#site-support

you have to brute force it

is there a specific part of the site where you see/downloads all the certificates youve gotten? since the beginner path is dissapearing soon

beginner badges will disappear ?

not the badge, but the cert you get for completing the path

ah

why ?

im just a collector, so it would be nice to have like...a seperate tab in the "badges" section so you can view and dl all your previous certificates

i looked around and didnt see anything, but i figured id ask

there are seperate badges for completing some rooms, but no path badge

carot

if you are using nano, ^ x means ctrl+x

If there is a mod available tonight, just bumping this so I don't retype it

Hey everyone, trying to use THM through my kali linux VM i just set up with virtual box. To do so, do I have to log in to THM through the VM and establish the VPN?

I am following the instructions of downloading local configuration pack, then sudo apt install openvpn

i than see the file that I downloaded and type sudo openvpn /path/to/nameofthefile.ovpn

Perhaps you can provide a screenshot after running the above command.

"error opening configuration file

In [CMD-LINE]:1

what if you run openvpn <filename.ovpn> in the directory it's in?

zsh: parse error near \n

Weird. Maybe it didnt install correctly. Either way, openvpn has a Linux client you can snag. Might be worth a shot

looking into that now, quite frustrating so far!

i get : zsh:parse error near \n

zsh:parse error near \n

yes

Not to my knowledge. Literally just got a refurbished desktop to learn and download Kali Linux

trying to access THM for the first time through my VM of kali

i get: /usr/local/sbin multiple times and local/games:/usr/games at the end

i did and got: bash:syntax error near unexpected token 'newline'

yes

i just tried it again, asked for my password

and got this error:

Options error: in [CMD-LINE]:1: Error opening configuration file: myfile.ovpn

its not, it is my THM username

i see configure file downloaded, and have been putting the downloaded name

same error

i ran sudo openvpn mshe170.ovpn

got asked for my password

and got an error

ok i changed my directory to downloads

and typed in sudo openvpn mshe170.ovpn

It looks like something was loading but it stopped

just spinning, not connecting to 10.10.10.10

with the same file?

same result

the end output is:

Verify OK: depth=0, CN=server

us-east

i am in northeast usa

doing it now

asks for PW and gets caught in the same spot

Doesn't kali have network manager and can import an ovpn file?

hold on

I think we may have hit paydirt

I downloaded multiple configuration files and just did the most recent

last line is Initilization Sequence Compelted

yes

Thank you, thank you so much

Yea, latest kali uses xfce and it has the network manager icon in the taskbar

Moving forward how would i reestablish the VPN the quickest way

same process?

Got it

Awesome, thank you again.

For ease of future use @mystic burrow, you can use this in Kali. Then can reconnect from that same menu in the future

whats this i cant download ovpn

I'm not seeing the IP I need to attack in the burp suite lesson. I've tried restarting the VM, I've tried killing the session and signing back in, I've tried signing in on a new computer, I never get the IP. I am going through the class watching youtube videos, and I don't like it. What do I need to do to get the target IP so I can actually learn burp suite?

cant access throwback machine although vpn is connected

anybody can help

time is being wasted , only one day is left

no, even subscribers can't access throwback, it's a separate paid network

@celest wadi if you have it , please check it

if you can ping machines

no, I haven't purchased throwback, plz ask in #743859653343182930

i wanted to know, when i will complete my course and get a certificate. will i be able to customise the certificate (name), because my THM username is ... well not my real name, and i haven't put my full name there

i am planning to put that certificate on my resume or many other places

#site-support message

also, thm certificates are "certificates of completion" so it's not a good idea to put them in your resume, you could list them in skills or extra sections tho :)

thanks for your suggestion.

Gave +1 Rep to @celest wadi

and i also wanted to know, if i use a vpn to use THM site, that will have no impact on the certificate or anything else right? hopefully the certificate doesn't mention the country. (its a pretty dumb question, but i would still like an answer)

certificates do not mention your country

and is my Full Name a part of my public profile or its just the username?

full name is private, username is public

;okay, thanks for answering all of my questions 🙂

Good morning everyhone

~/Dropbox/Documents/TRYHACKME/vpn 20s ❯ sudo ../Throwback_AD/thm_vpn_ts_script.sh


         _____           _   _            _    __  __
        |_   _| __ _   _| | | | __ _  ___| | _|  \/  | ___
          | || '__| | | | |_| |/ _` |/ __| |/ / |\/| |/ _ \
          | || |  | |_| |  _  | (_| | (__|   <| |  | |  __/
          |_||_|   \__, |_| |_|\__,_|\___|_|\_\_|  |_|\___|
                   |___/

                                                @barren birch


[+] Stable internet connection
[+] OpenVPN is installed
[-] tun0 interface does not exist
Would you like the script to attempt a connection automatically (Y/n)? y
[+] Connecting....
[+] Connection Process completed successfully!
[+] tun0 IP is in the correct range
[+] Only one instance of OpenVPN is running
[+] Confirming connectivity
[-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum

Hello, could you help me?
I am also creating my room but when I upload my virtual machine, it does not finish converting and says it could not be processed to review the requirements, my machine weighs 2GB has 1GB of Ram and memory 12GB, is an Ubuntu the latest version, maybe you know what is happening?
Thanks.

Could you send a screenshot of your OpenVPN output log, please?

Are you uploading a server or desktop?

Desktop

this ip is reachable to public

You can only upload servers, desktops take up too much resources:)

#site-support message try this

@bronze vale OK, thank you very much, I will try again

Gave +1 Rep to @bronze vale

Hey SC, I have a simple fix when this happens. Start another openvpn connection with "sudo openvpn /path/to/file.ovpn" then run the troubleshooter again. It will notice you have two instances of openvpn and ask you to fix the issue choose "y" and it will kill both instances and fix your problem at the same time.

I have a VM in an ova file that I downloaded and need to scan for a CTF I'm working on. How do I connect two VMs in VMware? I've been trying to figure it out for two days and can't get the vm to ping to anything or to anything in my virtual network.

Hello, I am in the OWASP Juice Shop room and I am having issues getting the flags displayed. Even though I complete the task successfully, the flag does not display. Tried disabling Burp proxy in browser and refreshing , rebooting the attackbox and performing the task again, but it just doesn't display (I am now talking about task 4, but I had problems also with previous ones).

