¯\_(ツ)_/¯

If someone joins and you see them message, it fixes the ping

It's all a bit weird

It's all a bit weird
@spiral flame Story of Discord.

I see it more weirder : https://i.imgur.com/DCl4keR.png

That means you have developer mode on.

Invalid user will only show up if you don't have developer mode, otherwise it shows you their discord ID

@digital thorn why u think its weird ???

They should be valid username of the user the bot is welcoming

Another page button bug
Steps to reproduce:

• Enter hacktivities
• Filter rooms so there is only one page and the page buttons disappear
• Change the filter so there are more than one page and the buttons reappear
• The "Next" button is disabled

Expected behavior: "Next" button should be enabled
Still not fixed reeeeeeeeeeeeeeeeeeeeee
I posted this 1st of july

I posted a bug related to hacktivities last year, it's not fixed :-( When you filter on hacktivities, click a room, and go back, you can't click on filters and the filter is no longer applied (or if you click on filters too fast on loading hacktivities it doesn't work either)

I don't known if this is the rigth channel

I think that have a misunderstanding about what jge does in this part of task 4 of introtox8664 room. jge instruction jump if eax is greater or egual to var_4h and the paragraph below have the same misunderstanding

#room-help @stiff wind

Not sure what the misunderstanding is- that's what the jge instruction does

at least in at&t syntax

is there any problem with vpn?! i cant even connect

i have no problems

#site-support

Out of curiosity do we know if running into servers without ssh command installed becomes more common as an unethical hacker would interact with more secure servers

they probably still have ssh but not on port 22 and have root login disabled

Wrong channel @thorn osprey @gray flame

@spiral flame legitimately has to do w bug hunting, and I guess there is no way to find what port ssh would be used through if not the default huh, let’s say it is still 22 how would it be accessed if not through the root user

Doesn't go in this channel.

This channel isn't for bug bounties

Wtf u wanna talk abt dude

#general.

Just use the correct channels. It's really not as difficult as you're making it seem.

hi, im trying to do the room 'blaster', i hit the RDP point, opened internet explorer tto check for the history (after alot of searching i had to click the hint button), the history is completely empty

i had to check multiple walkhthroughs for that step to confirm i was right

• i connected and reconnected multiple times

Known issue

Check trash I believe

i did

i checked everything

It's possible to check the history by looking in the appdata db I think

but it might be easier to yeah, dig in the trash

IE uses a different kind of storage, i donnt think it uses aa SQLite db

i checked the recycle bin, nnothing is there

Have you tried shutting down the system and opening a fresh one?

i did, actually, i redeployed about 5-6 times

Actually, I think it's a known bug that's currently unfixable, you might have to look at a writeup to get a clue on what it is

alriight

This is know issue, meanwhile here is what you need from the history : CVE-2019-1388 @quartz tiger

yes i grabbed the CVE and finished the room

ty

@digital thorn Dark has closed the bug as a WONTFIX

Can we add the cve somewhere in the tags or something then

I've asked

All right

how is this possible??

profile link-->https://tryhackme.com/p/CH3CkM473

how is this possible??
@blissful zenith

Streak and heatmap are not calculated in the same way

For example, heatmap counts deploys and downloads. Streak does not.

you had more than 24h between questions

that's why

That's the other alternative

not possible i "answered" today morning 10AM IST now its 11:45 PM IST

less than 24 hours

it starts counting the day you "begun the streak"

so let's say i just made the account and answered a question, my streak counter pops up to 1

because i've been answering questions for 1 day

in https://tryhackme.com/api/tasks/, taskInfo[n].submission is tied to the answer of question yet name suggest more like what has been submitted by user. To replicate, create a task with question without an answer, complete the question, add an answer to said question, refresh the page.

Click regenerate @brittle juniper

The static one is, well, static

Tired that thrice.

Hm, how odd

nvm, my bad. Tried clearing cache. Works.

Weird tho, number of completed rooms are 4 more on badge than my dashboard. (Private rooms?)

Yep, it'll count private rooms

Probably shouldn't, but does

Yep. 🙂

when a path is completed, it still has the same message on the dashboard to continue with it, maybe that could be changed to "congratulations" or "give this path a go now"?

