It has not upgraded you to level 13
#site-bugs
glass kindle
Well I think the start of level13 is 100k
The right side just hasn't updated since I got into level12.
frosty cape
Whats your username on THM @glass kindle ?
glass kindle
It's haruue @frosty cape
rare swallow
we seeing double now π
vocal raptor
@frosty cape the l and the 1 are the same for 0xD, whereas in Haruue's screenshot they are clearly 2 different letters π
unless i'm level 113
vocal raptor
No, I meant the "l" in level is the same as the "1" π
it says "leve113"
whereas in @glass kindle 's screenshot, level is not spelt with a 1 π
frosty cape
Oh yeah!
I'll add a space π
and change that
Thanks good spot btw
@rare swallow Fixing that bug too
@vocal raptor Its the way your font is showing on your browser
They're very very slightly different
@glass kindle @rare swallow Both your identified bugs have been fixed.
frosty cape
Thanks again everyone for reporting bugs!
rare swallow
π
earnest brook
I'm not a subscriber, earlier this year i joined these two rooms but i cant leave them now
spiral flame
The latest day in Advent challenge has a root flag which is useless
plucky leaf
color.txt
us-city.txt
country.txt```can't access those links
the pastebins links are not loading
room password cracking
vocal raptor
those seem like very normal wordlists you can find on github, can you search for them? π
i cant imagine any of them are longer than rockyou haha
glass kindle
Cache perhaps? Doesn't load for me or downforeveryoneorjustme.com
vocal raptor
yeah its probably cached
spiral flame
@rugged ermine So... the root flag on Retro is actually root.txt.txt
I feel betrayed because that caused me 10x more pain that it should have
strange raft
LOL
I didn't even notice that when i did it
that's amazing and it better not be a bug
rugged ermine
Oh that's a typo haha
livid goblet
lol
rugged ermine
whoopsie lol Β―_(γ)_/Β―
spiral flame
@tribal knoll In RunC escape, the images aren't loading for me
Also @frosty cape that VM needs some more resources imo, logging in takes a while
earnest brook
I don't know if this really a bug.
but earlier today i opened cyberadvant room on firefox on my both host and vm, after I finished the challenge, I noticed my rank points.
after couple of hours I realized that the room still opened on my host browser, I submitted the challenge solution again on my host (I donβt know why O.o), then my points updated with the latter (I lost some points).
fading laurel
@earnest brook if you can load a website from a room on your browser after you have terminated the machine, it could be loading from cache. although I didn't understand exactly what happened with your points. can you elaborate a little?
earnest brook
@fading laurel what im trying to say is that i opened cyberadvant room on my host firefox to see today's tasks while my vm booting
after my vm started i opened the room on vm without closing the room or firfox on my host
after finishing the challenge on my vm, i looked at my points, it was ~(10160), after ~2hrs i closed my vm, to see that the room still open on my host's browser, i submitted the solutions again, then reload the page, lloking at my points it was ~(10070)
if I submitted the solution earlier, any submission came later should not be accepted, right?
fading laurel
I can't answer that, you'll have to wait for one of the admins to see it. I just chipped in to tell you about browser cache to eliminate that
cloud tundra
idk if i'm in the right place, but the title of Task 23 in CC: Pen Testing is "privilege esalation".
tribal knoll
Ih
Uh
Ohno
That bad, but I can't fix until tomorrow
Never not using Imgur again
covert kernel
Litterally use imgur for all room pics
tribal knoll
I cut a corner
Never cut corners
Ah
That's why
My sharex server provider had a drive failure
So data loss happened
cloud tundra
@covert kernel will hate me π
CC: Pen Testing Task 3 #6 there is no text in the question
cloud tundra
covert kernel
@cloud tundra whats the task called
cloud tundra
Netcat
covert kernel
The issue has been fixed
cloud tundra
however i've completed the room. and i loved it.
covert kernel
:)
covert kernel
Every time I forget to select a room, while making a task, it disables the button and does not enable it when I select a room
I end up having to delete the disabled='' from the html element
chilly seal
Not sure if it's a bug, but in the room Ice on Task 5 #2 it says:
In order to interact with lsass we need to be 'living in' a process that is the same architecture as the lsass service (x64 in the case of this machine) and a process that has the same permissions as lsass.
But Ice is x86
I might just be misunderstanding this though
frosty cape
Ah okay, thanks @covert kernel will fix that soon
spiral flame
@chilly seal is it not x86-64?
vocal raptor
Bug: when you complete a room, the creator adds a new task, you haven't completed the room until all tasks are done but under "my rooms" and "hacktivities" both show as completed
frosty cape
Yeah, I could reset the 'complete' room - not sure if I can see this as a bug hm
But yeah I guess it is
Thanks for pointing this out mind
fervent gust
The links on the bottom, specifically goals, do not show up when logged in. Not sure whether this is a bug or needs to be a suggestion but please add a link to /goals in the side panel so that it's accessible to users who are logged in.
rare swallow
when searching for the advent calendar no results are showing when looking for the following
but if you look for christmas or cyber it shows up
rare swallow
@rugged ermine then you should look at implementing advance search: normal search to look for room names, advanced for tags, created date, etc. That will come in handy one day
not sure htb has something like that, so the more features we have the more you can showcase/advertise the platform
raw karma
rare swallow
@sly raft you might want to add that the kali box sometimes gets the caps lock stuck for no reason and i can't find a way to remove so i have to hold down shift
fast fossil
Room = powershell: Task 3, Question 3 - answer is not correct for the machine's current state
fast fossil
actually scratch that...wrong window
but the powershell room could use more than 512MB RAM
earnest brook
minor bug
rare swallow
VIM room
delicate dragon
@rare swallow ?
rare swallow
Just an empty question with no answer @delicate dragon
delicate dragon
Which room?
delicate dragon
Strange
rare swallow
on task 2
tired solar
I think day 17 on the 25daysofchristmas challenge has a bug. I manually tried all the 30 passwords and still did not get in.
still bison
Im new to this and teally want to learn is there anyone who has time to chat wity me ti helo me through allnof this
spiral flame
@still bison Read through the accompanying material
But also not here
Try the CyberAdvent challenges
tired solar
@cloud tundra is it really in the 900k rangd, I've been at this for 4 hours now
cloud tundra
@tired solar the best option is to find the flag in another way
spiral flame
@tired solar known issue for that room
tired solar
Yea just should be fixed
spiral flame
Not likely to happen with a lot of these
tired solar
I should not spend more than 20min brute forcing
spiral flame
Yep. It's a known issue though. Best way is to move on to the SSH and then find it from there
spiral flame
Sorting by newest in Hacktivities should sort by release date
plush cedar
hello, I have a learning path on 100% and nothing happens. I cannot see other learning paths (if there).