Oh.. wait. I solved the problem terminating the OWASP-Juice-Shop machine and starting a new one

sorry for bothering.

I may be crazy, but I've been fighting with the profile details section on the thm dashboard- it refuses to let me select US as my location based on phone number- it lets me set it, then save it, then I go to my public profile, and it's back to Afghanistan

I tried clearing my cache, and such- just incase it was that, but it seems like it is just broken

https://tryhackme.com/api/user/update-timezone this should update it but check if you're using a vpn and that your public ip shows your country

The only VPN I am connected to is for work, and that's hosted in the same city as me- but I'll try turning it off to see if that updates it

https://www.whatismyip.com/ you can confirm with this :)

looks sus tho

Yeah I didn't think it could be it since it isn't changing my public IP

It did update it though with the api link- so thank you!!

Hello together,
I would like to know if it's allowed to f.e. document your tryhackme progress on a personal blog and therfore share also some pictures of the solutions?

most people make blogs about their progress through rooms but I don't think its a good idea to post solutions/flags to rooms

Not sure if this belongs here or "room-help". Working on Cross-site Scripting Room "Understand how cross-site scripting occurs and how to exploit it.", but I am unable to get to the "XSS Playground" page. I have deployed the machine, and I do NOT have my OpenVPN connected as the instructions states it is not needed. The first time I tried it connected, but then it stopped, and I haven't been able to connect since. Any assistance will be greatly appreciated, thank you!

Update: I tried to ping the machine address and nothing, so I turned OpenVPN on and re-pinged and I was able to reach it. So I then tried to re-connect to the machine IP and it worked. I believe this may need to be updated as it appears OpenVPN is needed...or maybe there is some setup within my VM/FireFox I am unaware about. I will repost this in "room-help".

I have a problem in linux fundamentals 3 , can't cat access log

Are points frozen? I finished many questions but it didn't increase

Which room?

Sorry I mean this points, I finished OWASP Juice Shop room and it didn't increase

Maybe you answered question that didn't require an actual answer. Or you reset the room ?

Actually I came back to THM after several months, and start with this room and finished it, but the points are still the same as before.

As I said, maybe you have done that room previously already and just reset the progress ?

Nope, first time

Okay, well then I don't know why it's not giving you points

@naive dust all log files belong to root

Maybe it is due to the complete beginner path has been removed and therefore these rooms are not giving no points anymore, but that's just an assumption

But they all have different permissions

So points only for rooms that within a path?

No

@crystal marlin my bad, thanks. I got the answer.

Gave +1 Rep to @crystal marlin

Just rooms that was in an expired path are not giving any points?

:((

As I said, that's just a guess, I could be totally wrong, so don't take that as right. I would simply try to answer questions in a different room and check again if your points increase

If you haven't done that room, you could try if that one is giving you points, as it has easy questions to quickly check if it's increasing your points there or not: https://tryhackme.com/room/ccpentesting

Yup, it gives me points

Sadly :((

Can't they make them give points again? 🥺

As I said, it's not for sure about the point with rooms that are in the complete beginner path, so don't take that as right. I would just keep on going and if you notice this happen again, ask in here.

Ok :((

How to redeem vouchers?

Just enter them ?

Where?

Found it! Thanks!

Hey how does the annual subscription of try hack me work ?

Is it like you pay 8 dollars a month or you have to pay 90 dollars total at once ?

can anyone help me out with RLwrap

#room-help

You can pay monthly or annually, its worth the money

what is your problem?

Is there any way to leave or rename a workspace on THM? I created one to test it out, but used random characters for the name.

Either buddy, are you a student?

Yp

I am trying to do the CC:Pen Testing course but when entering the IP address i keep getting the Apache2 Ubuntu Default Page is this course down right now?

URL?

for the course of the IP?

I'm sure that's intended. Quite a few boxes utilize the default Apache page

Nah, the room on THM

https://tryhackme.com/room/ccpentesting

You should include which task are you doing atm

apologies i am doing [Section 1 - Network Utilities] - nmap

Yeah, that's supposed to take you to that page.

That part is really just focusing on scanning the machine ip.

Oh right i'm a little lost on where to start then 🙄 😂

terminal > nmap xxx.xxx.xxx.xxx

Thanks.. thought it was something i had to do through the web browser.. thanks for the help

Gave +1 Rep to @lament valve

For what it's worth, courses can't be down. Your instance is not shared, it starts when you click it and ends when you terminate it

Thanks for the heads up and sorry for the noob questions.. New to this lmao

Gave +1 Rep to @eager fulcrum

Welcome

I've signed myself up for a competition in cyber network Defense and now need to learn WireShark and Metasploit by the end of the months so though i would just get to grips with the pen testing topics so i can at least act like i know what i'm on about.

THM have some good Metesploit and Wireshark rooms.

https://tryhackme.com/room/rpmetasploit

https://tryhackme.com/room/wireshark

Appreciate the help..

thanks

Gave +1 Rep to @lament valve

guys

how do I install msfvenom

sudo apt install metasploit-framework

this will include msfvenom and msfconsole

unable to locate package

lol

ikr

But why you machine don't have so many needed package?

I have no idea

It is a normal Ubuntu 20.04

so is it up to date?

yes

I have just updated everything with Software Updater

I have no idea

you don't know to locate the package?

No i'm not

crap

thanks nontheless

I would suggest you use something like kali linux, as this would solve a lot of your problems with installing packages etc. As far as I know that's not the first time you struggle with installing something

ok

can I install it from Ubuntu

I think these things are outside of the scope of this channel, so you might want to google it or ask in #general

oh yeah

sorry

it does not let me import the .ova file

Failed to import appliance /home/hans/Downloads/kali-linux-2021.4a-virtualbox-amd64 (1).ova.

Result Code: NS_ERROR_INVALID_ARG (0x80070057)

wait

ignore me

i do not have enough space

Oh ok :)

wait

how do I allocate more space

to my ubuntu partition

no

I have a dual boot

Ubuntu20.04/Windows 11

and when I installed ubuntu I only gave it 33gb

and now I want to give it more

Why you don't use VM one Windows OS?