#general message

Tired that thrice.
@brittle juniper https://discordapp.com/channels/521382216299839518/559443389058252800/733979079136641066

Yeah well, I think if I make PoC's of everything every security bug I find, one day I'll be able to get that BUG HUNTER title.

That's only for security bugs.

Could be a known issue but I don't see anything in the "options > known issues" location... The Room "Plethora" the DVWA will not load. I have termed the Room 2 times now.

other port services work fine.

It takes a while longer than the others, seen a few people reporting this

gotcah I'll give it a try

Haven't completed it yet. Shows as completed.

@brittle juniper photo shop or paint? lol

If you completed it at any stage, it shows completed when tasks/questions are added later

OK.

Hello

I'm new to tryhackme.com

Trying mr robot now

https://tryhackme.com/room/mrrobot

In step 4: Now when you deploy material, you will see an internal IP address of your Virtual Machine.

The question is, where is the IP? How do I deploy the machine? Did not see deploy button in the page

I'm already connected to the VPN

Also, this is not a #site-bugs related issue.

Aha, got it, thanks

Sort by ~newest~ shouldn't sort by the newest thread in the forum?
Shows that the latest thread was 41hrs ago, when if you reload the page it was about 2hrs ago

my profile says that i completed 82 while i completed 83

@zealous tapir rooms?

yes

@zealous tapir rooms?
@short jackal

Some public rooms were moved to private and iirc the counter on the profile only shows public rooms

Any mod on? Need to dm you guess there is a bug

That's not how it works

How does it?

If it's a security issue, you need to email

If it's just a normal bug, you describe it here.

Alright then

hmm , is it a bug?

[Day 7] Cross-site Scripting

pretty sure it, now its the time someone tell me its intended and i see i'm a totally noob LUL

Go to /

Then go to reflected

that works

thanks!

i just go to http://10.10.22.201/stored

and after to reflected but i think its the same

hey there, i am having a problem to deploy "Introduction to Django" machine

#site-support

ok

hi

room musical stego has a bug

https://imgur.com/SZgG07q.png

404 Not Found

idk if that's or not but there u go

not sure if this is particularly the right avenue to ask, but has anyone had the issue of of getting error messages in tryhackme when having burp running, mainly ca certificate error messages?

ah i see the tech-support room now, will post there as well

not sure if this is particularly the right avenue to ask, but has anyone had the issue of of getting error messages in tryhackme when having burp running, mainly ca certificate error messages?
@versed swan That's not a bug 🙂
Look into installing the Burpsuite certificate

You need it if you want to access any website using SSL

wow, i thought i had imported it, whoops lol

Notification doesn't show the latest time, but the time conversation was started.

🤔

That is pretty much self explanatory.

Oh, nvm.

Network Services, Task 8; Log into the service (ssh using the id_rsa you retrieve)
You may get the error load pubkey "id_rsa": invalid format, it's kind of a false positive as it still works even though I got this error. Just thought to make people aware.

https://discordapp.com/channels/521382216299839518/680459914828972076/736285743835643914

13.5ms ping to the VPN - An additional 95ms ping to the server (Which should be on the same internal infrastructre as the VPN in approximately the same location - Should be closer to 5ms - Not 95ms)

False

It's going across the Atlantic

Everything deploys in the EU, Ireland

WHY!

Then what's the point of a locational VPN?

It's better.

If you're going to have the same latency regardless

AWS Peering is going to be better than yours

tbh, it can probably be an easy fix. Sharing/Deploying AMIs across regions should be fairly easy

I'd let Ashu and Skidy investigate that tho @spiral flame

The infra has a change coming anyway because FTP is broken from outside the EU regions

@spiral flame Better than Googles?

no real further discussion is required. There's an issue here -- I'm sure it'll be looked into optimizing, in due time :)

maybe this is not a bug, but I think it needs an update. http://www.tryhackme.com/releases

is the new challenge Set bug?

never boot

Please provide some more detail

http://www.tryhackme.com/releases shows 22days old info.. SET i.e. doesn't appears..

i'm waiting 15m for set boot 😆 maybe have a problem for first day launch

How are you checking if it's booted?