Should I "leave path" ?
spiral flame
You have to leave the path in order to see the others
plush cedar
ah ok π
vocal raptor
Hey! I have issues with FTP on ctf100. This is the 4th time this exact same FTP issue has happened, Ashu said it might be because of my IP address (during cyber advent). This is the 5th time I haven't been able to do something because of my IP address. (The extra time was that CTF100 wouldn't recognise my IP address). Can whatever bug this is be fixed please? π For FTP, I cannot do anything at all related to FTP on some rooms. I get "500 Illegal PORT command." on every command. Per cyber advent, I have tried wget, file browser, internet browser, and ftp. It's definitely not because I don't know how it works. Pls fix :(((
PS: I can replicate this on 4 devices, on entirely different networks, with new VPN configs, and a brand new install of Kali. I'm 100% sure this isn't happening because I don't know how something works, I'm 100% sure this is a genuine bug that other people have faced too
My THM IP address doesn't ever change, so the bug will always be the same ^^
spiral flame
1 other person had that issue.
rigid ember
If you create a new account on TryHackMe and use that VPN does that experience the same issue as this will be a different IP
olive drum
You don't have to create a new account. You can regenerate your VPN package in "access" tab
vocal raptor
I've had at least 2 people DM me with the same problem. And regenerating a new VPN does not change anything, as your THM IP address will always be the exact same. A new account will fix this issue, as your IP address will have changed π
however the idea of creating new accounts until I win the IP address lottery sucks
What would be ideal is dynamic IP addresses, so I can just reconnect my VPN until I eventually do win the TryHackMe IP Address Lottery β’οΈ
frosty cape
Yeah, regenerating your config file won't change your IP address. Your account is normally linked to an addrese
Is this something you want to change? Not sure why you would need your connection IP address changed mind?
Aha win TryHackMe up address lottery
Lel
Fyi, this year we will have quality control in rooms
To mitigate bugs :9
Might be because of your IP address? I think it's because of the box if you've tried with diffetent OpenVPN config files
I'll take a look anyhow :)
spiral flame
This text is a little misleading, as you need to be a sub to do anything in the room? (Not just to deploy VMs in there)
tribal knoll
That's discords fault
elder pumice
oh ... i say delete the #648878292551598080 since it doesn't work anyways and then reimplement it when they get the bug fixed. After a quick google search i found this https://help.mee6.xyz/en/article/welcome-messages-1y1t3dx/. TLDR You could disable to welcome messages and enable a private direct message on login.
spiral flame
Mistake in Fowsniff CTF
Username is different to one it says to use
It says to use the sender of one email, but actually it's the sender of the other
covert kernel
@frosty cape
There seems to be an issue with uploading files
My files stay at 100% and then hang for a couple minutes and say an error has occurred
covert kernel
Still broken for me
worthy stag
ah well that kinda sucks
guess we'll just have to wait until tomorrow when it hopefully get's fixed
fervent gust
You can't login with your username anymore. Only with your email.
However it still says you can login with username / email.
spiral flame
I think I complained about this a while back
frosty cape
Ahh, I'll test the VM upload issue!
frosty cape
Found the issue, I am uploading the fixed code
worthy stag
Weirdly enough I left a vm uploading overnight shortly after saying that and it was successful
rare swallow
@worthy stag how big was your vm? i was having issues with 10GB ova
covert kernel
@frosty cape I still cant upload any files :(
covert kernel
Wait
frosty cape
Development console
covert kernel
It stays at 100% and does nothing but the material is there
covert kernel
Yea its still hanging at 100
But I can download the material from my page
It just finished and said "An error occurred"
fervent gust
I think this may have something to do with the recent update where subscriber machines have better specs
spiral flame
Oof, CPU is 2.3GHz and RAM is 4GB
Also that should NOT say "memory"
Skidy, I'm VERY disappointed
(only mostly joking)
frosty cape
Hm - I will look into this, perhaps the "subscriber" resource tag is overriding the original VM specified resources. Will take a look this evening
patent wedge
retro box privesc method not working please help
spiral flame
@patent wedge not a bug, intended issue that there's a fix for. Look around in #room-help and #650425164894568455
covert kernel
^ not a bug its a feature
tribal creek
retro privesc not working
tribal creek
i inistialised the google chrome and ie
and even changed default browser many times
trying to force the link to open in ie
worthy stag
It does work. Youβre just having the same issue I had
tribal creek
so what u did to fix ?
worthy stag
Reset the room after an attempt
Then try again. I havenβt got it working as gave up wasting time on it but it is still working as a number of people have tested it
tribal creek
oh okay ill try
rugged ermine
If you get incredibly stuck and understand specifically what I'm teaching here I can also just give you the flag
The main goal here is that exploits are not consistent in real life and this one, while mostly consistent, takes some trial and error. That's why it was optional in the event
tribal creek
tried reset the box many times ... even with ur solution still didnt work
and i rly want to submit and go the next machine
tribal creek
much thnx @rugged ermine what next machine do u recommend ?
rugged ermine
Have you done Blue and Ice?
