#site-bugs

took me a minute to figure out what I was doing wrong

Just a tad confusing for XSS challenged noobs

simple CTF, exploit no longer works. Tried rebooting several times, continuously returns like this (should be returning ||mitch's email and password||)

Question from "Google Dorking" takes the "dorks" as correct without the ":", this wouldn't work in real life. Without that the results are significant different

You have problems validating the flags -/-- and now :

Answer tolerance is answer tolerance

Creators have asked for more control over it

Hacking with Powershell question 3.3 correct answer should be 7935 but says incorrect answer

Not incorrect, you are not filtering properly

Don't trust writeups, they can be wrong and shouldn't directly give answers

can i dm you ? dont want to spoil too much

No.

#room-help if you want help

okay

Room: Kenobi
Issue: missing id_rsa in /var/tmp

Not an issue, user error

You need to copy it

it's not in /var/tmp when you deploy it.

yep helped them fixed it

thanks

I am doing Attackerb room but the it is showing IP of Source.. I tried 3-4 times restarting, login out everything same error.

Source is the VM for this room

this is correct

is that so?.. oh I thought I have just complete the Source

and then that is showing here

its the same VM, it just also got released as a standalone room

thankyou..

Another page button bug
Steps to reproduce:

• Enter hacktivities
• Filter rooms so there is only one page and the page buttons disappear
• Change the filter so there are more than one page and the buttons reappear
• The "Next" button is disabled

Expected behavior: "Next" button should be enabled

hi is there negative marking in points when i give wrong answer cause i've completed a room and my points are so much less while others have good points ....my points didn't increase why??

@covert kernel the people who complete the room first get bonus points. There is no negative

its also up to the room creator if the questions give points

@covert kernel are you getting 8 points while others have 30?

for walkthrough rooms you get 8 points for one question, in challenge rooms it's 30 + 50 if you're first

if you're getting less points than others it's probably because these other people finished the room before the point conversion and while converting all answers were set to 30 points

all are getting 600 points mine is stuck at 172

sorry at 176

yeah thanks man got it

yeah but why

A verification link from the email expires after a couple of hours while these two work for two weeks straight

why so?

that's why i put it into #site-bugs

because it's unintended behaviour

@olive drum so is it normal getting 8 points for each question in walkthrough?

yes

^

how to finish the room before point conversion?

You don’t

the point recalculation was done a bit ago and so anyone who did the room before that time got the points you see there’s no way to get that amount of points now

i'm getting this so we've got like a date or sth before that who finishes will get 30 points each and after that will get 8 am i right?

no the point recalculation happened a while ago for all rooms and questions the rooms from now on generally have 8 points for walkthroughs and 30 points for challenges no matter what

The only time you can get extra points now is if the admins assign bonus points to a question or if you get first blood on a question in a new challenge room

oh thank you for clearing my doubts appreciate your help

found a bug, Attacking Kerberos room, when ran mimikatz.exe, it gets removed by default Windows Protection

wait what

you’re using Mimikatz on the provided vm?

mimikatz is preloaded into the provided vm

can you terminate and redeploy for me

u mean the room vm?

yes

done, redeployed

I think there is a answer problem in the Blue room. Task 2 Question 3 where it asks to enter in the required option for windows/smb/ms17_010_eternalblue_win8 Its supposed to be "RHOST", but the answer is not working. Even the demonstrated video shows RHOST is the answer.

RHOSTS

Wow, thank you so much. I don't get why it would be plural

there’s a difference between RHOST and RHOSTS I’ll let you do your own research

@dapper silo I just deployed an instance of it it’s fine for me not sure why defender decided to pop up on your instance

thx

i think its cuz when i enter command "kerberos:ptt [0;116c31]-2-0-40e10000-Administrator@krbtgt-CONTROLLER.LOCAL"

it got qurantined

the file was missing extension.kirbi , thus it picked it up

It shouldn’t have everything is turned off on that machine

👀 ,ok

happened again

lol "hacktool"

In the room "PS Empire" for task 3.7, where you need to answer what it is you need to specify to change browser profile, the answer is ||ServerVersion|| but on a new install of Empire, the "info" panel now lists the command as|| Headers||

It’s already been addressed.

damn, has it? I tried to find out if it had been through the Discord search function

nvm, found it 18/06/2020

Maybe I don't understand the terminology correctly. But on CTF "knockknock" question #3 asks what port is the last knocked and the answer you have to give is incorrect.

should be ||9000||

sorry if this would not quality as a "bug" didnt know where else to submit.

#522158404614225920 ..?

nah if it is a problem with the answer of a question it belongs in here

Oh whooops I read it wrong

ok cool. I got screen shots if needed otherwise it might throw others for a loop like it did me.

@dire ferry As it happens, I reported that a while back.

Now I have room edit perms

Thanks for reminding me 😁

@orchid remnant NP thank you!

The https is not loading here https://tryhackme.com/room/owasptop10

It loads just fine for me

^

https://discordapp.com/channels/521382216299839518/559443389058252800/730005071605137459 <-- Still working.

@frosty cape the AttackerKB room banner cuts out the rapid7 logo

@frosty cape the AttackerKB room banner cuts out the rapid7 logo
@cinder crow Whats your screen resolution out of interest?

1366 x 768

@frosty cape maybe move the rapid word

more closer to the B

its not their banner not sure if he can really do that

!!

Room: CC: Radare2
Issue: there are several <krb> or <code> tags that are empty.
Bug Location:Task 3, Task 4, and Task 5.

@covert kernel fix ^

I would like to report a bug with the room --> brainstorm

FTP client has an issue on that box says bind port in use and cannot run dir/ls on it bind address already in use

Ah yes, that's a known one fortunately. Connect to either EU-VIP or EU-Regular 1 and use the passive switch (-p) in your ftp command @crystal juniper

if it's your first time switching VPN servers you'll have to regenerate your config but any switches after that you won't need to

every time i use the -p it hangs up

on 227 Entering Passive Mode (..)

ill try a different vpn region

@topaz venture I was able to access FTP as normal without -p

I appreciate the help!

Ah neat!