You clicked deploy and then?

i'm waiting 15m for set boot 😆 maybe have a problem for first day launch
@vagrant imp for me it's ok.. did you check nmap with -Pn parameter?

@bleak wraith that says “Released 22d” Not Set

Windows machine. Typically won't respond to pings @vagrant imp

All rooms are tested before launch too so there’s no such thing as a “First Day Launch issue”

Make sure you’re connected to openvpn before proceeding too.

All rooms are tested before launch too so there’s no such thing as a “First Day Launch issue”
@brave reef Ah, except when there is because the box was tested 6 weeks ago and the passwords expired

They don’t test them before release ;-;

They do

Just not immediately before

oh, cmon, kids.

Yeah that’s what I meant

oh, cmon, kids.
@bleak wraith ?

https://tryhackme.com/releases @frosty cape could you update this to add Set please?

this room need to be me subscribed member but I'm not. The thing is it's on my My Room list I want to remove it from there is it possible ?

no

OH YEAH

szy made a script to solve that

check pins in #resources

Sorry szy

this room need to be me subscribed member but I'm not. The thing is it's on my My Room list I want to remove it from there is it possible ?
This is fixed when I next push the latest THM codebase

bug: i still don't have my 5% swag discount

bug: i lost the strike even though i answered at least 1 question per day

You must have 24 hours difference b/w 2 answered questions, that's why you lost your streak

you can answer one question every day and still loose the streak @languid junco

You must answer 2 questions per day.

ah right thats why then, ty

Room: malremux
Task # 1
it should be Let's go!

Unless that was intended

Intended 😅

Mario

I was gonna say it gives a Mario vibe but I refrained.. haha

https://imgur.com/SZgG07q.png
@vast wigeon Yes, it seems like the pastebin file has been taken down, probably unintended by bot. You can either post a thread on https://tryhackme.com/forum/ or contact the room owner, where you can find the information in the room

@covert kernel

@covert kernel Looks like the pastebin link for musicalstego was taken down

OUCH

Ill get on that as soon as I can

Badge for OWASP TOP 10 is not showing on my profile even though i completed the room yesterday :c

👀

A last task #32 has been added since then @rare swallow

Go to the room and click complete, you will get the badge

This web server is running in SSL mode Try the URL https://xxx.xxx/ instead.

For Source

Yes?

Is this expected ?

It is 🙂

Think about what it's telling you

fme

A last task #32 has been added since then @rare swallow
@digital thorn that did the job, thank you

Scoreboards are high.

score board should be the same for everyone

I think the order is not in the order of completion.

yeah

that's been how they worked for a long time. i think they are point based and not time based so i guess the users with X points are selected from the DB by random
~me few minutes ago in another chat

The only common thing we have is cmnatic at #10 😄

Button help styling issue (MacOS, Safari Version 13.1.2 (15609.3.5.1.3))
https://i.imgur.com/RQa3XJt.png

when signing up with a username that is already taken, an object

{
  "success": true
}

is logged to the console, not sure if that was meant for debugging and left in or what's going on there

@vast wigeon Yes, it seems like the pastebin file has been taken down, probably unintended by bot. You can either post a thread on https://tryhackme.com/forum/ or contact the room owner, where you can find the information in the room
@jolly jetty I already got the password from a friend who did the room a while ago , thx btw

offensive pentesting path please fix formatting issue:

Metasploit room, task 5, question descriptions are really confusing and new guys have a hard time learning from it.

Two elfs:
https://tryhackme.com/games/koth/7629

Cursed

Scoreboard for Brooklyn Nine Nine ?

Webgramming: Task9 (Catch me if you can): I used a script to resolve the task and still it is saying "Can you do it faster ? You cost [xxx] msec"

Learn linux already has the files needed to solve shiba3->sibha4. Maybe the room got cloned from a solved box?