Is it better?

Not better but it will make you step more easy

um

so I have reduces my windows partition

and I have 85 unallocated gigs

now I am on gparted

how can I assign them to linux

You need to expand the ext4 partition

https://askubuntu.com/questions/421271/how-to-extend-ext4-with-gparted

I've found that when dual booting, using 2 separate drives for each is best when possible. Windows likes to get grabby about the boot process at times.

i dont have two

It honestly seems like your laptop doesn't have the capabilities to have dual boot and VM's

But that's MY opinion.

I figured, that's why i added "when possible"

in the second answer it says that I should mark the unallocated space with ext4

but how do I

i have honestly no idea

Why do you need to dual boot?

I wanted to try ubuntu

Why not just do it on a VM?

If you like it, install it.

i liked it so i did

im gonna go to the Ubuntu forum and ask

Hi guys I'm having troubles with kerbrute

I've downloaded it and when I try to run ./kerbrute -h it gives me permission denied

Ls -la gives me drwxrwrwx

And I'm not in the kerbrute folder

d means that it is a directory

I've done that already

The command doesn't work at all in of the directory

No I'm telling you that you are trying to execute a directory. You have to cd kerbrute into it

Sorry mistype, the command doesn't work in the directory

So what's inside that directory then ?

@crystal marlin

How did you download it ? Did you follow the installation guide on the github page?

Yes

I did a GitHub clone and a then did a go as directed on the GitHub page

And you also ran the make command as shown ?

Yes

Well I somewhat doubt that, as if you would have done that you should have a dist directory in there

So go to /home/kali/Downloads/kerbrute and then run make linux

Okay, so after that finished you should have a dist directory in there

The make Linux made a dist directory pop up!

What should I do from here?

Just go to the dist directory and then run the kerbrute binary for you architecture

Thank you!

Gave +1 Rep to @crystal marlin

Anyone here for some tech probs ?

Just ask your question

okaay , when i join a room (any rooms , iv been trying all day ) i got my openvpn and new ip and all that , i can ping the ip provided in the room and nmap it , but i can't seem to access the web pages

it just loads infinetly

i regenerated my openvpn

still nothing

What do you type in when going to the website?

http:// the ip : whatever port i want to use

and it loads endlessly

Might you have anything like a proxy enabled?

my foxyproxy if off

and i can acess HTB machines

What happens when you just type the IP in the search bar?

it loads forever

with no return

curl the same

i can ping the ip but with 280ms

ouch

You are only running openvpn?

ifconfig only shows eth0 and tun0

so yeah

Does that also happen with accessing 10.10.10.10 ?

flag{connection_verified}

So that's a no. Which room are you doing right now where that happens ?

im currently trying the cyborg room

And your machine is a VM ?

tried also advent of cyber

VB kali

pickle rick too

i can't access any website

And openvpn is only running inside that VM and not on your host machine simultaneously as well?

no just my vm

as i said tried with HTB and they work

And no other personal vpn on your host machine ?

nope

😦

You could try sudo ip link set dev tun0 mtu 1200

And then check again

👀 when all else fails - sudo ip link set dev tun0 mtu 1200 😂

hahahahah what does this do ?

okaay tried it

now im getting unable to connect

Firefox can’t establish a connection to the server at 10.10.123.116.

advent of cyber 1 BTW

"64 bytes from 10.10.123.116: icmp_seq=5 ttl=254 time=166 ms
"

Can I try to access that machine myself ?

It sets the max packet size.

i dnt understand

sure

solved

You sure that's the IP of the target machine and not the IP of the attackbox?

yeah im sure

i guess i have to wait after the machine has started

for the servuces to start

i can access the web page now

thank you all ❤️

Alright

What would setting the max packet size do?

by setting it to 1200, you're lowering the packet size from it's default, which helps with poor internet connections. If you want a more technical answer I'd suggest googling it.

Thank you

hiii

i ,ean hello sir and madam

yo again

back to square one

""Firefox can’t establish a connection to the server at 10.10.251.11.""

The machine's take 2-5 minutes to fully boot up once started

yess

Yess im trying at 10 min

after launch

no just one tun0

the THM Ip

advent of cyber task 7

Happened to me too in my own kali VM. Turned the vpn off and strangely I could connect to the web page

Hello, Brand new here. I'm trying to use the split view but unable to view the whole page. I can't adjust the screen size to see exactly what is needed from me to complete the path. Please help and be kind. thank you

There is a button for full screen on the bottom, did you saw that?

No I didn't

or should i say I don;t see it

Let me start up the attackbox to check myself, but at least there was one

Thank you

Gave +1 Rep to @crystal marlin

You found it?

no I haven;t

I don't see or have any of those options

Wait, are you having a machine open in split view or just a lab site? Which room and task are you doing ?

I'm doing the first one where I am trying to hack bookface

I don't know what the first one is, send me the room link pls

But it sounds like a lab page

i think it is. one sec

https://tryhackme.com/room/beginnerpathintro

Ah okay, the lab pages don't have no full screen button, but you could get the link out of the source code, but usually split view should be more then enough space to complete it without it being too small.

But here, I'll send you the link for it: https://static-labs.tryhackme.cloud/sites/bookface/bruteforce/

thank you very much!!!

just tried it and I am able to view everything!!!

thanks again !

You are welcome

Whenever I try to log in the captcha hangs. This only started happening whe. I switched to firefox

Hello, I just recently completed the "Pre Security" learning path, I'd love to share my certification to LinkedIn but I only see a download option : /

Yes, that will download the images of the certification

Download it and upload to linkedln

yo mates

I was able to give 90gb to Ubuntu

and I finallly installed virtualbox with kali

but I am getting this error code

Failed to open a session for the virtual machine Kali-Linux-2021.4a-virtualbox-amd64.

The virtual machine 'Kali-Linux-2021.4a-virtualbox-amd64' has terminated unexpectedly during startup with exit code 1 (0x1).