Anytime (:

Not a big deal but found a typo on the 'Network Services' Room, Task 10. In the example for the Hydra command the reference a username of 'Dale' however it is 'Mike' not sure if thats on purpose or a typo

Im having an issue with the Burp Suite room, Ive followed it to the letter 3 times now with no success once I get to Task 3 Exercise 8 I get the following error in my browser : The proxy server is refusing connections

That's most likely not a bug with the room

Do you have any idea what could be the problem?

Your browser is still trying to use Burp Suite as a proxy. Which I'll assume by that error you either have the interceptor turned off or Burp Sleep closed all together @random monolith

Either turn the interceptor on or configure Firefox to not use a proxy 🙂

Yeah the browser is using the proxy I told it to like it says to in the room, I cannot open anything in the browser eg google. Is the interceptor turned off by default? This is the first time Ive ever opened it today?

from the sounds of it either you have yet to forward the request burp is intercepting or you have yet to import burps certificate

I can't get to the stage of the CA certificate. The problem is if Im following a room that is supposed to be a pathway of teaching, when you follow the instructions to the letter it should work. Nowhere does it say turn on interceptor or configure Firefox to not use a proxy.

The interceptor is 100% running Ive turned it on an off 5 times. If i remove the proxy from Firefox I get another error: unable to connect of which makes perfect sense.

When you unsub then
Typo: should be Don't instead of Dont

*Dont instead of Don't

Guys. How do you access your host shared folder from@docker container ?

I’ve installed docker and a custom pentesting lab. But I need to share some files between host and container

#general

How does this belong in #site-bugs?

Oh sorry

Wrong section

My bad

Hey there. I used ./enum4linux.pl -a {host for "Basic Pentesting"} https://tryhackme.com/room/basicpentestingjt but not responded. I will check walkthroughs but i think somethinks is wronge.

#room-help

ok its fixed 🙂 thx

Not sure if its a bug or if im making a mistake but in the room ninja skills, I cant seem to find the file "bny0", I have no problem finding the others with the find command so? sorry if its not a bug but me being an idiot

On Advent of Cyber, there is a missing image

Not sure if its a bug or if im making a mistake but in the room ninja skills, I cant seem to find the file "bny0", I have no problem finding the others with the find command so? sorry if its not a bug but me being an idiot
@dusk oak Me too. Ask someone to look at few days ago. Maybe someone can fix that?

Chances are it's not missing, it's just being blocked

Make sure you can access Imgur properly

imgur works, but there is a certificate issue on carlisletheacarlisletheatre.org, firefox nor chromium can reach that

in room: https://tryhackme.com/room/ignite
clicking on lollava takes you to a 404 page.. i think para changed his name on THM so that's why?

He did 🤔

@orchid remnant quick one for you

Fixed 👍

offensive pentesting path shows a red bar even though ive completed both rooms in the section

@pine quiver new task added in kali machine

so even tho my sub has expired i still get to use my vip vpn

pls fix that

@frosty cape would I be right in thinking this was due to the naming scheme changing?

Might need fixed manually. I believe Mr Holmes' one is still working too

yah so there is that xD

yeah so it works but my internet is hot potato and i don't know will this upload

room Authenticate, I imagine it's supposed to say should be difficult to decrypt or something

same room, the token given in task 4 is actually the token to authenticate as admin, not user2, which is what its supposed to be showing you

which gives the answer to the question btw^

You can change your email in Your Profile on tryhackme.com and not have to verify it?

room youcantsolvethis, flag 8 not accepted

please advice

second paragraph. i think they meant to say ssh was replaced with telnet, as the answer to question 2

@covert kernel that is what it says?

second paragraph. i think they meant to say ssh was replaced with telnet, as the answer to question 2
@covert kernel Wait, what

Telnet did not replace SSH

Oh I see. Yea no it’s right as is

@covert kernel Wait, what
@spiral flame read replacement

It's just fine

it says telnet replaced ssh

wait

just. fine.

Boi no it don’t

i am either extremely drunk or extremely high

sleep deprivation is bad

Indeed it is

Does anyone have problem with mrrobot ctf!! With a simple nmap scan the machines comes down, even worst if i launch wpscan, im considering downloding the vulnhub version

Been awhile since I’ve done it but I don’t remember any problems

Does anyone have problem with mrrobot ctf!! With a simple nmap scan the machines comes down, even worst if i launch wpscan, im considering downloding the vulnhub version
@green hare check your vpn?

owasp 10, practice not practise

also ... no ability to connect to the machine?

There's no machine

Yet

It should be "where" not "were"

Yep, I've reported this before I believe

Okay

#685858111952781324 message

I'll bug Skidy more in the morning

wait

James look at the bug you submitted it’s the opposite

No

It's not

oh wait my god I need to learn to read

😉

Hey, I think Blog room is having problems

it's really unstable

Same here

Didn't get that problem myself but I saw others get it when bruteforcing with too many threads or just opening the site too early as the DB needs to start up

I waited for 20 min. Still same error

Removing blog.thm from /etc/hosts, makes it work normal. ( For me )

Huh

This shouldn't affect the site

Opening it without the .thm redirect just broke the page because it couldn't load assets from that domain

Bug in terms & conditions. Put the space between GDPR and the full version. ** TryHackMe adheres to GDPR(general data protection regulation) and are GDPR compliant when collecting and processing user information. **

https://media.discordapp.net/attachments/729034912497270874/731560971407196231/unknown.png?width=1026&height=660

reporting a bug from KOTH

spectators can see the IP

contact me for more info

Wait, how the heck is Donuts losing?

contact me for more info
@rose solar Send it in an email to support@tryhackme.com 🙂

This is the same match I've brought up Muirl 😆

Wait, how the heck is Donuts losing?
@orchid remnant the machine was dying, ppl were killing his shells, no one was patching anything, didn't get to see his rootkit in action, planned resets and he was streaming it in the discord as well.

I see

@rose solar mind if I DM? I got it to work two times before but no more. seems to randomly display it for me when spectating things

yeah you can DM me

I think I know why it happens

@topaz venture the IP should be sent only when the koth-private message is sent

any tips on lagging servers?, doing the linux privesc and it hangs after every command

@undone nebula room task evidence screenshots?