Chart/Scoreboard is bugged in https://tryhackme.com/room/ohsint

literally every scoreboard is like that you guys put a new one in here everyday but have you guys seen anything change? they’re not bugged they’re just different per user. It’s clearly known because you guys have put a new one everyday but clearly it’s not an issue since the admins haven’t done anything about it

Roger.. didnt know

@ebon oyster known issue, Pars has said it won't be changed

ah ohk.. cool

hello, i just tried to add a sub-only room to my list of rooms (using its code) and it worked, shouldnt it check if i subscribed before adding it ? anyways since im not sub, means i cant remove it

Yeah, known bug, you still can't access it by the way.

yeah i know

If you want to leave the room: #resources message

tried it, diddnt work, but its fine ill sub later anyways

cannot find one of the files in the Ninja Skills room
thought it was maybe just on my PC and I even restarted the machine and searched in the browser but there was still no file named bny0

https://media.discordapp.net/attachments/521771811768107008/736989544603320361/unknown.png?width=1172&height=660

Task 6 #1 /room/googledorking

That's the XSS filter

I think Skidy knows about this

should it show like that tho?

No

it should be <query>

yep

it's a site issue rather than a room issue

alrighty then

Did anyone ping? O.o

it was me

above

then james told me it was a site issue so i removed it

Did anyone ping? O.o
@topaz venture XSS filter on hints goes BRRRRR

error in console when a koth game attempts to start with insufficient players

it also seems to say insufficient players at 1 minute left, while still actually counting down

Jeff room is loading very slowly for me. Third or second night on a row. Is it a known issue?

I think the machine sleeps and wakes up on its own

You need to add jeff.thm to your /etc/hosts file.

I did

The ip is unique to every box deploy

I am in. Trying to mess with the wordpress site

There is also this notice on the box:
This machine may take upto 5 minutes to fully deploy.

There is also this notice on the box:
This machine may take upto 5 minutes to fully deploy.
@median sapphire

It is not that. The machine, after deploying goes unresponsive then wakes up and back again

It's an issue with your vpn then.

I ran the vpn troubleshoot file.
It is all is good the script says

Could anyone confirm what i am saying?

i know some of the machines have some problem

but they deploy completely

This one seems to be the exception.
I wanted those 150 points so bad.

u know all of the machines are slow

if u want faster u must subscribe to try hack me

Only if you're doing resource heavy boxes without subscribing

Some rooms are super fast without subscribing

yes, because they dont have much service or port and they dont take a much time to deploy

if u want faster u must subscribe to try hack me
@digital turtle

I did not know that. I did know it would take time to deplay, which i dont mind

Subscribing gives the VMs more ram for sure. Fairly sure more CPU too

its normall

At least a higher execution cap, I think it's still single core

if u deploy one of the room in ur PC with little ram u must wait for that time too

While on the topic, if i were to buy a visa gift card, is that accepted on the platform?

Am asking because i tried that on htb and the site did not accept it

Not 100% on that, the admins are asleep so RIP. It's all handled through stripe.

@spiral flame can i dm u for a thing??

That's excessively vague, so maybe?

because its about my personality

and i dont want to say it in public

I'm a discord mod who handles discord things

ok, my question is about subscription

If it's a discord thing, go ahead. If it's a personal thing unrelated to THM, I can't really help. If it's a site thing, all I can do is ask an admin

I can't deal with payment stuff

ok

I'd recommend emailing support@tryhackme.com for billing related support

i dont want to pay anything

because i cant

but i want to ask if its anyway to do that

There are giveaways for subscriptions fairly often

ok

OWASP JUICE BOX TASK 4 INJECTION -Log in with the administrator's user account using SQL Injection
I am a bit confused as to how to verify if I am doing the task correct.

If I am doing it correctly should it let me login or only return [objectObject]

Please don't spam multiple channels with the same message @weak ocean

When you register with a voucher, the server should do a .trim() function in order to get rid of potential spaces in the code. So people might copy paste it quicker 😉 from #522158404614225920 message

shouldn't that be in #544951750801752079 instead of #site-bugs ? 🤔

shouldn't that be in #544951750801752079 instead of #site-bugs ? 🤔
@fresh tide I would say it's both. it's a bug in the sense that expected behaviour (copying and pasting s voucher) doesn't work but also a good idea

I don't think it's intended to be the way it is

@fresh tide I would say it's both. it's a bug in the sense that expected behaviour (copying and pasting s voucher) doesn't work but also a good idea
@vocal raptor perfectly what I meant (:

How "to" you etc. instead of do. room: CC: Pen Testing

oops

Could you circle the grammar error

It’s task 7 question 2

@orchid remnant quick fix for you

Can't login from the cracked password via hydra. It's not a KOTH game tho.

users still get put into #room-hints when joining the discord they should probably be put into #rules first

Hi people,

I'm at Hacking With PowerShell room, [Task 3] Question 3, when I type Get-Command | measure, I get this: 7935
But I cant pass the task
I saw the writeup and my answer is right, so it's a bug

Hi, the writeup is incorrect, please read the question, you need to filter by cmdlets. 🙂

Is it incorrect? are you sure?