tribal creek
not yet
i'll start it now
but when i think of blue always i think of eternal blue
tame inlet
hi ! cannot connect to rdp host on retro room
@everyone
frosty cape
@fervent gust Yeah I need to fix that, added to my list, thanks for repoting
wise epoch
ctfcollectionvol1 -> A sounding QR @tawdry totem
spiral flame
ooof
rare swallow
loool
covert kernel
Hah
elder pumice
DarkStar @frosty cape Make the room tags standard... example... there are four reverse engineering rooms on thm ... The tags are "reverseengineering", "Reverse Engineering", & "reverse engineering" so the search does not always work correctly... crossposting this in #522158404614225920
plush tapir
I don't know if it is an actual bug or if I don't understand the score "system" I finished the room https://tryhackme.com/room/metasploit and I only won 314 (the first two tasks are showed on the chart). Is it because the room is very old or is it an actual bug? Thank you in advance for your answer.
worthy stag
You tried refreshing that bad boy
plush tapir
Yes, I refreshed and logged off but it didn't change
frosty cape
@plush tapir Its most likely because I changed how many points you get per question, before that others got much more.
wise epoch
Seems like @raw karma BOT isn't accepting !verfiy command!
spiral flame
Maybe because it's !verify and done via dms
tribal knoll
@remote laurel
remote laurel
I'll check
tribal knoll
Yeah, I'm wired into my own thing atm
remote laurel
Weird stuff, I restarted the bot
@wise epoch retry now? It seems to be fine
I think something crashed the bot, I gotta investigate this
wise epoch
Not working @remote laurel
remote laurel
Yeah I see that
It's weird
What's your rank?
It seems to be crashing only for u
weird, I'll check
plush tapir
@frosty cape Ok, it just looks weird that only the first tasks are displayed on the chart.
plush tapir
Well, not for me. I've finished the room and only the first ones are displayed here
rare swallow
give it some time
plush tapir
I will, hope it will get fixed ^^ Thanks
frosty cape
@plush tapir Which room for you?
plush tapir
@frosty cape https://tryhackme.com/room/metasploit
tribal creek
ctfcollectionvol1 : A sounding QR
plush cedar
Hello,
I have a problem with time settings I guess.
When I deploy any room+extend with 1h,
It appears "vm expiring soon" and "vm expired".
Do you compare the time with the time on my PC? Because that seems to be the problem
frosty cape
Yes please
frosty cape
For all that are wondering, that bug has now been fixed.
frosty cape
Yeah, its annoying, but learnt something new tho
spiral flame
I'm mildly interested if you have a TL;DR of the issue
frosty cape
Yeah sure,it was pretty simple, my server returns a date (in the timezone its in), just had a function that converts to local timezone, updated the code client side. Not that complicated, but learnt about JS local time conversion.
plush cedar
Much appreciated 
frosty cape
no worries, if it effected you
It must have others too
So
Thank you for letting me know
plush cedar
Np :)
spiral flame
So in summary, JS doing JS things?
frosty cape
yup
uneven narwhal
Hi
spiral flame
(that doesn't go here)
tawdry totem
@tribal creek Sounding QR patched, sorry
spiral flame
Does google actually properly index THM's writeups section? Doing SEO on my site and wondering if that's why I see no links
spiral flame
Dorks is google's exploit/hacking database, not SEO related
I assume you have search console etc set up for tryhackme?
ocean reef
Not sure if it's a bug or just slow notifications or something, but was just informed today that NinjaJc01 "has released a new walkthrough room, Wifi Hacking 101". The room's been out for 13 days now though
spiral flame
Yep, I got one via email. It's because it was reapproved @ocean reef
worthy stag
^
ocean reef
Was it removed and re-added or something?
spiral flame
Nope, rooms now require approval and mine came out just before. I think it was approved now and technically re released? @ocean reef
ocean reef
Oh gotcha, guess that means weβll be getting those notifications for all the older rooms too?
rugged ermine
Only a few, it's just because of some minor updates that were made
Some of my rooms popped up like that since I made them cloneable
spiral flame
I think search is broken
frosty cape
Oof
spiral flame
Search for metasploit brings up my room
frosty cape
I updated the search yesterday - Ah you're talking about SEO?
yeah if a room is re-released, it will notify you π
spiral flame
@frosty cape nope, talking about room search
Searched metasploit
First few are relevant
frosty cape
Yeah thats right π
spiral flame
Rest are not
frosty cape
spiral flame
Next page
frosty cape
I only get 1 page
frosty cape
omg
Its really broken on FireFox
But searching Metsploit on FireFox gives me the same
spiral flame
Cross browser testing!
spiral flame
Thanks
Haha
Browser compatibility is a fun game.
Let's hope no one opens it on safari
frosty cape
Only supported in FireFox 68
void crown
Hi, the notification section doesn't quite sit properly when screen size is smaller (e.g. split screen) . Currently on a 13 inch display, with firefox split to the left half of screen.
spiral flame
That's an oof
frosty cape
Thanks! π
frosty cape
@covert kernel Ah really?
What seems to be the problem?
Just gets stuck?
Or it says Error?
covert kernel
@frosty cape yeah just immediate error
frosty cape
What does your console error say?
covert kernel
Bad request
covert kernel
What should I try?
frosty cape
Hmm, can you upload it to Google Drive
I will download it and upload it
I have not had any problems
So its a really weird bug
I will add it to my to-do list tho
Thanks for reporting it
frosty cape
ty x
covert kernel
<3 @frosty cape
tribal creek
for webappsec , is this by default or a bug happening when creating the user
frosty cape
Weird, no machine has been updated
So you're probably looking at the wrong place? Not sure though, I didn't make that room
tribal creek
|it happens when i press on create user ||
delicate dragon
Isn't that LFI vulnerability?