I am sorry. I don't follow the quesiton

Which room are you on. Which task are you on. Do you have screenshots of what’s going wrong

"Common Linux Privesc" I have my VPN setup and I ssh into the box but then it hangs, I have to wait for some kind of a time out or something before I can type anything.

I switched VPNs to EU and no difference, just wondering if there are known issues with that room

or is it the entire environment being laggy

I’ve never had an issue with it nor have I known anyone else to have an issue with it

Post a screenshot in #site-support of the issue

Even after koth reset it wont kick me out of the box...

Bug or a feature? 🤔

There's normally like 3mins or so

It used to be instant as much as i remember..

Will check that out in the morning

Ah, you mean after a reset

Weird

There is some kind of bug with the Streak. I definitely did not miss any days and the graph shows this, but today it just reset itself and now I'm back to 1??

You can have it reset without missing a day

it doesn't work on days

It works on 24 hour spans

Yeah, well it clearly says DAYS.

If you answer at 10am one day, then 2pm the next, you can lose the streak

because more than 24 hours have passed

PG13.

Calm down.

👀

it's being changed.

It's carnival mechanics where the rules aren't what you think they are.

Thanks for the feedback. It's being changed.

Ran into a problem with the Web Scanning DVWA room. I had to google since I could find any answer in the format from the list of alerts. Google got me to a write up for the right answer, but I kinda felt setup to fail.

Known issue

It's on Dark's list

It's on Dark's list
@spiral flame

Yes?

Where is the list.

Having issues

Where is Dark's list

You don't have access to it

It's Darkstar's list of things to fix

Just a typo, but Alfred, Task 3, #2 says to enter load_incognito but it should be load incognito without the underscore

@orchid remnant

Weird, Now the koth machine is instantly kicking me out as i press the reset button.. was it fixed?

Is there a bug in Alfred’s room? Specifically when priv escalating and not finding the flag where it is supposed to be?

No

There's a question that tells you something you need to do before you will see the flag.

Read the questions

Weird, I am NT/Authority and went to the exact location and there is no root.txt, might redo some steps

Thanks tho 🙏🏻

No

You missed one

There's a whole question dedicated to it. Telling you what to do. It doesn't require an answer.

This is not a bug

This is user error.

If you need help, use the help channels.

Probably, I escalated in my own way. I will follow along the steps then> You missed one
@spiral flame

Sure tho

Hashing -Crypto 101, Task 4, #2 - example hash that is shown on hashcat.net is the "correct" answer. if possible, the example hash obtained by running hashcat -m 8100 --example-hashes should also be counted as a correct answer. The tool itself should be considered a more primary source than the website for the tool?

Hashing -Crypto 101, Task 4, #2 - example hash that is shown on hashcat.net is the "correct" answer. if possible, the example hash obtained by running hashcat -m 8100 --example-hashes should also be counted as a correct answer. The tool itself should be considered a more primary source than the website for the tool?
@timber marten You're told to use the website

in the hint, yes

it's fine. just a suggestion

I'll state it in the question for you then

enjoying the room, btw

There's a sequel coming soon

in the hint, yes
@timber marten We've asked for more control over answers, I'll consider it when we can add multiple answers

ZTHObscure WebVulns, task 14, public key not where it says it is

I remember this. And I remember there being a fix. Give a sec to search

ZTHObscure WebVulns, task 14, public key not where it says it is
@pine quiver Try Curl

Or telnet/netcat

ok i tri

I agree it's probably a bug, but here's a workaround that might work

yea that worked, thanks @spiral flame maybe put that as a note in the room or something?

@covert kernel This one's on you

yea that worked, thanks @spiral flame maybe put that as a note in the room or something?
@pine quiver Curl or manually making the HTTP request with nc/telnet?

curl, ill try with nc and telnet too and let you know

I've seen that work

Curl is easiest

idk how to do it with either telnet or nc lol so that doesnt work for me, but idk the syntax

You'd be making a HTTP request manually

I'm planning on making a room that covers this

worked with netcat

worked with telnet too

and i learned something new, so thanks ya

I'll bug Pars until he adds a note

Huh?

Weird yeah I'll add that as a note

@covert kernel also, the jwt-cracker you suggest to use requires npm to get it up and running, which was a pain the butt (at least for me). So I used this: https://github.com/brendan-rius/c-jwt-cracker instead, which worked for me and was easy to install

great room though, i learned a ton 🙂

https://tryhackme.com/room/rpwebscanning

Don't know if this has been addressed

Task 2, Question 10:
Nikto scans can take a while to fully complete, which switch do we set in order to limit the scan to end at a certain time?

In the newer version of nikto, this is not an option in the manual, which I could find. I had to look through older versions of nikto (someone might have to check this as I might have just missed the option).

Task 3, Question 8:
What Alert does ZAP produce to let us know that this site is vulnerable to XSS?

After performing manual and automatic scans, nikto struggled to find the answer the room was asking for. I do not know if this is an issue for me only but I did have to go into write-ups to search for the answer.

The XSS alert, and the reason behind it are deprecated

That last one is on dark's list

👍

I'll add the nikto one

I can no longer use "Enter" to submit an answer on a question in a room 😮

iPhone 8 calendar just doesn’t fit properly

use android then, problem fixed

Did the room said you need to open chrome?? You can see that Internet Explorer down there

Advent of Cyber, day 13: When I enter into the remote desktop, there is no Chrome application
@covert kernel not a bug.

Not responsive

is that on a phone...