I couldn't get that question too

Can't login from the cracked password via hydra. It's not a KOTH game tho.
@buoyant dagger lmao password is fuckoff1

wE aRe A PrOFfEsSioNaL sITe

I can see the number 7935 on PowerShell in the machine

@olive drum Yes, I've completed that room 😄

You need to filter by cmdlets

alright

ok

Try googling something like: find total number of cmdlets powershell

@buoyant dagger lmao password is fuckoff1

wE aRe A PrOFfEsSioNaL sITe
LMAO

Those are autogenerated @urban flame @buoyant dagger

Can't control the public passlists

You could implement exceptions

Yep it is. But the issue is, the cracked password is incorrect if I tried to login using the creds

You could implement exceptions
@urban flame You think I can be bothered implementing exceptions?...

That was James though, ftr

@orchid remnant what wordlists do the generated passwords use?

Depends on the creator. I tend to use Rockyou

So to add to my previous point, rockyou has 1138 (My current installation of rockyou) instances of the c word, what if that were in one of the generated passwords? Would it be okay then?

Because by what you said "Can't control the public passlists" it would be valid but it certainly wouldn't be professional - this is more of a #522158404614225920 convo

Okay. 2 rooms already gave me false credentials. I got in ssh because not of the password hydra gave me but using the old password.

I found a type-o in one of the room's how do i alert the proper channels?

You put it here

OWASP Top 10 - Task 10 - Second Paragraph Last Sentence - " Accessing a database server is outwith the scope of today's task, so let's focus instead on flat-file databases."

OWASP Top 10 - Task 10 - Second Paragraph Last Sentence - " Accessing a database server is outwith the scope of today's task, so let's focus instead on flat-file databases."
@kind niche Where's the typo?

"outwith"?

server is outwith the scope

assuming that was meant to be out of

I'm a Scot

hehehhe

ok, TIL!

https://giphy.com/gifs/disappear-4bpK2k0Yru5Us

I'm trying to answer a question in the Linux room
Task 18 - # 2 - What is the value of the home environment value

The value is /home/shiba1

But the room isn't accepting the answer

Screenshot of the echo $HOME attached

Room is giving me an error

Am I doing something wrong or is this a bug in the room?

Turns out I was supposed to be logged in as shiba2 instead of shiba1

You're doing something wrong

Yep

Make sure you understand what Task 12 asked you to do @merry venture

I understand what task 12 asks me to do. I just didn't know that I had to be logged in as shiba2 for task 18, I thought it wanted to know the value of the $HOME variable from user shiba1's perspective which would have been /home/shiba1

Just follow everything step by step and you are good 🙂

Also if not sure, you can drop your questions in #room-help or #general , ensuring faster response and saving #site-bugs from unintentional spamming. Just a suggestion, I can't ask you to

Yeah my bad on that, I thought it was a bug in the room, but it was my own mistake

#general message

Addressed https://discordapp.com/channels/521382216299839518/680459914828972076/737585630682284032

Room: https://tryhackme.com/room/25daysofchristmas
Issue: Broken Image

I have a quick question

I logged out from my kali machine

How can I get back in?

#site-support

You need to run shiba3 not 4?

The name of the binary is shiba4

Question/task?

Task33 Binary - Shiba3

It tells you what binary to run in the task name

Read the question

yeah have to run shiba3

Submit the question as a bug rather than the machine

Room: Learn linux
Task 33: Binary - Shiba3
Binary don't exist.( we just need to run the binary as everything already exist according to the task)

@brave reef correct me if i'm wrong

Known issue

Closed, Pars has said WONTFIX

@wooden igloo ^^^

The guy was asking in #site-support i just checked the issue. didn't knew that its already known.