Yep, since it's trying to open a stream. It definitely looks like LFI
@tribal creek
covert kernel
@frosty cape ignore previous bug reports, it wasnt a bug with the site I was just being stupid
orchid remnant
Consistently getting a false positive CSRF warning when logging into the website on phone. Those are the same details I use on desktop with no problems.
frosty cape
Would you mind trying with another browser?
I've tested it and it seems to work for me - what is the one you're currently using?
orchid remnant
Firefox just now. Will do π
Yep, looks like it's just Firefox. I've got it working in Brave, Opera, Duckduckgo and the 1password inbuilt browser.
frosty cape
Hm okay thanks
I will take a look and see if I can source the issue
What version of FireFox?
orchid remnant
If the app details are to be believed, 68.4.1
frosty cape
Thank you
spiral flame
Weird, I haven't had that issue on Firefox mobile
abstract bolt
Not sure if it's been suggested yet, but might we be able to update the pre-loaded Kali image or does it break something?
covert kernel
Its been suggested and is planned to be implemented soon @abstract bolt
abstract bolt
@covert kernel thank you π
I've just developed a list of things I hit on when I start the box up
ocean reef
Going through ctf100 and I'm on Flag 56. Not sure if anyone else had this issue but ||secret.zip is an empty file for me||
ocean reef
On that note, I noticed that unzipping the ||429E.zip|| gives me ||need PK compat. v5.1 (can do v4.6)||. Going to do some digging but that may be my issue
Doesn't seem like it
Found my issue for anyone that may have something similar happen. ||It's not super obvious that the password from zip2john 429E.zip > hash; john hash results in a password that needs to be used to actually unzip the files. My machine did not run john properly with just "john hash" so I noticed that there is a password in one of the screenshots in teh write-up that is used here. After running 7z x 429E.zip, it prompted for a password which I then entered. This then put data in the files in Moreflag||
rare swallow
i think that's the point of @tawdry totem work
ocean reef
I'd agree if his write-up followed that extra information, mine was more of an issue with my machine not cracking passwords like it should. I blame the hardware on that point though
rare swallow
yeah, you should ask in the rooms help
because it seems like it was designed to be that way, imo
ocean reef
But it wasn't an issue of not knowing what to do
rare swallow
i understand that
ocean reef
It was a bug, but not on the room's end
rare swallow
did you use your own box?
ocean reef
For...
rare swallow
the task itself
ocean reef
Yes
ocean reef
Yeah, I got it all figured out. But going through all these CTFs and awesome rooms here I've realized that Parrot OS on a MacBook 2012 doesn't tend to crack hashes or passwords very well π
covert kernel
Not with that attitude
elder pumice
@rugged ermine @frosty cape for the love of all that is my ocd can you please align the email change button next to the email.
elder pumice
laptop
frosty cape
I will fix that ya
elder pumice
thnks my ocd thanks your great skill
frosty cape
Fixed locally, will be pushed inthe next update
fleet hill
click the "here" link? I should've highlighted
Hopefully it's not my end. Networks been weird today. Dead link is the least of my worries, you've got a great thing going on with the site. Can't wait to get into it.
tribal knoll
@frosty cape how am I supposed to connect to https://tryhackme.com/room/introtox8664 ?
spiral flame
@tribal knoll ```The username of the machine attached to the next task is tryhackme and the password is reismyfavl33t. To access the machine, SSH into it on port 22.
Here are a few things to note before beginning the room:```
spiral flame
it was in the intro
rotund wasp
there is a user with 533572 points with 0 room solved, is it some testing or bug?
user testeptional.
spiral flame
Yeah that's Optional breaking THM @rotund wasp
@frosty cape I think you've been made aware of the exploit
rotund wasp
@spiral flame thank you!
spiral flame
@frosty cape It was a PoC, pretty sure it was the private rooms exploit.
frosty cape
Thanks to @tribal knoll and @worthy stag for reporting this problem, I have rectified the issue and rolled back the users points.
Its also worth noting, I am rewarding both Sherlock and Optional for reporting this, rather than exploiting it to get #1 on the leaderboards (not that he needs it at place #2).
Thanks to everyone who points it out too. I can't trust any of you ey π
rare swallow
frosty cape
check again
rare swallow
we're back up
frosty cape
Just uploaded patch for THM
rare swallow
that's good, but when can we buy swag ?
frosty cape
So it will go down for 5 seconds
rare swallow
i want some stickers and a tshirt ;-;
frosty cape
So, I am going to do a "Level based shop" at 25k users.
spiral flame
What are we at now?
frosty cape
14.5k
rare swallow
xD
spiral flame
8cm*6cm ish
rare swallow
try turning it off and on again
spiral flame
I'm probably getting a defcon one otherwise
rare swallow
awww
spiral flame
6x8cm is smol
frosty cape
I'll make a bunch of cool merch, but at 25k users.
rare swallow
do the initial members ge something special ;-----;
tribal knoll
Are we getting new levels soon?
rare swallow
loooool
frosty cape
I might add in 7 new levels
rare swallow
if that's the case we can't downgrade to get all ;-;
rare swallow
redo levels and put cool badges on the profile
rare swallow
borders i want to say
rare swallow
frosty cape
Oh right, around your avatar?
tribal knoll
rare swallow
yeah, like, cool flex
but idk, might not be the best thing
you're the smart guy here, come up with something 1337
supple island
That would be awesome, I mean borders
rare swallow
Yiss. Anything to flex better
But i still don't agree with level based market @frosty cape . The people that higher levels won't be able to purchase the stuff they might like from lower levels
rare swallow
What about the ability of converting points into store currency to buy cool merch and we pay delivery?