THM on mobile just doesn't really work

It's not something it was designed for.

the Corp box has a bug, when trying to log in as Administrator with the decoded password it says that the password expired, i checked the writeups thinking that's a problem that i have but this guy is also having the same problem:

|| https://www.nav1n.com/2020/05/tryhackme-corp-writeup-bypassing-windows-server-2019-applocker-and-kerberoasting/||

@iron hollow yes, known issue

well, can i get my flag xd i want the points

Yes you can get your flag

Have you tried reading it?

type C:\windows\admin that one

returns a permission denied

cuz lol im not administrator rights

oh wow

from CMD it gives an error

but from fileexplorer i can just double click it lol

did you check if that path exists

well

type C:\Users\Administrator\Desktop\flag.txt this returned permission denied

The room is on the list of things to be fixed

after i enterede administrator directory now it doesnt give me a permission denied

weird windows

yea okay, thank you

i asked cuz there is no bug in the "known issues"

Only the admins can add to known issues

So no one adds them

Because the admins are busy

😛

@iron hollow that returned permission denied as which user?

fela

let me double check

5 minutes to boot the box back up

@pine quiver

is there another user that you can sign in to?

besides admin

hold on

did yuou ever done this box?

if you done this box you know

you can log in as dark and fela

oui oui

i have done the box

and on this user fela you have access denied BUT ONLY until something happends

let me show you

so you seen the picture right

now let me show you this

It's a known issue

It's been reported

It's on the list

if you click continue here you get access to read that

yea i couldnt remember if you start logged in as dark or fela. You should be able to ||read the flag as fela|| i just didnt remember

dont know why that doesnt work now

see

YEA

but you need to do that

with the fileexplorer

you needd to open to get rights or something

cuz if you try only with cmd it doesnt work

weird

worked for me in a regular cmd

for me not ;-;

Clearly my command line in better than yours

Not sure if this is where I should ask. I am trying to get everything setup. I downloaded the openvpn config file and ran it like the room said to. The access page shows that I am connected however when I click the http://machine_ip link It doesnt work

What am I doing wrong?

Have you deployed the machine in the room?

Also this belongs in #site-support as this is not a bug

Sorry, When I clicked the discord link for having trouble this was where it brought me. Also, I'm dumb I completely missed the deploy button. Thanks!

@frosty cape can you change the invite link to take people to #room-help or #site-support or something pelase?

UOPeasy, the last question, the password isn't in the password list provided

@frosty cape can you change the invite link to take people to #room-help or #site-support or something pelase?
@spiral flame Which invite link, the main THM on sign up one?

I'm assuming in the welcome room?

or all of them?

Sorry, When I clicked the discord link for having trouble this was where it brought me. Also, I'm dumb I completely missed the deploy button. Thanks!
preventing this

They really shouldn't drop people into this channel

There seems to be no avatar for room https://tryhackme.com/room/convertmyvideo

There was, I imagine this is the load balancing issue again

reproduced here

Minor UI bug
CC: Pentesting room
Task 23 [Miscellaneous]: A note on privilege escalation
The 2nd link in 'Linux' has a opening bracket inside the link which instead should have been outside the link

@covert kernel one for you pal :3

Thanks @sonic sail

I see this

I should probably fix it

So I will fix it

Love it

Thank u

/upload still has the bug of saying "You are already uploading. Please wait for this upload to complete. If this is an error, click reset your upload." and clicking Reset Upload doesn't work - you need to log out and in first

Just noticed that a few minutes ago too, can confirm

Even after upload is long finished, it's stuck on that message until the next time you sign out and back in -- and even then you still need to click reset afterwards

Clicking reset before logging out and back in does nothing

It takes a couple of clicks (within the region of 10~) to solve it for me

Sometimes I have to log out and log back in

Session handling?

room: brainstorm
task: 1
question: 2

the answer it’s expecting is 6, however it should be 3

Can confirm

Flag got leaked by muir

That is not a bug James!

It's a security flaw

Do you want me to reset your progress and change it, will that make you happy?

The admins misplaced their trust

😮

It is literally a placeholder

leaaaaaaaaaaaaaaked

👎

I mean, if you really want me to change it 🤷‍♂️

I blanked it

I mean, I can change it if you really want

nah this needs to be escalated to Skidy & ashu

Otherwise, where's the bug 🤣

There's been a breach of trust

👀

Hey, James?

I want bug-hunter for exploiting it!

😮

No, I'm not throwing you into that pit 🤣

I found the weakness, which was muir, and exploited it!

Although I will point you at #room-testers 🤣

@spiral flame duplicate, closed

I'll close you in a minute!

🤣

I'll close you in a minute!
@spiral flame may I know how?

I'm afraid that information is classified

i got the flag for jeff but it wont take it....

im putting it in the right way as well. still says its wrong

user error, not a bug

You need to do something first before submitting it.

gotcha

https://tryhackme.com/room/xss
Node.js Server Buffer Overflow Crash
Submitting 251 or more characters into any input field that stores data server-side will cause the Node.js server running on port 80 to crash entirely. Fields affected are:
ip/ Registration Username Input Field
ip/ Registration Password Input Field
ip/stored Comment Input Field
Solution:
Limit input to 250 or less characters, or adjust logic to allow larger values

additional note: the script that the website gives you on the Keylogger section can easily trigger this crash, and unsuspecting new users may accidentally trigger this crash while attempting to use the keylogger for its intended purpose.

Just for me ?

#site-support

No it’s not

Hello is anyone else having problems with the premium in browser Kali machine constantly disconnecting?? Thanks

Like literally every few seconds

Are you accessing it in another tab?

You can only have 1 view of the machine

I click full screen which automatically opens another tab

Yeah, so you can only have a single view. I'd recommend controlling the machine in the other tab.

Ah so even though it says disconnected on the original (small screen) page, its not disconnecting on the large screen?

If I just stick with the full screen view?

Yes:)

Its because you can only control the machine from one view. Either in the new tab (recommended) or the my-machine page.

are you telling me that you don't do everything on a tiny 300x200 terminal window???

smh

yes im sorry i just cant

LOL

bad hacker alert..soz

thanks guys and gals 😄

Hi All, I am facing following issue

Issue - Answer Key is not coming up
Room - Cross-site Scripting
Task - Task 8(Filter Evasion), Question 3
Payload - <h1 onclick="alert('Hello')">Sumit</h1> or <h1 onclick="let a = String.fromCharCode(72, 101, 108, 108, 111); alert(a)">Sumit</h1>
Expected Output - After alerting Hello, there should be key appearing
Tested Browser - Chrome, Firefox

Hello is showing properly, but answer key is not appearing after this

known issue

Can you please tell me , how to solve it. Need to complete the room

@pine quiver

don't know, got the same issue as you. It's looking for something specific for the answer, but idk what that specific thing is

I tried "Hello", 'hello' everything. But it's not working

@pine quiver Are you stuck at the same?