Room: Jigsaw
Issue: it does not appear possible to capture the broadcast packet or this is broken
I believe there is a fault with the jigsaw room, or perhaps the way (my /the) vpn is set up, I believe to complete the room I should be able to capture a broadcast udp packet(s) from it. No matter what I try this is not possible. I have spoken with creator (as well as read the first parts of some write ups) and this is definitely seems the route? I'm in the process of capturing all interfaces with a bootup and all ports nmap scan but I think there is definitely an issue here.

excuse me but what is the process on response to something like this?

Let me check on my end

I'll see if I can replicate the issue

What scan are you running TCP/UDP?

@zinc viper

shall we take this to PM so as not to include spoilers

No, we can talk here, spoilers are okay, since there's already a writeup and we don't enforce spoilers unless its #room-hints so 🤷

what scans I run is pretty much imaterial and believe me I run them all, I simply never see the udp broadcast packet which contains the cred information. I also had a friend try with the same results, if I had to guess I would say you filter broadcast on the VPN, but this would mean no one had completed the first part of this box legitimately on THM so perhaps not, I am currently running the capture on -p- and with then run a short burst on -sU this capture has run from machine boot throughout this... I am 99% confident the broadcast packet will not be seen based on previous tests, also the machine creator stated that it is NOT user triggered in any case

Was zayotic able to replicate the issue on his end?

I'm not sure he tried it was a brief conversation

Jigsaw 1 was ported from vulnhub if I recall 🤔

well yes on there you could use arp to capture too becuase it was LAN

and again no broadcast would be filtered

Yeah, I did from Vulnhub initially 🤔

Let me see if I can do it on THM

I'm not sure if this has ever been possible on THM to be honest

are you staff? or vpn connected like the rest of us

If you are subbed you can try the online Kali since it's on the same subnet 🤔

I'm free at present working through whats there first 😄

that would be far more likely to work

a friend who is is going to give it a go though

I can definitely confirm no broadcast traffic is recieved from THM at all

Let me know if it works, if I remember correctly, when I initially did this box on Vulnhub it was something like this:
tcpdump -A -n host <ip> and not arp since the description is of course fake 😄

The way how virtual machines are "repackaged" / converted from VM to images for AMI changes quiet a few things. This leads to very odd behaviour such as that above ^

yeah I have just replicated this on the vulnhub vm (I had used this test on the THM vpn)
the broadcast message is triggered every minute

I have both wireshark and tcpdump captures, my friend also tried using the browser kali and had no joy

i'd say this macine is not possible at present on the VPN possibly even on THM fullstop.

I am subbed and have tried it on the online Kali and can confirm it is not possible to capture the message

On the "My Rooms" page it shows 8 page buttons, but the 8th page does nothing, additionally underneath it also says there should only be 7 available pages, so the bar is showing 1 more page than it should.

At the time of reporting this I'm in 67 rooms.

https://tryhackme.com/rooms

the filters work this way its always 8 along the bottom and the 1of X tells you how many are actually available for your current filter

hello guys Donig OhSint Room

I didnt get the downloadable button

Broken Image. Again

@sinful relic That's a bug! Please report that to #site-bugs disregard i have no idea where i am

@covert kernel we're in #site-bugs

oh

I didnt get the downloadable button
@sinful relic reproduced at my end too

@median sapphire did you replicate the issue?

Yeah, before I ask a mod to post it in #685858111952781324 @surreal kettleWhen you are free, can you verify on your end just to be sure, we aren't doing anything wrong

@digital thorn i didnt understand

I'm just letting everyone know that I checked and the same bug is reproduced. That means it's not a one time thing that happened with you

^ I can also confirm that I couldn't download as well but forgot to mention

Can't right now

i can't ping the machine in CTF_100

please help me

You're going to have to give us a little more information than that. Are you connected to the VPN? Has the machine been given enough time to fully launch? Are you sure that the machine will respond to ping?

This isn't a bug at the moment, so you should probably ask in #site-support or #room-help

i have connected with openvpn and it's already been 5 min since launch of that machine

ok thanks ill ask that in #site-support

Broken Image. Again
@buoyant dagger Weird, I'll take a look.