Result Code: NS_ERROR_FAILURE (0x80004005)
Component: MachineWrap
Interface: IMachine {85632c68-b5bb-4316-a900-5eb28d3413df}

I followed this tutorial: https://www.youtube.com/watch?v=ILwRmXx8kwg

Got a real tricky question - I want to update my credit card information... Do I really need to hack the site and edit the database myself ? 😉
In my profile I can only "cancel subscription" and... I just wanna update my credit card...

No, but you can simply check one of your previous sub confirmation emails, at the bottom of that email should be a link to the sub management page where you can update them.

Not sure I have that in my inbox anymore... :/

Found it and updated - thx! @crystal marlin

this is a question for #infosec-general, this channel is for tryhackme related technical issues

my bad. cheers for the heads up

hello i have a problem when I launch attackbox after a minute it says disconnect

I know that Ice is an old room, but is the room broken?

The history in the internet browser was empty, and the installer file needed that was in the recycle bin was on the desktop.

IceCast exploits are pretty unstable, IIRC. Not quite as bad as eternal blue, but I remember having to attempt multiple times to get something stable.

Ah, so if I want to do it, it will be more trial and error?

It's been awhile, but not even trial and error. It's just unstable and doesn't always connect like you expect.

Okay, thank you for the response. 🙂

Gave +1 Rep to @broken bear

Whenever I try to log in the captcha hangs. This only started happening whe. I switched to firefox

Hi guys, I need to talk to someone from the commercial area. I'm interested in educational account

!docs student

Try clearing the cache

Did that

@glad egret sorry i explained it wrong, i represent a training institution that wants to use your lab

classrooms

iam a teacher

Email

Education@tryhackme.com

https://tryhackme.com/classrooms

ok, thanks, i will do right now

in this page dont have how tosubscribe to lassrooms

The Email will sort you out, if you email them.

ok, thanks

email sent

Getting "Uh-oh, this page has been lost in the matrix." when trying to download my VPN Config file from tryhackme.com/access 😦 Did not help to press regenerate

Try a different server

ftp commands aren't not working for me in this room after connecting to anon ftp. https://tryhackme.com/room/brainstorm can someone help

Working okay for me.

reboot the target machine or wait a bit longer and see if it turns on after a while

FTP takes a few min(s) to boot up.

sorry, i should've elaborated. when I try to list files with "dir" after connecting to anon ftp it doesn't work. can't do other things either

ls instead of dir????

You could also try using the -p flag when connecting

still not working unfortunately "229 Entering Extended Passive Mode (|||49163|)
ftp: Can't connect to `10.10.34.82:49163': Connection timed out
"

┌──(kali㉿kali)-[~/thm/brainstormRoom]
└─$ ftp -p 10.10.34.82
Connected to 10.10.34.82.
220 Microsoft FTP Service
Name (10.10.34.82:kali): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 User logged in.
Remote system type is Windows_NT.
ftp> dir
229 Entering Extended Passive Mode (|||49281|)

hangs on "entering extended passive mode" then times out

I can connect, the problem is that I can't execute any ftp commands

Can I try to ftp into your target machine ?

sure, you're free to connect to it. hopefully you can figure out what the problem is: 10.10.34.82

So as lassi suggested, did you try to connect without the -p flag?

So simply ftp 10.10.34.82 ?

yes

that's what i did initially, i have no problem connecting but I can't execute any commands without getting stuck on "Entering Extended Passive Mode"

I understand your issue, I got the same error when connecting to the ftp with the -p flag, but without it it's working perfectly fine?

are you able to list files?

Yes

Could you send a screenshot where your initial ftp connection can be seen, as well as the error you receive after listing files/directory's ?

You will have to verify first to be able to send screenshots

!docs verify

Whenever I try to log in the captcha hangs. This only started happening whe. I switched to firefox tried clearing cache, same issue still occure

Have you terminated the server now ?

Before your run the dir command, you could try to enter passive to either turn on or off the passive mode

omg that fixed it 😅 thank you so much

Gave +1 Rep to @crystal marlin

I hope this is the right room but I have problems to login to Bloodhound on the Attackbox, when typing in neo4j:neo4j as creds he gives me a invalid credentials error. Can somebody help me?

so I have until March 8th for my subscription to renew, I have cancelled the renewal but I am still in a premium status until March but all my progress has been wiped out. all the rooms that I have done and all my badges are gone. Can I know why?

Hello , I am a student and using my college email ID for my THM account. I didn't get student discount for THM premium hence I mailed the support team previously. They replied to pay $10 for 1st month and then the discount would be applied, 2nd month would be $6 and rest of the months would be $8. I paid $10 for the first month and mailed them. They replied saying that the discount was applied.

At present I completed my 1st month. But still the amount is being shown as $10.

If that's the case, you probably best with sending them an email

!email

I will thanks

Is anyone here using annual plan with student subscription?

hellloooo

actually i am doing advent of cyber 2

and i had deployed the machine

i dont know why the website is not loading

even the ping is not working on that IP

what do i do?

You should always include more details to your issue. Which task are you doing? Are you on the attackbox or your own machine? Etc.

same issue , just wait for 5 / 6 min for the machine to deploy

Is there any significant security risk of logging into THM within the attackbox? I read somewhere that others were hacking into others attackboxes. Looking at the threat model it's probably not going to give them much, except email and phone number at worst

anyone else having a problem seeing images in /networkservices im getting nothing

For some reason in the attackbox it will not let me use to CTRL key, I've tried changing the keyboard layout to my current keyboard and it still won't work. I never get the '^' when i press the CTRL key. I am currently doing Linux Fundamentals P3

As far as I know there is no risk with the attackbox. With your own machine connected to the thm vpn there might be.

No, are you using any personal VPN or a Pi-hole or similar ?

none of those not working on phone or laptop using broadband or 4g

Did you try to clear cache already ?

just cleared and still no luck, used another browser + incognito and also not loading

Is it not showing images in all of the tasks or just a specific one ?

looks to be just task 3 and 4

Oh okay, well then it seems to be an issue on THM side, it's not showing them there for me either

okay, happy its not me. I'll work around it for now

"Brainstorm" doesn't show any open ports, only filtered. I terminated the machine several times yesterday and still have the same issue. I did use -Pn with nmap.

If you want I can try to scan the machine myself to verify, would need the IP in case you want me to

hello!,
Can the linuxfundamentals2 machine be accesed from my local pentesting VM?