Yes, idk how to get the flag to appear for that one

Oh

DM me if you really want to know the specific input needed to trigger the flag

but there's a big hint on the Task for it

I am new here, can anyone guide me from where to start?

can I dM @covert kernel

@mint owl if youre subscribed theres a complete beginner pathh 🙂

I did not pay anything, where should I go and pay? I am really interested to learn

probably #site-bugs is the wrong place to ask for these kind of questions

#general

Thank you guys- appreciated

Hey,
i have found a bug in the XSS room, in the playground website. who can i disclose this to?

You just type it here

But that room is highly broken

I'm not too sure if this is a bug or a due to parsing but

Cross-Site Scripting - Task8 Q3 The word Hello is filtered. but '><img src=0 onerror=alert("Hello")> works as an empty dialog box is called and as the browser parses ok a new popup is displayed with the answer.

yeah, the room is very old

I'm looking into alternatives RN to possibly replace it

i'm actually sure a lot of these bugs are probably because these methods weren't as well known back then

Nah I think it was just naively programmed

that too

Looking for fixed payloads to a problem with a huge number of solutions

Task 3, Q2 in playground, the fixJS() fails and doesn't alert the answer to the question
it fails with Uncaught TypeError: Cannot read property '0' of null

I was only able to get the answer during debugging of the function.

Thanks @spiral flame

Any idea how that works? Quite intriguing

I found something that looks like it might work

Any idea how what works?

The "Hello" payload, an empty popup is display then parsed "ok" which displays the answer with another popup

No idea

click ok

and a second popup with the answer

Not so much a bug but admin password expired in room Corp. and it is not easy to change when using none us keyboard 🙂

Known issue, it's on the list of things to fix with Corp

Splunk room task-2 q-31
"what is the website where you can find the Splunk forums at?" is changed
I searched wayback machine to find it

so what can we do when a box ended but still have access to it?

as in you terminated it, and the box instance is stull running

@covert kernel

as the box terminated by time ran out

and the box still running

even though the koth is done with i still have access to the machine

how long has it been since then?

5+ minutes

since is been done with

i know what happened

just don't want to share it in here

Is it a KoTH box?

How have you confirmed that you still have access to the machine?

yes

It's a known bug in KoTH machines

i have full root access

how so @median sapphire

not the first time? by whom? you?

We are already aware of this bug

nice thanks

box got terminated by an admin lol makes total sense

so what can we do when a box ended but still have access to it?
@covert kernel if there was a reset the box will remain up for an hour.. although it won't make any difference as you will not get any points as the game have ended already.

It's already been reported

Just finished Blog, really enjoyed this box and learn't some new tricks. A big thank you to the creator of this box.

@tame quail Awesome, #522158404614225920 by the way 🙂

Hi! I don't known if it's really a bug but I think the answer shouldnt pass once I write xploit instead of exploit in blue room task

There is tolerance on answers

On every room

owasp room Task 17 Q#5 or the XXE room.
Its asking for 18 keys but showing 17 as the correct answer:

Probably answer tolerance again

If you refresh, does it gain a char?

nah

If you refresh, does it gain a char?
@spiral flame also the same in XXE room

Well rip

Oh I had the same issue, the key starts on a weird Not line, Idk the word

Webgramming room: Enum task - After trying for several hours the directory-list-2.3-medium.txt and a generated crunch wordlist, I got an answer from @short jackal telling me that this was a broken task

webgramming is.... I believe the person who made it left so nothing we can do about it I think

Any reason why the room "Blueprint" has such high ping and disconnecting issues?? Its the only Room I'm having issues with.

figured it out!

No have to tried switching vpn servers?

yep

For the OWASP Day 3 challenge, I entered the password hash of the admin user, accidentally submitting the hash without its initial value and it was still marked as Correct. Just thought I should let someone know I don't know to what extent you can omit characters before the string is marked Incorrect.

That's answer tolerance

It's a percentage, I think somewhere around 15%?

Oh okay fascinating

ON Vulnversity on the question "What is the most likely operating system this machine is running". It says the operating system, and it's not windows, or Mac. However, when the OS LInux (which is what nmap shows) is entered it rejects it. (Yeah, I know what it's looking for -but that's not an OS, it's a brand name for a version of that OS). I think that question should be reworded since what it wants isn't the OS, but the version of the OS - just sayin! (Otherwise this is great education! I'm not a total downer here! 🙂 )

Specifically, distro

Hey guys
I just did the XML OWASP challenge yesterday
I just come today and it looks like i dont do anything about the XML
I dont know why i can do the XML challenge yesterday and today

Room: Introductory Network
Task: #9
Question: #4

hahahaha local ache ok :'v

Answer tolerance

Always answer tolerance

https://discordapp.com/channels/521382216299839518/522158539129618453/733511589545639988 @orchid remnant in introtox86/64 it says the cmpl instruction is comparing the value of eax with var_8h, when it's actually comparing it with var_4h

screenshot provided in the message link

Holy, no answer an is correct!! what

Ok that is broken

LOL, xD

Wait, which room is that?

https://tryhackme.com/room/networkservices

Enumeration telnet task

@frosty cape Once you're awake, this is super weird

uhh

that's some heavy answer tolerance right there

Yeah, answer tolerance

yikes, subonly room

i'd test it on my alt if it wasn't sub

Same here

Same, was thinking about it but I already did the room

Also im having a issue rigth now

@green hare Is it still considered correct after refreshing, and are you allowed to input anything still?

it should accept one of the answers. you might've been sending too much at once. the api bugs out if you send too many too quickly

I should deploy a machine for this task with a telent service but the machine i deploy it has nothing on it

oh the input's locked?