The link to the image gives forbidden and when i visited the room, the logo is set to a gravatar

Updated. I need to find where that is occuring.

Thanks.

Room:Hackback 2019
Task 10 BookFace
Q1: Bruteforcing the user for ftp even following the writeup(by Dark)
Add Hint as its given in the standalone room for the password.(I wasted 1 hour looking at hydra)

Hackback 2019 was designed as a ctf I believe so I’m not sure if adding a hint is a priority for the admins rn as there are only 4 people who could fix that and it’s just an old room

Hi all. Wanted to report a bug that I just found. In the dashboard bottom right you can see your current level and progress of it and you can also see it in your profile. However, in my case, I have two different levels (in images below):

I thought this was something maybe in the cache of my browser or something but doesn't seem like it

my real level is L12 (GURU)

Are you sure your real level is L12?

The dashboard shows you the next rank

oh, dashboard shows next level. F*ck me! 🤣 🤣 🤣 🤣 🤣 🤣

Haha, don't worry, I've made that mistake before too

I honestly didn't see the "Next Rank" since it's kind of dimmed +-

It's THM's way of telling you to Try Smarter 😉

Agent Sudo Task 3 Q.#5 https://tryhackme.com/room/agentsudoctf
The question can be answered with an incorrect password for SSH due to the character tolerance for answers. You can answer the question correctly by leaving out the ! on the answer.
(Credit to @random lily for discovery)

literally nothing anyone can about that one. That’s answer tolerance for you we’ve asked to be able to control it but until that comes out nothing you can do about it

rip

answer tolerance ladies and gentleman

why does it even exist

lower case, upper case, there’s a couple of uses for it but there’s also instances like that where it’s just like what....

I remember that if the answer to a question is 0, you can literally just press the button with a blank input and it's correct.

yup, that's definitely a answer tolerance thingy

so just live with it

lmao

Not exactly a bug, But an issue: Since uploading GIF as profile pictures is allowed, everyone is uploading uncompressed GIFs, which inturn is making webpages like Leaderboards, slow. Leaderboards page is just an example. Many pages are becoming slow, (almost every room, since there are scoreboards.)

There's an issue with Nax. The site one uses to find the creds is rejecting the input file as invalid. Not sure what's up, but seems to be an issue with a library they're using.

Custom Wordlists room, Task 5, 1. The link where we are supposed to download some hashcat rules is dead: https://contest-2010.korelogic.com/rules-hashcat.html

nope works just fine

https://downfor.io

Not sure if its a bug or not but, when someone is no longer a subscriber, he still has subsciber privileges at discord as long as he doesnt verify his token again.

The roles update daily

i am not a subscriber since 1 month, and i could write in the subscriber channel 😉 maybe there is something misconfigured

You don't have the subscriber role...

i updated my token 5 min ago

now the subscriber channel is also gone for me

You need to re-verify once for the automation to start if I remember correctly

🙂 thx, good to know

So, not a bug.

hey there

in room owasp top 10, task 26 "insecure deserialization - cookies practical" for the second flag i didn't have to change the usertype in cookie

and i could enter to the admin path

so it would be a broken access control bug i guess

Typo in the Intro To Python room - Task 3 # 3

Lol - "truee" was recorded as the correct answer

not a typo, its so you dont know the answer is true due to the number of * in the answer field

Hmm. Ok lol.

Would probably be best to change it to T or F.

i mean they could try both either way, seems silly

i mean they could try both either way, seems silly
@cobalt snow ofcours you can always try both, but when you don't immediately get the answer because of the asterix, it at least gives the possibility to think about the question/research it (at least for me it does)

It just stops you from easily guessing it.

i mean 2 guesses is still easy i would say

But either way you shouldn't try to brute force them, you should know the answer..

mhm

If they're the same length then at least you aren't given the answer immediately. You can obviously still bruteforce it, which is just cheating yourself 🤷‍♂️

It's not homework, its your own learning so be truthful to yourself or else there isn't exactly a reason to be here.