I have this:

2022-02-15 12:51:39 Initialization Sequence Completed

but also:

ssh: connect to host 10.10.249.198 port 22: Connection refused

Did you give the target machine enough time to fully boot? You sure you are using the IP of the target machine and not the one from the attackbox ?

I took the IP from the "Active Machine Information"

and is booted for 8 minutes now

oh wow

wait

just connected

that was an slow boot

😅

thanks!!

Gave +1 Rep to @crystal marlin

+rep @crystal marlin

Gave +1 Rep to @crystal marlin

Not a problem

I appreciate your help, but it's fixed now. The VPN file for some reason was not working, and since I had a problem with room before I didn't check it.

How can I kick someone respectfully from the a team in THM? or if there's a way to add more than 4?

I have a problem with my profile on the site how can help me with that so i can DM?

You are probably best with explaining your issue here, maybe it's a simple to fix one

Hey, for the Linux PrivEsc room. The cron jobs are not executing

Can’t seem to trigger a remote shell

Did you check the permissions of the script file you want cron to execute ?

Negative. Wasn’t implied in the room section

I thought all you had to do was edit the backup.py file and start nc listener on attack box

Hello guys! Where can I see my friend request? A friend invited me but I don't know how to accept him.

Well, some stuff you need to do on your own 🙂

Should come as an email

Jfc did I really miss something like that? Yeesh

Would chmod +x backup.py worked?

Try it 😉

Lol trying now

Thanks

Son of a… wow I can’t believe I missed something so simple lmao

Thanks again

why does it appear that I am from Afghanistan while I am registered as Saudi?

Why are you just doing 53 rooms and you got 0x9, and me 57 rooms just 0x8

coz there are rooms with 5 questions and others with 50

https://www.reddit.com/r/tryhackme/comments/kdngxr/changing_country/

#site-support message

Thanks it's work 👍

Gave +1 Rep to @crystal marlin

Oh i see, thanks

Gave +1 Rep to @gritty junco

what can i do now? this page isn't work

wait

or ping the IP

not working

How about terminate and start again?

are you connected to the VPN?

else you won't be able to reach the website

can you join the voice chanel ?

@gritty junco sir

I'm on class right now

How did you connect to the machines before? Your own VM or with AttackBox on THM.com?

my open vpn is running

Yes

i can connect to the boxes just fine but then after a while the boxes stop working. anyone else having this issue?

What box you are talking about and what you deem as "a while" ?

i was doing overpass 2 and 3 but the issue seemed to fix itself. i would do all my enumeration get into the box start looking around and then it would just freeze out of nowhere and when i try to ping it i would get nothing.

I am having trouble with the splunk course

I connect to the OpenVPN and then RDP into the windows system for the course as instructed. I then am able to get access to the splunk instance in Chrome. One I noticed that is shows chrome is outdated and I am unable to update it becasue it doesn't appear that this VM has internet access. More importantly when trying to add the app from the desktop in Splunk 101 Task 3, I get an error connecting Connect timeout

@naive dustAre you able to assist?

I have tried terminating the machine and relaunching it and also clearing all browser history but still the same issue

yo guys I submitted some writeups on some room but they are not yet there any idea why?

The room's creator/s have to accept it first

ah okay

hy i need to change my user name on thm, is there anyway to do that ?

#site-support message

Hello?

I'm trying to manually add cookies in firefox but clicking the "+" button does nothing

Does anyone know why ?

Have you highlighted the cookie drop down on the left side, or a domain?

Yes

it doesn't work on any website

I tried disabling the permanent private mode in the settings but no success

nevermind actually, disabling the private mode made it work on SOME websites, I don't know why it doesn't on the others but at least I can complete the rooms

I'm having a problem where boxes freeze on me. I'm doing Ghostcat and the shell will freeze and become unresponsive. The rest of my PC is fine.

👋 hi everyone!
Not sure if this is the right place to raise this question, but it feels more technical than anything else. Please feel free to delete/move if it is not the right channel.
I want to propose to my company to get a business subscription on tryhackme.
My question is:
Will I be able to transfer my current progress (as a single private customer) to the business account?
Moreover, will I be able to move back to a private customer subscription (and take my progress along with it) should my company decide to no longer continue with the subscription?

why are all the boxes I try to use so slow? I mean slow as in unusable

I emailed on support@tryhackme.com, when will I get response? I mean normally after how many hours we can get response?

Just want, they'll response you as fast as they can

Please don't spam mail

ok. are you from support team?

Still thanks

Don't hold your breath waiting for a response. I emailed them last week and still haven't heard from them...

If it's been a week, send a follow up email. The support staff are very busy and do the best they can. Sometimes emails unfortunately and unintentionally, fall through the cracks

I was trying to complete ohsint but the image isnt giving out any exif data

Its displays corrupt data
Any fix...????

Try another site

@online

I'm stuck with a ctf problem

can any one give me code to hack a wifi password

I tried to login in to my account, but for some reason its not working and I'm not even getting the reset link. Does anyone have any idea why it's not working?

The following is a commented code snippet of the php source code to which I don't have access to

And the aim is to find $ownername

<?php
include(DIR.'/ownerdetails.php');
extract($_GET);
if ($_SESSION['alive'] === $_COOKIE['dead'])
{
echo "meow meow";
}
else if ( sha1($_SESSION['alive']) == sha1($_COOKIE['dead']) )
{
echo $OwnerName;
}
?>

can someone please helpout

??

Please don't spam

Someone will see and help you

Please wait

try grep

you can use this command "grep . meow meow"

or you need to dowload the file and echo it on your user account

ok

But I can't do it without the ownerdetails.php file which I don't have

Support is busy as Alex said, wait a week, if no repsonse email again, not every other day, Support will get you know when they can.

idk more

i used the exif tool

Try an online tool

Try deleting the image and redownloading?

Maybe the error was caused within the download.

Hello. Is there any way I could change my username? What happened was I choose B@lr0g as the username, but the @ kinda disappeared 🙂

Hey guys, is there a way to contact customer support or something? My account says I'm not premium even though I've been paying for it

Email: support@tryhackme.com

You can only use alpha-numeric characters for the username.