🤔

@green hare It's still considered correct after refreshing, and are you allowed to input anything still?
@covert kernel let me se

huh

oh the input's locked?
@short jackal Yes it's locked like if a alredy give it a response

interesting

this is very weird

try disabling any extensions that modify the page and refresh

that could rule out any external causes

I'll see if I can find another room that has a 1 character answer and see if it works

Hmm, I can't replicate it on other 1 character answer questions

@green hare What extensions and browser are you using? I can tell you have one that modifies pages to a night-mode color scheme, if that might impact anything

Well xD I have numbers and numbers of extensions xD jejej

maybe 20, i guess

Incognito.

also could you open devtools, paste this in and send the response? I'm interested in what the result is

fetch('/api/tasks/networkservices').then(r=>r.json()).then(r=>console.log(r.data[5].tasksInfo[0]))

(this will get the api response for this specific question)

Well, try incongnito and now i know the answer is ||1||

tried*

It could be some kind of error in the input parser/comparison logic that causes a blank input to turn into 1 somehow

that's the only thing I can think of

I definitely think Skidy should take a look once he's awake

Because it's super weird

Yeah, seems like a really weird issue

I wonder if other questions that have a correct answer of ||1|| could replicate this bug too

Give me a second and I can sort that for you

That would definitely prove that there's a error in the input parser/comparison logic for checking user input to the answer

https://tryhackme.com/jr/manage

Don't click the link in the task

too late

i hate you

LMAO

Hmm, interesting

(the room code is like that because the URL for managing rooms is /room/manage/roomcode)

So if you remove roomcode, it no longer 404s

Thanks to me

@green hare Could you try that room that James posted with the same browser?

I would also say to clone the networkservices room and check if that question has anything funky, but can't clone it

uyhh, i can't manage the manage room

@green hare Could you try that room that James posted with the same browser?
@covert kernel ok, give a sec i was answring some questions

np

Thanks for helping out, btw.

@spiral flame how tf does malware have points on it

Lmao

I would also say to clone the networkservices room and check if that question has anything funky, but can't clone it :Pepehands:
@covert kernel can't clone it too

why do I have points on it

👀

pls fix

👀

Does it... Allocate points?

No

Eh, not my problem

No fix

Wait, do i have to click on it or what? xD

It's something bad

Click the join toom link

Try answering the question without entering anything

Like you did on network services

I have blood points on that box 🤔

This is what i get Uh-oh! Your answer is incorrect.

Ok so something broke

Specific to that room

Did i broke something? Oh my!!

Probably

hello friends, I wonder if that's intentional but in the 'XSS Playground' room in the css keylogger tutorial if you just dully copy the snipet from http://$boxip/key-logger in to the recommended comment section (http://$boxip/stored') it crashes the webserver 🙂

It crashes the web server?

^ I reported this earlier

yes

sorry if its a duplicate

Oh well it’s already been addressed

my bad.

Nw admins will sort it ;)

https://discordapp.com/channels/521382216299839518/559443389058252800/732884582034047036

(I forgot to mention that another solution is to replace the room :^)

if i would recommend an extra step to a room where can i do that? sorry again for the wrong place asking it 🙂

#641405480547385354 ?

Probably #522158404614225920

okay, thx and sorry for the duplicate

It's no problem, it hasn't been addressed yet anyways LMAO

Hello I have found a few moar 🙂 in the 'XSS Playground' room

During the /filter-evasion in challange 3

<img src="x:x" onerror="alert('Hello')">

shows nothing

and gives away the flag

is it really the intended behaviour ?

Honestly, just give up on that room

I am sorry, wouldn't mean to disturb u guys with it.

It's not likely to get fixed

Just because the room has so many bugs

got it.

in my game no-body change king.txt and a problem is that king change count is two | is it a bug or its related to other things?

and please fix randomize | when i saw Most Recent Games there is four food machine from 5

That is how randomness works

Yes, randomness means the same VM can come up multiple times

sorry for grammer

i mean make randomize better

Less random.

Yes, randomness means the same VM can come up multiple times
@spiral flame
yes, but its intersting for me that same machine will choose from 5 round and when there is 9 other machine

Yeah, but it's possible

There's a reasonably high change tbf

Or not a low chance

I can do the math(s) for you if you'd like, but what you're asking for is actually less randomness

I can do the math(s) for you if you'd like, but what you're asking for is actually less randomness
yes i know but its better than have 4 same machine in a same time for me

in my game no-body change king.txt and a problem is that king change count is two | is it a bug or its related to other things?
@digital turtle how about this @spiral flame

sorry for ping

I didn't answer that, because I don't know what you mean or if it's a bug

look at King Changes please

and then look at the King Time

It might have changed, been recognised, then changed back

That's possible

how about this one??

Could be the same thing. Who knows.

and about this??

Could be the same thing. Who knows.
@spiral flame but its better to check for it if it happend for three times

I didn't answer that, because I don't know what you mean or if it's a bug
@spiral flame

ok

but can u tell mods to check for it or do it by urself ?

Mods don't have powers on the site

And you need to remember that

another food machine too

i'm filling intersting about that

And you need to remember that
@spiral flame remember wat??

Mods don't have powers on the site
@spiral flame

Discord mods are discord mods.

More a typo than a bug, but, on Introductory Researching, Task 4, Question #3 you mis-spelled Emacs as "VIM". You may want to correct that! 😋

Maybe try to avoid this kind of joke in #site-bugs

(also, ew)

We're not a glum lot, @spiral flame

I mean this channel is for bugs. Not really intended for jokes.

hey, when i use the in browser kali machine the CAPS LOCK isnt working, can anyone help me with that?

Either close the tab and reopen, or use the Shift key

oh K tnx

I was looking at my badges and noticed my profile badge does not match, my ID says I have completed 191 rooms but my dashboard says I have completed 166 rooms - THM Badge has just been regenerated so it is up-to-date; My only thought is that private rooms do not count towards completed rooms but even if that were true the numbers are not accurate (having around 13 private rooms) 🤔

Is that the static badge or the dynamic one?

That's the dynamic badge

@median sapphire here's the full page 🙂

This is interesting, my badge says I've completed 173 rooms while I've actually completed 165 🤔

Just doing old OWASP 10 day challange and found this... On last line should be "marked" body and not element (OWASP Top 10; Task 15)

Interesting @urban flame @median sapphire

🤔

I guess tag Skidy so he can take a look?

