now: 10.10.219.117 if it matters

okay I see tun0, tun1 and tun2 now

Then do sudo killall openvpn then connect to the vpn again

Wait 1 or 2 mins and then check ip a s again

Okay

ip a s shows now: tunl0 but no tun1 and tun2

targ machine still loading as well

So still not working and the mtu is set to 1200 in the ip a s output ?

Yeah still not working

Using GUI again but still dependent on THM'S kali

But I appreciate the help and effort 👍

Mh, that's strange, maybe try updating openvpn.

Ok well upgrading was the solution lol

Legend, tysm!

I lost my streak because the "7 day freeze streak" never kicked in. My 1 day freeze streak covered the last time I had to take a night off, but the 7 day was never used. Is their an admin that would be able to assist me? Would love the opportunity to re-establish my streak.

anyone here?

Having an issue with the Rootme room

Maybe not anyone that can help.
I'm having troubles tonight :('

What's the issue?

I can't seem to get netcat to hear my shell..keep getting the same error

WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)

its listening on the correct port, and the php5 file has the correct ip and port...sooooo????

do I need to rename it to a phtml file??

the php5 got me through the bypass

Can't say I'm familiar with the specific room, but I remember doing one where there was a php exploit, and only phtml would upload and run via the vector presented.

ok...thanks, I will rename and give it a go

ugh...fail

😢

I just realzied I never iverified.... which is why I can never post reactions.... lol I just tried and but didn't get a response or change in roles. Not sure if there is something else I should do.

Scratch that... I proved that once again I failed to look at the details.... lol

You found the bot I see 😄

The i and ! are very different things.....

😄

im trying to ssh to one of the thm machine using kali vm

it keeps stating connection timed out for every attempt

not sure what Im doing incorrrctly

What's the room name

linux fundamentals part3

Can you share the link

https://tryhackme.com/room/linuxfundamentalspart3

Can you share screenshot of the terminal you using to ssh

ok

Lmao

it works now

wow

Attackbox or vm?

vm

Either you haven't wait long enough for the machine to boot up, or the connection is the issue

ya

i think you're right

thanks for the help

Glhf

Hi I'd like add my tryhackme dynamic stats on my github readme profile so I go to my tryhackme profile and click on the get profile badge ID, which gives me this script <script src="https://tryhackme.com/badge/798558"></script>

But when I put it to the readme.md, it just shows that line but not the actual dynamic stats. Can I have some ideas how to show it on my github profile? Thanks

Just to make sure I'm understanding, you're trying to add the badge to a repository readme.md?

Yes indeed. I'd like to display that dynamic tryhackme badge to show my progress on my github readme profile

Tryhackme has an option for static image of that badge but it doésnt show the icon correctly so

ok, as far as I'm aware, HTML code doesn't work in readme.md files.

you'd have to try something like this:

Yeah, true, I am looking for a way to somehow display it but I cant find any

Gave +1 Rep to @polar trellis

Thanks, I tried that but it didnt work :(

hmmm

I'll try it as well, one second

Cheers, much appreciated

ok so the animated badge (that I assume auto updates your statistics), I can't get that to show either.

however the static badge seems to work

but the static badge has out of date information for me

I get this sometimes in the VPN terminal when I run rustscan with --ulimit 5000

2021-12-27 01:45:13 Authenticate/Decrypt packet error: packet HMAC authentication failed
2021-12-27 01:45:14 Authenticate/Decrypt packet error: packet HMAC authentication failed```
Doesn't happen with nmap. What could be causing this?
Also, the vpn seems to be working just fine, machines work normally.

Can you take a screenshot of your static badge, my icon on my static badge didnt appear tho

and somehow I can put a screenshot to this channel too

sure, one second ill try

Cheers:)

you gotta verify to send screenshots here

ah thanks

so the profile badge id page has 2 links, one for the animated badge and one for the static badge

Hmm, I dont know maybe something is wrong with the server side on TryHackMe

it put that to my readme and it stills doesnt show

so what you want to do is:

yeah seems the static image is not regenerating properly my end either

yeah true

maybe something's wrong server-sided :)

But thanks a lot for your time :D

no problem, you're more than welcome

hello can any mod help my for this
{Sorry this token is already used by someone.} I have a token

@torn citrus @gaunt thorn

Hello support team. I have a question. I had only my first name on the platform and the certificate used that. Now I changed it but the certificate stills get generated with my old data. Is there a way to fix that?

Hello, I have question. I wanted to go with the tutorial (Walking an application). I am supposed to see a website in the browser, but all I see is "Welcome to Nginx"

what token?

and please don't ping the first mods you see

I talked to @placid mango and he said to me talk to moderator

DarkW is a moderator....

maybe he can't solve my problem

hmm

@barren birch

@shrewd spear I cannot do token checkup verification. Hence, I said to ask Senior/Lead mod when you see them in chat.

Hey DarkW. Can you help with my problem/question maybe?

I can try. What is it?

I completed the AoC3 event but I had only my first name on the platform and the certificate used that. Now I changed it but the certificate stills get generated with my old data. Is there a way to fix that?

Can I force somehow to get the new data? Maybe you can delete the "old" certificate?

Hey!

You need to put your Full Name into the Full Name section on your profile (https://tryhackme.com/profile).

If you did not put your first name into your profile before generating your certificate, your username will appear.

Currently, this is not changeable, sorry.

Hi, I just paid $10 for a month of premium and I got a message saying I failed a capcha(never saw one) but my card was still charged

what should I do?

Hi, by the way, good to meet everyone. I'm Andrew

Is anyone available?

Hey, can somebody help me with certificate?
I write only my firs name in field and after first certificate I recognize it, but after changing it I still have only my first name at certificate

Once you generated your cert you can't change it anymore. #site-support message

Ok, Thank you!

Gave +1 Rep to @crystal marlin

So, reset my tryhackme password as it wasn't working, new one isn't either, no idea whats happening

— fixed, don’t know what was the cause

Please, i upgraded my Kali Linux to the latest version 2021, and now it is not detecting my wifi adapter... Please help #site-support

This works maybe @fresh solar

I had the same problem on Ubuntu but not sure if it will solve your problem

I cant seem to claim the student discount

Hey, is it possible to to change my username on tryhackme ?

Yes. #site-support message

Thank you