Hi, I lost access to my old discored account and therefore need a reset regarding the token. Could anyone help me please ?

contact discord?

eyo hacker people, i need some help here. TryHackMe is not showing the captcha anymore and i know im not the only one. This needs to be publicly addressed, we cant even use it in our virtual machines. I've tried changing VPN, different user, some others from before and still nothing. if you've got anything, please tell. The captcha on tryhackme Login page doesnt show up at all and i keep getting "captcha failed" errors

for anyone having captcha problems on linux, trying to login to tryhackme: try updating your firefox version

Any idea when the Complete Beginner pathway is being removed? Email said 14th Jan but it's still on there for me

Hey guys/gals. I am trying to figure out of the room I am working on is having issues with its machine or if it is something on my end. I have partially used the machine to answer the first question but the second question when I try my answer keeps giving me a server error. FYI also I have looked up a walkthrough and they are typing in exactly what I am trying.

If anyone has the time to spin it up and test on their end that would be awesome

NVM I found a work around 😛

hi, i added my full name to my profile a few hours ago and i still can't generate a certificate with my full name

#site-support message

yes i added my full name into the Full Name section of my profile

Yes, but certainly after you already generated it. That post states: If you did not put your first name into your profile before generating your certificate, your username will appear.

So you can not change it anymore unfortunately. But for any upcoming certs you will get, your full name will appear now, as you added it to your profile

oh shit

the only certificate i haven't generate is the Cyber Defense one, oh well i'm F

Anyone else not seeing their level correctly displayed in other areas (like your public profile or the alert bell) as compared to the dashboard level widget?

I second this question and want to also ask if I join my workplace do I lose my association with my college? Can we be in more than one workspace (please)?

I have approval to start a PO for this for my department at work, but I dont want to lose 1. my personal progress 2. my school workgroup.

you sure you're seeing your current level and not the 'next level' on dashboard ?

How to give php commands in the developer console in the browser??

I'm getting this uncaught type error cmd is not defined

@worn pine https://bueltge.de/einfaches-php-debugging-in-browser-console/

Please translate this page to English for easy to read

Hi I recently deleted my oldacc so i just started fresh on new acc now. May I get one of the mods' help to unlink my discord token? thanks!

Thanks

Gave +1 Rep to @neat plank

i have this Problem with openvpn

i try this and it doesn't work.

Try including the full path to the file.

Use sudo

Read the error, it tells you what to do also

same error with sudo

sudo openvpn <name of the file>

same error

Have you altered your ovpn file after you downloaded it ?

no

Could you do head -n 20 Silverusty.ovpn and send a screenshot of that?

ok

Well, I gtg now, in case you provide the screenshot later on, I'll reply to you when I'm back.

May be a sideeffect of not properly generated config. You can simply regenerate. If regenerating doesn't work. Try changing to another server and generate then it will surely work!

Humm, ok. How can one add the missing a then? 🙂

Contact Support@tryhackme.com and ask them to change your username. 🙂

https://tenor.com/view/bruce-lee-bow-master-smile-gif-12365468

I'm on it. Thank you very much for the help.

The tryhackme discord token has nothing to do with discord

Any admin or moderator here who could do that ?

A mod will get to it when they see it I'm sure.

hey guys anyone here for some help ?

im trying to upgrade a nc rev shell into a fully functional shell

ssty -raw echo gets me stuck in this weird indented command line that i cant get out of

any help ?

tried reset

but hitting enter brings up ^M

hi everyone, I cant reach out the wreath network, my vpn is all set, I was doing well until I timeout but now, I cant reach out anything, maybe staff's can help?

Are you using zsh as your shell?
Use this instead - stty -raw echo; fg

Also, you may discuss this in #room-help

Just as a minor check, did you check if the network is sleeping?
You will have to start it again, extend it while working on it

Windows Privesc room keeps spinning indefinitely

@limber swan and @little berry, your room "Battery" is vulnerable to ||CVE-2021-4034|| and the ||PwnKit exploit|| will give straight root access. Since it is not quoted in any writeup, my guess is it wasn't expected.

Hi Support, I appear to have lost contact with the Throwback lab. I have tried downloading a new ovpn file, but I am not able to ping anything on the network that I once could. I have also tried from the pwnbox but that also fails.

Hello! Is there a known issue with the MacBook Pro (ARM) running a VM Kali accessing the room's machines? I've tried doing OpenVPN on an intel machine and it seems like it works perfectly fine but when I boot up a Parallels VM and connect it through OpenVPN, I can ping the 10.10.xx.xx but can not access it through firefox.

Hi, sorry for the repost, but I lost access to my old discored account and therefore need a reset regarding the token. Could anyone help me please ?

how to connect my attackbox windows to my local machine with RDP

?

You cannot unlink or relink any of your accounts for security reasons. But try to contact the TryHackMe Admins or Mods if you need to change one of your accounts.

That's why I'm asking here since it is forbidden to dm whithout the authorization...

Hey @zealous yoke would you be able to do the unlink in that case? I'm still unsure which one of the mods can do it in case of a lost discord account 😅

why isnt my activity updating? my little green box says ive only done 2 events today when I know I've done more... and my total activities for the year won't update either :/ i want my dark green box, man

yo

burp suite: the basics

is broken

specifically task 13

i cant get my machine ip into the scope

it just keeps listing 127.0.0.1:8080

You probably won’t help me but let me try, I’m trying to pull a prank on my best friend by making his chromebook go crazy, to do it I need to guess what’s his PIN code in his school supervision app on his chromebook, I can also access it via my mobile phone and via BlueStacks, while trying to access it, I found out his username and password, but the app sends a PIN code to his gmail, thankfully the school blocks it so it doesn’t appear, this PIN will be a 6 digit code like 087945 or 273713, I’m trying to guess it with some kind of brute force attack or dictionary attack, just so you know, this has no limit, so I can keep trying as much as I want to thankfully. Could anyone show me how to guess it using the BlueStacks app? Thanks.

P.D: I’m 100% sure he’ll be completely fine with this prank.