@grand anvil I noticed that too, but didn't bother me enough to point it out until I looked at it again

should look likebody element

Discord mods are discord mods.
@spiral flame so please tell to devs

@urban flame some public rooms were privated recently so it might actually be the public/private thing

there are multiple just on the first step, the commands that are supposed to be run all of them give errors, in my console are the correct ones

@iron hollow user error re read the instructions and commands

Room: Crypto Challenges. Task 8. This task is unsolvable. No one has solved it. Change to "No answer needed" or amend the required answer input.

TYPO in /rpmetasploit
[Task 3]/#10
Now that we've learned about to change the value of variables, how do we view them? There are technically several answers to this question, however, I'm looking for a specific three-letter command which is used to view the value of single variables.
Should be Now that we've learned about HOW to change the value variables, <...>

@orchid remnant When you're free, can you fix this ^

If Dark doesn't murder me for it

I'd suggest it needs to be: "learnt about changing the value of variables"

would be my coin toss ^^

That sounds good too

Both are valid tbf

Muirl can choose 😛

I try to offer a suggestion so that it becomes obvious what the problem is

Noted, your suggestion isn't wrong (:

I do like how yours flows better tho

Just because it's been brought up

Hi. There's something wrong with the machine in Room: Blaster https://tryhackme.com/room/blaster
Task 3, Question 1:
User's browser history was cleared

Task 3, Question 2:
The "file" was already restored from recycle bin.

Spent more than 20mins on Task 3, Question 1 thinking it was a challenge to look for other ways to see browser history. Got frustrated so i peeped on the writeups. All 5 writeups has a screenshot that has a browser history.

All known issues

Browser history is a WONTFIX

Hi all,
Does anyone know how to bypass cloudflare xss filter?

Wrong channel, and Rule 9.

Sorry new here

guide me to correct channel

?

This is the bugs channel for reporting bugs. Have a look at the channels on the side bar, familiarise yourself with the names and purposes, then go to #general

okay thanks, I will just post it in general.

The hyperlink used in the access text of Task 1 #1 on https://tryhackme.com/room/lordoftheroot is broken and leads to access instead of https://tryhackme.com/access

I think there a bug on task6 of room powershell (Powershell Scripting)
correct answer can only be 10 or 11, I know, but it's doesn't match with my script..between 130 and 140 are only 11 port, tops, but no all of them are opened.

Room: Web Scanning, Task 3, Q2. My ZAP session shows 'URL to explore', but answer to question is 'URL to attack'. Unsure if this is a recent change to ZAP / if this is the right place to post about this - but hopefully it helps!

@orchid remnant could you fix that real quick ^

It's a recent change to ZAP iirc, since they added quick buttons to do active/passive scanning.

Not sure if this is a bug but on Jack if you have user as jack you can get root flag just by doing ||cat /root/root.txt|| without having root privileges

@strong pumice

Jack isn't mine

oof sorry

yeah that is jeff 😅

@feral drum @olive drum I'm going to leave that one to @rugged ermine in case he wants to add it into a hint or something for backwards compatibility

👍 sounds good

hi gyes

#general

Is it possible to send bug reports for rooms?

Aye, just dump 'em in here

you can send them here!

I just discussed https://tryhackme.com/room/xss with @spiral flame. He said this room is buggy. My issue is T3 Q4 . The question asks to change the title. I did this, but haven't got a flag. @spiral flame wrote that it requires a specific comment. So I'd suggest to update the description to reflect that requirement.

It's a known issue

For every single task

So

But wouldn't it good to improve the room, so that the issue disappears? I guess it would also be helpful for future users.

I mean, it's very unlikely to be improved

It's more likely to be replaced

It would need a complete rewrite, which is basically making a new version

OK.

fix vm OWASP xss

@orchid remnant can you fix this? it's reflected not reflective

It's also broken

Because I aint getting a flag

Typo on Q3 hint, should be IP not up

It also says Answer for question 1 in the room, and it's the answer for a later question

Reflected right?

reflected

Not redflected

but yes

Ta

And changed the hint for question 3

Right, who typed this thing...

Also, the "Set the window title" is broken

I've done it twice

Two different payloads

The excuse Skidy/Ashu gave for not re-using existing content was because some of it was broken

I don't think there's any VM pubic that's more broken than the XSS playground

God, it's not XSS playground??

damn tell that VM to shave

Sheesh

@orchid remnant It is.

It is XSS playground

Geez

it's "lite"

But it's broken

Yeah, this ain't gonna end well...

the reflected is throwing: Cannot read property 'includes' of undefined

Well, Question 4 doesn't seem to be working at least

Well, Question 4 doesn't seem to be working at least
@orchid remnant I have 3 payloads that are functional

But do not give me a flag

I'm very disappointed

Yeah, that's my point

Question 4 works for me, 5 and 6 doesn't 🤔

I got 5 going

@orchid remnant Q4 is fine

Q6 is not

I got Nr. 6 working

So

getting the same thing as @ebon oyster

What we're saying

Is that it is really inconsistent

Xss playground uh

@celest edge if u go to /stored. then click reflected from the menu bar it works

yeah I saw

I got 6 working fine

Four is still being difficult

worked first try for me

I used a formatting tag

they all worked first try

Q4 and 5 worked for me

Strange

I've just added everything from titles, to a link to my own blog

How inconsistent

Q4 I used a b tag

i used h1

Q5 the basic payload

also Q5, there is a typo in the JS flag alert.

i didn't get the alert. but got it from my proxy

"username":"abcd","comment":"<img src=x onerror=alert(\"flag\"s);>"

Yeah, Q4 is saying it's the answer to Q1

I just used a script tag to trigger the xss, there's no filtering

which makes sense

also the box got completed. I thought we are having 10 days of owasp challenges. 😐

hey my social tab isn't working how to make it work

@spiral flame help please

Dude, no

I'm a discord moderator

Go to #site-support if you want help

ok

Don't just tag a moderator because you want help

sorry

apologies

room closed.. it's ok? I mean, I finished all task and got the "congrats message"

Wat

yes?

Why would it not be?

what about day 8?