?
spiral flame
High ranks will get access to more merch
rare swallow
Oh
I was thinking it's limited to the level
For level x you get 3 items and then when you progress you don't get access to those anymore you get a different set
frosty cape
Nah, so if you're level 1, you can get all basic & level 1 merch, level 2 gets you all of level 1, and the basic
rotund wasp
hello. I can't access Attacktive Directory challange. When i click deploy, it doesn't deploy and give IP info. Instead Deploy button still lit when i refresh the page.
hazy stratus
hmm, I think I might know why that is
I may need to re-create the VM for the box if it's true
pure geyser
white coloured font mr robot ?
pure geyser
i didnt figure out the white font hint mr robot ?
ebon karma
is the musicalstego still working? The link I got says the file is deleted
olive drum
musicalstego works fine (just checked)
ebon karma
indeed, thanks
mossy willow
remote laurel
@hazy stratus I have the same issue with the Attacktive Directory room, btw
frozen tide
hello there
am having some issues with task 4 in https://tryhackme.com/room/introtox8664
i'm pretty sure the answer to #1 is 60 but it not correct and idk why
but also im big noob so it prob that
tribal knoll
you might have more luck in #room-help
frozen tide
cool will do
frosty cape
@mossy willow Ah yes, I need to fix that bug
snow swallow
frosty cape
The answer format just tells you what the answer looks like
To get the formatting correct
covert kernel
I clarified it in general @frosty cape, I believe hes got it now
frosty cape
Thanks Paradox π
covert kernel
:)
ocean reef
Just a heads up that musicalstego's #4 accepts incorrect answers which messes with following tasks.
Didn't see a @pcmhdhp otherwise I'd ping the room creator
arctic jolt
#2 on Steel Mountain.. I m going crazy, tried all I could think of and would appreciate a hint, assuming its not broken π
olive drum
@arctic jolt #room-help
arctic jolt
ty
covert kernel
evening
Good evening @covert kernel
π
@covert kernel does thou wish to report a bug
No I was having troubke cracking this password taking to long haha
Ab
Ah
If thou wishes for help #room-help is always avaliable :)
rotund wasp
Hello. I cant deploy room in Attacktive Directory. It just wont boot up.
frosty cape
What do you mean? @rotund wasp - when you click deploy, does it just hang, do you get a machine IP?
rotund wasp
@frosty cape . when i click deploy it just dont give me IP address, also if I refresh the page 'Deploy' buttom is still lit. When i click nothing same thing. I just subscribed thought maybe it will fix it π
ocean reef
I think I saw someone post about this before but this is the hint for Task 4 #4 on webappsec101.
frosty cape
Fixing tonight when back home thanks:)
spiral flame
This occurs for quite a few rooms with special characters in the hints
hazy stratus
@frosty cape I have an idea as to why that might be, if it's the case you'll need to spin up a windows box for me
solar vapor
how can access OWASP Juice Shop after Doploy π©
spiral flame
@solar vapor Near the top of the room, there will be a box with a 10.10.x.x IP address. Connect to the THM VPN and then you can use that IP address in a browser etc
spiral flame
Where?
solar vapor
when use ip in browser
spiral flame
Head over to #site-support
frosty cape
@ocean reef that bug has been fixed
light whale
Kenobi room, question how much ports are open. The answer expects to run nmap without any args and not nmap -p-. If you do so there are more open ports
worthy stag
Ran nmap -sC-sV <ip> and it worked
light whale
@worthy stag yes. Thats what I am saying. If you omit p, it takes the default value (top ports). If you use -p- you scan all ports.
The questions asks how many ports are opened. It should ask how many are opened in a default nmap scan.
cloud tundra
idk if it's a bug, but the linuxctf room has a mispelled file name and has the x-flag set but it's not an executable file
fresh wing
stealthcopterctfprimer1 Networking#8 has probably a bug: ||flag says spaces but solution requires _||
fresh wing
HA Joker CTF Task#18 command should print images, but doesn't
spiral flame
Can confirm, but it's intermittent
After a redeploy I had the images there
I think messing about with LXD might cause them to go missing
fresh wing
i just redeployed, same result, idk, will try again later
vocal raptor
@olive drum Your Tor room - it's spelt "Tor", when I wrote a chapter of my book on Tor they got very (and I mean, overly aggressively) angry about it. While Tor acts as a privacy network now, its original purpose was for the use of "secure communication" and was created by the US Naval Research Labs for this purpose, released in public a few years later. Might be worth talking about bridge relays too (prevents censorship of Tor. As it is entirely open source you can block all known nodes (since Tor is not a fully P2P network, it has some centralised service name resolution servers (about 7 of them to be exact) and these contain the list of every known Tor node)).
For pentesting, Tor does not make at any point any way to hide you from the fact you are using Tor. To find out if someone is using Tor, you basically just need to ask them (its a bit more complicated, but the Tor devs have made it explicitly clear that they do not want to hide people using Tor
"makes all Tor users look the same." this is by far the most important aspect of Tor, and one that not many people understand. I like this!
"looking to hide their IP address" yes, assuming that you are connecting to a safe guard node (which you can prove)
other than that, great room π
spiral flame
@vocal raptor There's a nice talk on it, there are private bridges that you can ask for
Which is how a lot of tor in china works
vocal raptor
yes, i know :p you have to email using a yahoo email address too
to get them
or some wweird russian one iirc?
my uni has blocked tor
like completely
i have to use a vpn > tor if i want to use tor :p
sucks so much
i had an assignment on Tor, and i couldnt even access the website to read the white paper
its even more annoying because i live in uni halls and they don't block porn, gambling, nazi websites or the likes but do block Tor
((in fact tor is the only one they have blocked that i have found so far))
frosty cape
Oh really?
spiral flame
Yea
Can shoot over a DM if you want
I think it's a little more srs than I thought but not too bad
@frosty cape
tawny halo
its my first time using it
and firefox is telling me that it's having trouble connecting
I know my openVPN is good
and so is my IP
is anyone else having these issues?
spiral flame
OpenVPN room, go try it @tawny halo
tawny halo
?
spiral flame
It might be that the VM doesn't run a webserver. Or doesn't on port 80. Or it hasn't started yet. Many reasons
There's a room for getting everything working and making sure it's all good
tawny halo
I'm using the webgramming room
spiral flame
The OpenVPN room.