-ban @wintry glen Trying to hack a Google Account "as a prank" bypassing 2FA. Blatant blackhat. Ban appeals are bans@tryhackme.com

🔨 Banned Johxnyy#4987 indefinitely

hello

i cant get into the vm

i cant type in the password

anyone help me

with burp suiote

the basics

i cant get passed task 13

or adding my machine to scope

Hey was doing room OhSINT and running exif on the image just returns file is corrupted and all the writeups start there. New to the discord sorry if this is wrong channel.

try downloading it again

i did 3 times

okay meep it here you go then: ```
ExifTool Version Number : 11.88
File Name : WindowsXP.jpg
Directory : .
File Size : 229 kB
File Modification Date/Time : 2022:01:18 14:01:59+01:00
File Access Date/Time : 2022:01:18 14:02:27+01:00
File Inode Change Date/Time : 2022:01:18 14:02:23+01:00
File Permissions : rw-rw-r--
File Type : JPEG
File Type Extension : jpg
MIME Type : image/jpeg
XMP Toolkit : Image::ExifTool 11.27
GPS Latitude : 54 deg 17' 41.27" N
GPS Longitude : 2 deg 15' 1.33" W
Copyright : OWoodflint
Image Width : 1920
Image Height : 1080
Encoding Process : Baseline DCT, Huffman coding
Bits Per Sample : 8
Color Components : 3
Y Cb Cr Sub Sampling : YCbCr4:2:0 (2 2)
Image Size : 1920x1080
Megapixels : 2.1
GPS Latitude Ref : North
GPS Longitude Ref : West
GPS Position : 54 deg 17' 41.27" N, 2 deg 15' 1.33" W

lol thanks could've just gotten it from the writeups 🤣 just wanted to check if it was corrupted on server side so they could get it fixed.

or if it's just me

don't think so unless it gone and corrupted itself in the last month

just checked again and it works flawlessly for shadow

wtf

after redownloading the file

aight well meep me i guess

shadow uses the libimage-exiftool-perl to exif the data in the terminal

most linux image viewers can also show you the exif data

idk i just downloaded exif from the aur

Hello, was wondering if anyone knows why this is happening to me?

trying to work on the eternalblue box

im running a kali vm in vmware workstation

what exactly is happening? or is not happening?

and running the vpn on that vm

that's just you setting the rhosts

oh... it cut it off

hang on sorry

or.. no

expand what I posted

oh shit

[*] 10.10.175.225:445 - Triggering free of corrupted buffer.
[-] 10.10.175.225:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.175.225:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.175.225:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

this part specifially

that exploit is a bit random if it works or not

reboot the target vm and try again

googling seems to suggest I have to mess with the netowrk

did that

more than once

also tried to use bridged network on my kali vm

unlucky streaks happen ¯_(ツ)_/¯

hm

maybe but I tried again today from my work network and same same

but yeah could be something in the network config too

ah ok

tried a few things but no luck...

spent hours yesterday trying to get it to work. I

even attackbox???

no, didnt try that

i bet that would work

however... im trying to use my own environment for the sake of me being able to do it with what I have setup

fair

I will keep digging on google to see what I can find

if anyone else has seen this before let me know

shadow still thinks it is just the exploit being finicky and bricking the target

You aware that you are not using the correct LHOST in that snippet ?

yes, I did not set lhost

however I did try that

and same same

I can set it and try again really quick

Did you restart the target machine after setting the correct LHOST ?

yes

but I havent tried it from the worknetwork so let me try

If you check ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc. ?

only tun0

with the confirmed IP that tryhackme says that im coming from on openvpn

I just set tht as the lhost and it still did the same thing but I didnt reboot my vm or restart the tryhackme box

Could you send a screenshot of your options in metasploit ?

sure

Hey yeah shoot me a DM @static lily and I’ll see how I can help out tomorrow when I get a chance (:

Are you using a VM as attacking machine ?

Yes

And openvpn is only running inside that VM? Not on your host machine as well, or any personal VPN on your host ?

correct

no other vpns are running

If you check sudo ufw status what's the reply you get ?

interesting....

the vpn was not connect to tryhackme and had a red dot indicating it was not connected from my host machine but I killed it and the exploit worked...

there was no way it was connected...

hello guys can i get a help

i have been having a problem for 2 days

iam unable to open http web pages

@crystal marlin Thank you very much for you help

Gave +1 Rep to @crystal marlin

seems this may have been PEBKAC on my end of some sort

any one got any idea what the problem could be

doing the Kenobi CTF and I am trying to use the smbget command that I am being told to use. I keep getting command not found. I tried to update and install but still saying command not found.

I looked at a writeup and copied the exact string that is being used that worked for someone else and its not working for me. I am using the THM attack box not my own machine.

first you connect to smb

then you use get in the prompt it gives

I am connected

then in that smb prompt write get filename

smbget -R smb://10.10.34.164/anonymous

this is my string

wait let shadow check again

I am literally copying the string from THM and a writeup. Not sure why its not working. But thanks for looking at the issue.

is the ip in your command the target machine ip and not the attackbox ip

I have tried both, its the smbget command that isn't working

smb: > smbget log.txt -R smb://10.10.34.164/anonymous
smbget: command not found

oooh

exit

then type the smbget command

ok its saying downloaded now

it should work now?

yeah you should now have the files to check

Ok, thank you! I tried doing this in another tab while SMB was running but I guess I just needed to exit it? I appreciate your help.

¯_(ツ)_/¯

lacking in the details that you needed to exit before running the next command as the smb prompt don't accept a lot of commands

I exited, downloaded smbget and tried it again and now I am getting smbget: command not found. I'm just going to boot up my laptop and do this from my machine, maybe it will make a difference?

smbget should already be there without needing to be installed

as part of samba

which is why I am confused as its saying its not

did you start the attackbox or did you start the kali vm

attackbox

But I have parrot on my laptop so I am going to use that

Hello, I deleted my previous discord account and it has role in this server. I have a new account right now and i want to get roles in here. But when i send the message to TryHackMe bot, it gives me this message "Sorry this token is already used by someone." How can i solve this problem?

contact a discord moderator by pinging them here then follow their future instructions

Thank you

Gave +1 Rep to @plush bay

no problem

Hello @torn citrus, I have a problem here. Could you help me?