It will be there tomorrow

no problem then? I mean.. yesteday and the days before got a mesage "wait until 8PM to the next challenge"... today don't

it has this message

it just had to be updated

no problem then? I mean.. yesteday and the days before got a mesage "wait until 8PM to the next challenge"... today don't
@bleak wraith Right, it seems that somebody forgot to add the disabled task for day 8

The XSS room has some misconfiguration

if you go here http://10.10.235.184/reflective (like the page said)

it wont work, go to main page and the select reflective

@bleak wraith Right, it seems that somebody forgot to add the disabled task for day 8
@floral vapor Now It's ok.. thanks

Great

OWASP XSS(today). #3 Maybe not a 'bug' per-se, but maybe unintentionally ambiguous... I've had the JS trying to go off and query remote services for the client machine's IP address - maybe 'your VM's IP address?' would avoid an unintentional rabbit hole?
"'On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address."

i found smth may be kind of bug on the platform but unable to fully testing it is there anyway of contact to check it

Email unsubscribe link errors out rather than visiting the customerioemail.com source

Email unsubscribe link errors out rather than visiting the customerioemail.com source
@autumn wave sorry i do not understand

It's not really for you to understand. I'm reporting a bug

i found smth may be kind of bug on the platform but unable to fully testing it is there anyway of contact to check it
@zealous tapir Do you mean bug, or security issue? If it's just a bug, report it here. If it's a security issue, email hello@tryhackme.com

It's not really for you to understand. I'm reporting a bug
@autumn wave
my apologies

...

Why are you @'ing me

@zealous tapir Do you mean bug, or security issue? If it's just a bug, report it here. If it's a security issue, email hello@tryhackme.com
@spiral flame security issue I sent it thanks

guys, i found something weird, whenever I try to submit an answer with " /etc/hosts " in it, I dont get the normal message <<Uh-oh! Your answer is incorrect.>>, I get this instead

Check your browser console

Are you running bitdefender?

yup, I was going to add that, my bitdefender notified me for a RCE attempt on my end

Yeah, it's a bitdefender bug

It interferes when it shouldn't

Normally LFI/SSTI payloads

ok thanks man, I spent the last hour trying to figure out who was attempting to RCE me....

I recommend using a VM

I do, I am just submitting my answers on my host atm, ty anyway

ye, best bet is to just fullscreen the VM and use that

Room for breaking out of docker (I am purposely not mentioning the exact name here.) is essentially empty and also rewards A badge.

@topaz venture Sorry for the ping, but after posting this here, IDK if this is time sensitive. People will grab the badge.

Yeah, that used to be a room, but it was removed by the creator

All of the tasks and questions of that room were removed

No worries for the ping, the room is empty as should be

Docker badge? 👀

how to get that? 😮

But, It still rewards the badge.

I'll look into if we can get that badge removed

I just got one.

Good shout, thanks.

🙂

||Name plz||

I'll look into if we can get that badge removed
@topaz venture plsno

Well...there's gonna be an alternative to that room anyhow (:

@brittle juniper the award for the room in question has been pulled. Appreciate you letting us know

You now have a rare badge

Damn, nice.

you now destroyed one of the easter eggs

wait, is the badge been removed?

it's unlisted

i can't see it in my profile anymore

still on your profile but doesn't have a image/name so it doesn't show up on any page on the frontend

it's not obtainable anymore 😢

so there's now an elite club

i obtained that an hour ago

it was removed from the room after that then

no longer here.

still on your profile but doesn't have a image/name so it doesn't show up on any page on the frontend

it's still present on the list of badges that you get from the frontend

aah ok

Probably can’t be changed in live

¯_(ツ)_/¯

you now destroyed one of the easter eggs
@short jackal some tell me that I shouldve made an PoC of it and It couldve been one of the 3 bugs to get BUGHUNTER

three critical ones

or more smaller ones

was it worth?

i did have to find a few before i got the badge

yeah IK my friend cryptonic found 3 criticals before the badge.

¯_(ツ)_/¯

Dude!

xD

was it worth?
@brittle juniper

uuuh

i got a payout for multiple message vulns that i found, the rest were usually minor

tbh I don't care about the payout (i mean not expecting any), but that BUG HUNTER badge level

xD

🤔

¯_(ツ)_/¯

it's not even a badge, just a level on site

Yeah, that's what I meant. 🤦‍♂️

I could live without it but the backend peaked my interest so much then that i'm still poking at it

Me too. The APIs are too interesting. (been on them the whole day)

noice

The question: Go to http://10.10.66.193/reflected and craft a reflected XSS payload that will cause a popup saying "Hello". appears to be broken. The workaround is to go to the ip, sign in and then click on reflected.

It has been addressed many many times.

Also, no need to sign in

The machine here is not working:
https://tryhackme.com/room/commonlinuxprivesc

#site-support #room-help

if u stroll to <ip>/admin without signing up. You can get the flag. Owasp10 #26

feature ^

Cross site scripting room does no alert last 3 flags

known

the room is very buggy

You can still trigger the flags- it requires pretty specific keywords though

Just keep looking for alternative methods (hint: you don't really need to use complicated obfuscation/encoding or anything like that)

great work onDay8
just a little comment

Just keep looking for alternative methods (hint: you don't really need to use complicated obfuscation/encoding or anything like that)
@covert kernel Thanks but i do not really care that much about flags 😂

Thanks for pointing that out @bleak wraith that's been updated now (:

Could just be me and my Craptop. But if you click the OWASP top 10 XSS question 2 link.. You will get an error. verses going to the IP and then clicking the website link.

Known issue

There's a documented fix

perfecto ty

I think there a bug on task6 of room powershell (Powershell Scripting)
correct answer can only be 10 or 11, I know, but it's doesn't match with my script..between 130 and 140 are only 11 port, tops, but no all of them are opened.
@bleak wraith @topaz venture BTW

@lunar pine did get the solution I'm having the same trouble

I'm having the same problem in simple ctf room, can someone help me?

#room-help

Switch to an EU VPN server @stiff wind

@spiral flame thank you!

This issue is being actively investigated

I think the issue has been found

I was using US-East-Regular-1

Yep, it affects any VPN servers that aren't EU

update bot

when someone join it say #community-help but it need to say #room-help

i know it isnt a bug but it should be update

Bot error(Maybe): It tags @invalid-user.

Discord bug

But a bug

Best type of bug

That's discord being discord

xD OK.

That's how it shows up as when a person leaves the discord and you don't have any shared