spiral flame
Idk ports etc for webgramming but iirc it's seperate challenges so it's unlikely to use standard ports.
tawny halo
hmm
the access page says I'm all good
but when I try to curl into my ip onto port 21001
it says access denied
rather connection refuse
wait wut
now its working
hmm
weird
actually
it seems like the connection keeps cutting
ocean reef
@frosty cape In our adventure to get me removed from /room/gamezone before I was subscribed, I think we broke it for now that I'm subscribed...
olive drum
@vocal raptor Thanks for the information! Ye you right, obviously, Tor wouldnβt be so useful on the professional scale because even most of the websites nowadays can detect that you are using Tor and simply blacklist you.
frosty cape
@ocean reef You're now unbanned from the room π
spiral flame
lol
olive drum
bug confirmed
worthy stag
π
rare swallow
@frosty cape the icons and names are the other way round π
rare swallow
cheerio
ocean reef
Potential bug in gamezone. On Task 4 #2, going through using john atm. Unzipped john and ran ||john hash.txt --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA256|| but getting ||Warning: invalid UTF-8 seen reading /usr/share/wordlists/rockyou.txt|| it then fails to find the password. Also had ||sqlmap attempts to crack the hash with /usr/share/wordlists/rockyou.txt which also failed||
Anyone able to test it? Using the kali VM for this
spiral flame
Invalid utf is a known thing
It's a bug with rockyou
But it worked for me, idk if that's the right format?
Try Crackstation
pale tiger
hi
ocean reef
@spiral flame Mind if I DM you about the rockyou stuff real quick?
ocean reef
For anyone that cares, apparently rockyou.txt.gz works with Hydra, though rockyou.txt.gz won't work with hashcat/john π
worthy stag
just tar -xvf rockyou.txt.gz done
works with everything after
but yeah hydra will take a txt.gz
worthy stag
Have something big that needs attention
worthy stag
like thic with three c's juicy
lofty apex
https://tryhackme.com/room/attacktivedirectory bug - VMs not booting
@hazy stratus I'm assuming it's your room by the name?
frosty cape
^^ yeah
@frail vessel @worthy stag Thank you for finding and reporting the stored XSS vulnerability. This has now been fixed.
As a way to say thank you and be transparent to our community, I would like to publically award you a bug bounty for reporting this safely.
frail vessel
The entire site right now
frosty cape
Can you both email ben@tryhackme.com with your username's and method to pay you (PayPal address or debit/credit card)
worthy stag
The question is, do I get bug hunter yet? π’
worthy stag
β€οΈ
ocean reef
Grats haha
ocean reef
At this point, I think I should be in #site-bugs . Alfred Task 3 #4 says to find root.txt in C:\Windows\System32\config\ however it doesn't exist.
Tried ||search -d C:\Windows\System32\config\ -r recurse -f root.txt as well as -f *.txt. Both find nothing.|| Lastly tried doing a recursive search from just C:\ and found nothing as well
spiral flame
@ocean reef ah, yes. I remember this.
I don't think you have permissions to view it without migrating process.
It's there.
spiral flame
@ocean reef yep, I remembered it
ocean reef
Well thank you for that, did not realize running as system in one process =/= same privs as system in another process
spiral flame
@ocean reef yep it's a bit weird
vocal raptor
@tribal knoll rip the images in task 3 https://tryhackme.com/room/runcescape
split barn
im having issues with the blue machine port 445 seems to be filtered
frosty cape
Ah, in the past anyone could release a room without it being reviewed
Now that all public rooms are reviewed before going public
fresh wing
ah okay
fresh wing
nice
np :)
and another question, i see, i can leave rooms with "Options" on the top right
but i joined a random room and it appeared to be paid-only
and i can't leave it now, as i get redirected to /why-subscribe with 302 immediately
spiral flame
You couldn't have joined if you were't subscribed
fresh wing
weird
spiral flame
But that's a known thing that @frosty cape was meant to fix lol
worthy stag
You can join if you arenβt a sub @spiral flame just need the room code
fresh wing
@worthy stag but i can't leave it anymore?
spiral flame
Well that sounds like it needs fixing
worthy stag
Yeah I had this issue a while back
drifting galleon
when creating a kali instance it hangs when i select UK keyboard
stark ivy
hello rowbot
frosty cape
Kali machine freezes when keyboard layout selected
Join random room, stop non-vip users joining vip rooms.
On my to-do list
fresh wing
<3
there are btw at least 2 buggy rooms, idk if there is some official bug tracker or something?
spiral flame
It's been discussed
vocal raptor
When creating a task, if you don't assign to a room, click "create task" you get this error. If you then try to assign it to a room, it is impossible to click "create task"
Which I'm slightly salty that my 30 mins of work was deleted because I had to refresh the page as there was no way to click "create task" once you have selected a roon ;-;
spiral flame
My process for creating content involves typing it up elsewhere first
frosty cape
@vocal raptor I am so sorry about that! Putting that to the top of my to-do list
tidal kiln
anyone else not seeing a way to enroll in the oscp path under tryhackme.com/paths?
i'm just seeing red/blue primer series like always
orchid remnant
If you're already enrolled in the primer series then you won't be able to see any of the other paths. That might be it @tidal kiln?
tidal kiln
yep, once i left i was able to see other paths
also on torforbeginners room, the onion site listed in #3.3 appears to be down
ornate moss
Vm's that I deploy seem to stop responding after 1 hour
edit: and shutdown
Re-opening the vm solves this issue
spiral flame
@tidal kiln people were reporting that, but at the same time other people reported it was ok
@ornate moss yes, intended behaviour. Unless you extend them, they die.
ornate moss
yea but it shoud expire 12 hours from when I launch it right?
if not then thats also a bug
worthy stag
@ornate moss you get an expiration time once you deploy. Itβs one hour and you can instantly extend for another hour.