Has anyone tried a room with a phone?

Or a device with an ARM architect

Does anyone know if it's possible to search for a specific topic on THM? I'm looking for Content Security Policies for example. Thanks!

Try the search?

I don't know if a term like that will be picked up as room, or in a room.

Stupid me, I never noticed nor even used the Search function! And I found what I was looking for! HAHA! Thanks for waking me up! 😄

Gave +1 Rep to @lament valve

Hello I have a quick question I’m trying to use John the ripper on my attack box but I’m getting an error message showing this

“ cannot find John home invoke the program via Full or relative pathname”

Sure, what’s up?

I have a problem with the attackbot not connecting with linux through ssh

well I suppose I should explain the issue:

I am, first of all, new to THM, so I don't know how everything works. I am currently in Linux Fundamentals 2, and the second step requires using ssh to connect the attackbox to the Linux machine. However, when I enter it--> ssh tryhackme@10.10.85.210, It says that there is no route to host. What does this mean, and how can I fix this?

this Is a picture

Try to terminate

And start again?

well I just used up all my attackbot time for today

so I can't...

Also I'm sure once you terminate it once you can't re-open attackbot for that day

Oh I see

So did you try to use your VM?

What was VM again?

It's Virtual Machine

Well the task required me to open attackbot

OH hey

Let's try this.

sudo service apache2 start

Try to do this sudo service apache2 start

In where?

Attackbox

It didn't really work

Type this sudo service apache2 start and enter

like this?

oh ;-;

Oh well, I'm going to sleep soon, I'll try to fix it tommorow. Gn

Hope next day you'll solve it

I just did thanks for trying to help. Somehow my attackbox is open after 1+ hours...

Gave +1 Rep to @neat plank

welp now its not letting me enter a password but i need sleep

The password when you ssh?

I have a problem:

I deleted my previous discord account and it has role in this server. I have a new account right now and i want to get roles in here. But when i send the message to TryHackMe bot, it gives me this message "Sorry this token is already used by someone." How can i solve this problem?

If a password hash starts with $6$, what format is it (Unix variant)?

I am stuck with the last question of Task 2.

my answer is 'SHA512 encrypt', but incorrect

Try to look example hashes and you'll find the name you are looking for https://hashcat.net/wiki/doku.php?id=example_hashes

I completed this module but did not receive the badge

Maybe that don't have a new badge?

Seems like the badge is linked to the common attacks room, so maybe if you have done that room before the module and badge existed, you weren't awarded the badge. If that's the case you could try to reset that room and fill in the answers again and see if you would get the badge

same problem on my side

i cant connect useing the attackbox

it says

port 22: no route to host

Connect to which machine?
Which room, task, ...?

linux fundamentals part 2

2 task

wdym which machine?

What are you trying to connect to?
SSH into which machine, room?

10.10.233.77

Has it been over about 5 minutes after you deployed the target machine?
It might be booting up

i didnt wait

ill try again

it worked but i cant type in the password

Passwords aren't visible as you type them for security reasons

So no one around you reads them😆

oooh

ty

What is the username of who you're logged in as on your deployed Linux machine?

im using virtual box kali linux

please do suggest a solution

I'm not sure if I understand your question. Which room and task is this refereed to?

https://tryhackme.com/room/linuxfundamentalspart1

You could enter whoami to see the user

im unable to start the machine

Why?

need subscription

Yes for the attackbox in case you have already used the attackbox today, but not for the target machine

The target machine can be started in task 3 with the green "Start machine" button

thanks for ur support

its coming

Hello I have a quick question I’m trying to use John the ripper on my attack box but I’m getting an error message showing this

“ cannot find John home invoke the program via Full or relative pathname”

How do I fix this?

Maybe john is in /opt/

try to use /opt/john

@naive dust

Thank you my friend 😁 I will try that next

hi

I have emailed the support team couple of days ago, still didn't get any reply

@barren birch I don't know how to remove an old token, so I tagged you.

guys can someone help me

i have been having this problem for 3 days

and yesterday i asked for help none answered or helped

http pages , ssh

i cant open them

ssh gives connections closed

http pages keep loading

i ping the room ip its working

i changed my openvpn config file different times and it didnt work

DM me your token please 🙂

Is this only occurring with THM rooms or any webpage in general ?

only with THM

What room for example you are on right now where it's not working ?

yesterday i was doing the printer hacking 101

it kept taking long time to load

the http page

and when it loads it gives only some html text

Are you using a VM as attacking machine ?

nope iam using kali linux as host machine

If you check ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc. ?

tun 0 tun1 tun2

as i can see they are the old openvpn ips

Then most certainly that's the issue, in case you are not using any personal VPN simultaneously

Then do sudo killall openvpn then connect to the thm vpn again, wait a minute and do ip a s again to check if you now only got a tun0 interface or still any extra.

but when i check on thm vpn access it gives me on which one iam connected to

oki

i will try it rn

it just removed tun2

So you only got tun0 now or ?

i used ip link deleted tun

i deleted all of them

i will retry now

Well, it should work and I even guess it should be done with sudo killall openvpn

But ye, try it

ssh still takes long time to connect

iam using now the sudo security bypass room

ssh -p 2222 tryhackme@10.10.220.246 2 ⚙
Connection closed by 10.10.220.246 port 2222

I would restart your attacking machine. When it's restarted check ip a s before connecting to the THM VPN to make sure there is no tun interface. After you verified that connect to the THM VPN, wait a minute and run ip a s again to check if there is only a tun0 interface or any extra. If you have done that we can go from there.

okay

Gonna be afk now, will reply later in case it's still not working

So I'm trying to get through rooms with my own VM. I have my OpenVPN started and can ping rooms once I start them, I can even complete nmaps. But.....having issues with ssh, using tools like dirsearch and gobuster. Really really confusing.

Literally just figured it out! Top tip, using a vpn at the same time as Try Hack Me VPN does not work lol

anyone knows about this issue on burpsuite? that I have "pretty" grayed out on all machines I have

anyone willing to help?

still having issues with this. thankfully my streak is updating but not my green squares or total activities

Most probably because your request has no body data to it which could be displayed "pretty"

Which room are you doing ?

im doing the pre security path