Not sure where you found 12 hours
worthy stag
It goes off your virtual machines time so chances are thatβs off
Intended behaviour is one hour
ornate moss
yea that is weird
I usually get about 300ms when pinging the vms so maybe that could be a factor
spiral flame
@ornate moss it just means the time it's displaying is in the wrong timezone
@frosty cape we got another timezone bug
fossil haven
Why is the leader board all screwed up. Completing rooms only changes the overall leaderboard. Not the leader board for the month?
worthy stag
@fossil haven monthly leaderboard is now only boxes released this month
fossil haven
@worthy stag how do you filter by month
worthy stag
That isn't a thing but is a great idea to add
fossil haven
@worthy stag it seems like the only way to know if they are in the current month is to click on them. The task will show the posted date.
Would be nice to have a filter option a user clicks on hacktivities though
mmmmmm
worthy stag
Have recommended in #544951750801752079 as it would make logical sense
the feature has only been configured this way since today so it's fresh so will require development
but will be better in the long run
fossil haven
@worthy stag just thought it was a bug because it seems like there isn't any docs for the leader board. Unless I'm blind. Will post there in the future for ideas
drifting galleon
anyone having problems with the vpn?
Unroutable control packet received from [AF_INET]18.202.129.195:1194 (si=3 op=P_CONTROL_V1)
orchid remnant
Sorted it over in #522158404614225920 @frosty cape. There were multiple VPN connections open simultaneously.
vocal raptor
@frosty cape having trouble uploading a .jpg for a task, been trying for quite some time. Maybe 20 - 30 uploads attempted. I keep on getting "An error occured. Please refresh the page and try again."
its a 36kb .jpeg file
worthy stag
@vocal raptor why not host on imgur?
vocal raptor
Because I really don't want Google to index it
Unless there's something on Imgur for that haha
actually wait i can just use github i guess
worthy stag
can always just title it something really obscure and it won't affect it
github works too but can be indexed if it becomes popular
vocal raptor
yeah it'll still index π¦
maybe thm will accept a zip folder
Nope π¦ Maybe my uni is blocking uploading to thm or something
i cant upload anything at all π¦
spiral flame
VPN?
vocal raptor
haha its ok π
and i did just try on a vpn
my uni blocks so much it wouldnt surprise me if they blocked uploading to thm
can't even access the tor white paper which is needed for an assignment ππ
frosty cape
@vocal raptor
Try upload again
Fixed it
omg lol
Deploy Kali machine at uni
Then you have no restrictions
covert kernel
starts typing essay in cherry tree
kali machine terminates
omegalul
vocal raptor
When you click on order by, set to newest. click on a room, then press back button it is still "order by newest" however what is on the screen is the default most popular and you can no longer "order by" unless you refresh
oblique kelp
can anyone help with an issue deploying my machine?
frosty cape
Sure, lets move over to #site-support
orchid remnant
Is this abnormal or am I missing something?
Adding code snippets to a new room.
frosty cape
Yeah thats weord hm
orchid remnant
I mean, definitely not a huge problem or anything, but slightly amusing nonetheless.
light whale
EDIT: nevermind π
spiral flame
Not a bug
orchid remnant
Got another one, @frosty cape
Not sure precisely what caused it, although I could hazard a guess if pushed.
spiral flame
Wait, what room?
orchid remnant
That's one I'm working on. Just a preview, but it's doing the same thing in the task editor
spiral flame
If you have an exploit for that sudo vuln, DM me
orchid remnant
Not yet -- only the proof of concept, same as you. I saw the conversation you had in #room-ideas earlier. I'm writing up the theory just now, and testing the POC when I get access to VMware in a bit. Waiting for the exploit before submitting though.
spiral flame
If you find a working exploit, my DMs are open.
orchid remnant
Likewise. It's a full root shell you're going for, yeah?
spiral flame
Command execution as root, via that vuln
Doesn't matter if it's full shell etc, you could pop a rev shell or something probably
orchid remnant
Fair enough, sorry - misread what you said earlier!
Have you tried the POC by the way?
spiral flame
It's just a segfault
orchid remnant
Just looked at the exploit-db entry: so it is.
Handy.
I'll keep an eye out for a working exploit. Let us know if you find one too
spiral flame
I'll keep looking
urban flame
My mistake, being a tad blind. Could someone add a space between Level and the level number please?
Firefox CSS for dashboard is also off, looks somewhat different in Chrome
urban flame
Cheers, for a second I thought the level said 110 and 111, would have been awesome to be that high haha
frosty cape
Aha, I'll change it
winged abyss
Hey guys
flat maple
Seems to be a bug with the leaderboards. I thought they changed it so that the monthly leaderboard would only count points earned from rooms released during that month. The scores on the monthly leaderboard are much more than the total points you can earn from the rooms released this month so far. Unless that change has not been made.
frosty cape
Hi @flat maple read "How points work" https://tryhackme.com/faq
Essentially, for the monthly leaderboard, you get points for new challenges 100%, old challenges 25%, new walkthroughs 25%
Hope that clears your question up
Hi @winged abyss π
winged abyss
Hi @frosty cape π
flat maple
@frosty cape Thanks for the link, was missing the last part of the info about old rooms still counting but for 25%
frosty cape
Yeah, no worries
tribal creek
@sly raft
olive drum
@topaz venture thanks for a wonderful room on Jupyter! I found a small mistake tho. It the room [Task 8] it says "navigate to task 8 directory", while on the server it appers to be named "task 7". It doesn't affect anything significantly, just a small typo
topaz venture
Thank you @olive drum! Slight oversight. I'm going over it all with a fresh pair of eyes π
olive drum
topaz venture
Renamed all the directories to a much more logical sense, re-uploaded the VM and reflected these changes in the rooms' tasks. Thanks for spotting @olive drum o/
kind flint
@covert kernel I believe you are the creator of customwordlists. I am having issues with getting results, not sure why, fcrackzip fails to find a password. zip2john gives an error. when trying to use unzip I get oot@kali:~/Downloads/Flags_Part1# unzip flag1.txt.zip
Archive: flag1.txt.zip
skipping: flag1.txt need PK compat. v5.1 (can do v4.6)
zip2john
ver 81.9 flag1.txt.zip/flag1.txt is not encrypted, or stored with non-handled compression type
covert kernel
DM me with more information @kind flint
fickle locust
@olive drum Onion link on 'TOR for beginners' down. Hope it getΒ΄s back up soon. Thanks!
olive drum
It is not down! working fine
Just try pressing Ctrl+L do build a new connection and youβll see it @fickle locust
fickle locust
Yeah working perfectly now, thanks! @olive drum
olive drum
Np
deft jackal
there is a badge for this section not listed , LINUX badge
spiral flame
It doesn't list any badges, those are seperate?
deft jackal
for example in this section i get burp badge
frosty cape
@deft jackal We're re-doing the beginner path, so ignore the badge bit for now
olive drum
it is showing the new room twice
tribal knoll
They're different rooms
orchid remnant
@olive drum did wonder about that. It's because they're the same series. I think I'll change the colour in one of them
frosty cape
@orchid remnant Yeah different colours would be cool
orchid remnant
There we go!
frosty cape
Perf
spiral flame
frosty cape
Oh it's not sorry, I competed your room then reset my progress
So it's displaying as a completed ueer
spiral flame
Interesting
bronze peak
i saw this today in my email when one of the guys i know left my team
should be "You lost a member"
frosty cape
Ahh good spot
I want to re-do teams at some point
I am not a fan of how its created on profiles
I want there to be a team panel
And there be a team leaderboard etc..
2020 Team Rebrand π
bronze peak
Yeah that would be great and maybe for now just up the amount of members we can have in a team lol its restrcted to four and there is 6 of us in total that wanna get in to a team together π thank you!
bronze peak
TMUX room just seen it says "up" rather than "us"
rare swallow
https://blog.tryhackme.com/company/hackback2019.html/ doesn't work @frosty cape
frosty cape
Oh right, where are you getting that link from?
rare swallow
hackback2019
urban flame
Is that a bug? The user points > rank points. Guessing highest rank with points so it can't update any higher
worthy stag
Yeah it's not a bug. It'll just grow now @urban flame
urban flame
Added an idea submission based on that post, could be something cool
Makes it more competitive
spiral flame
frosty cape
Updated, will be live soon
fickle locust
@frosty cape IΒ΄ve completed the blue machine and didnΒ΄t get the badge
urban flame
@fickle locust that happens with some rooms, if you have completed the room before the badge was released, it won't update
@frosty cape, that's defo one to fix, especially as profile badges are a thing now π
fickle locust
Okay cheers
urban flame
I think I'm missing 4 or 5 atm
frosty cape
Ill write a script to check every user this weekend π
dire sable
a
covert kernel
Hi guys, I just want to ask you about room Blue.. There is not possible to run exploit ms17_010_eternalblue. Every try ends with
[+] 10.10.135.179:445 - ETERNALBLUE overwrite completed successfully (0xC000000D)!
[] 10.10.135.179:445 - Sending egg to corrupted connection.
[] 10.10.135.179:445 - Triggering free of corrupted buffer.
[-] 10.10.135.179:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.135.179:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.135.179:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[*] Exploit completed, but no session was created.
Do you know how to configure vpn/metasploit to work this exploit?
spiral flame
@covert kernel Yeah it's a dodgy exploit
Try updating msf
Or the THM kali machine if you can
I went through 3 kali installs for it
kind compass
Hi, this machine is not deploying right, it only says that it's deployed but it doesn't start, I've been waiting for an hour, I also tried yesterday
orchid remnant
Hehe. All this time and that's still catching people out.
@kind compass it's working just fine. That machine blocks ICMP requests -- it's got a firewall on it.
Try adding -Pn to your nmap scan π
kind compass
@orchid remnant Hahahaha OMG!!! I'll never forget this I promise, thank you
orchid remnant
Hehe, You're welcome π
acoustic saddle
Now we know the request type and have a URL for the login form, we can get started brute-forcing an account.
Run the following command but fill in the blanks:
hydra -l <username> -P /usr/share/wordlists/<wordlist> <ip> http-post-form
Guess a username, choose a password wordlist and gain credentials to a user account!
thats not how you brute a website login from what i am seeing. it spits out 2 errors when done in exactly that format just wanted to post here
spiral flame
@acoustic saddle fill in the blanks and it should work
orchid remnant
@acoustic saddle I'm heading into a lecture in about half an hour, but if you DM me with exactly what you're trying I'll give you a nudge in the right direction.
olive drum
tidal kiln
having trouble getting to websites in Kali VM tonight. can't apt install stuff, can't browse to google.com
anyone else?
olive drum
the internet is disabled until tomorrow i think
tidal kiln
ahh yes, turning off the ol' internet switch
supple ruin
I have this issues when use multi/http/struts2_content_type_ognl to exploit CVE-2017-5638
--->> [-] Exploit aborted due to failure: bad-config: Server returned HTTP 404, please double check TARGETURI
help me please
supple ruin
I set it TARGETURI /struts2-showcase/
spiral flame
Wrong chat, but loads of people are from UoP @timid locust
timid locust
Which chat then?
tribal knoll
spiral flame
timid locust
Thanks
vocal raptor
@frosty cape your THM emails are going to spam on Protonmail:
This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded!
"Learn more"
Specifically, Proton thinks you failed one of these:
(SPF, DKIM, or DMARC
sly raft
really
Athays strange
**that's
will check it out later today - thanks for flagging it :)
vocal raptor
Idk if its causing it cause protonmail lists 3 things it doesnt like about this email, but the email authentication stuff is in red so
sly raft
As far as I know, we have our domain Auth done properly