But it doesn't take the choice away from you

It's for people who aren't trying to guess it, so that if they look at the answer at first glance, they won't have a hint in the back of the head if it's true or false

(Either way I just updated it)

I mean, you can brute force all the answers on the website but you won't learn anything, that defeats the purpose. You're just cheating yourself at that point

@visual frigate #site-support

I didn't know the best way to do this. Part 1/2

Part 2/2

Hello i need help, i deploy a machine in the linux challenge room and it doesn't open, it also doesn't show the ip, i also cant use it in the browser

This would usually go in #site-support

Wait a few minutes then refresh

New feature, not a bug

IP's don't show until machines are fully booted

You don't get the

Yes as Malware said

ok i refreshed it

i just got the ip

Awesome sauce

but not the browser machine

Wut

i mean

the web browser shell

I'm getting more confused

the button doesn't appear

you can connect to the vm with the browser

the button for that doesn't appear

The button to access the THM in browser machine?

yea

That only happens with about three machines

Yeah

Most of them you have to connect to from your own box

Hack your way in

i dont get it

i was able yesterday and yesterday to acces

access

Odd

yea

ok i suppose i have to connect manually then xd

i refreshed a lot and it doesn't appear

Copy to clipboard icon is not there. https://tryhackme.com/room/smaggrotto
after deployement I refreshed this page like 3-4 times

It's not there anywhere. just confirmed by deploying learn linux.

it is happening when I am getting Uncaught (in promise) ReferenceError: IPIntervalId is not defined

hmm working for me

thats definitely weird tho

Try logging out and back in

@frosty cape idk if im allowed to ping you 👀

It's not there anywhere. just confirmed by deploying learn linux.

it is happening when I am getting Uncaught (in promise) ReferenceError: IPIntervalId is not defined

it's inconsistent for me. like sometimes it works sometimes id doesn't

Try logging out and back in
@brave reef

Ah, I think our CDN is caching a file that we've updated.

yeah it's working now. don't know if it is false positive or flaky.

cool .. got it. thanks 🙂

@frosty cape idk if im allowed to ping you 👀
@pine quiver Refresh your page and try now.

it was working for me, that was for legendary's benefit

I think I've found a problem of the tolerance of the answer on basic pentesting q11, you can enter the password without the last two chars and it still get correct answer, it wont work as kay password

This was said yesterday as someone had the same problem it's answer tolerance

Answer tolerance causes a lot of these problems. It's unlikely to be fixed, and the creator can't do anything

Minor command line typo in Active Directory Basics, Task 8. "Get-NetComputer -fulldata | select operating system" should be "Get-NetComputer -fulldata | select operatingsystem".

CurioCT [0xD] [GOD] 🤣

sir or master will suffice

not letting divinity go to my head 😄

profile picture seems to not wanna stay contained on profile page when you make the screen a bit smaller

he needs his space, let him be

hey guys, can you have a look at the last question from the HackPark room, it asks for the release date of the windows machine but when I used winpeas it does not seem to show the release date anymore !!!

have you tried looking farther into winpeas? @proven frost

yes ! I have closed the browser machine already so I can't show more prints, later I gonna run the machine again with the same script to see if the outcome is the same and then I gonna post a outcome

winPEAS is very large you just need to find where that information is. Im pretty sure that it didnt get removed

here is the whole output

https://pastebin.com/mfvMhgr4

repeated all steps everything works fine but the "Original Install time" does not display

@proven frost now, is that what the question was asking for?

Did you not say it asked for the release date?

Hey at HA Joker CTF room after spawning shell ||"lxc image list"|| command doesn't show anything so I cannot mount it. Restarted the machine 3 times. Same thing.

Known bug, you just have to spam resets and hope that it works 🤷

is the point allocation in retro a known bug? completing the 3 tasks only giving 240 points

@fair moon Can I ask why that's a bug?

Points are allocated by question, not by task

Does it have bonus points?

So chances are the bonus points were reduced

hi, little prob in the Musical Stego

https://tryhackme.com/room/musicalstego

yeah it looks like it gave bonus points at one point and no longer @spiral flame . oh well jw

i got to the pastbin part but its deleted

@fair moon Points are being re-calculated again soon

@spiral flame awesome thanks dude

I say soon, it's a soon™️

I think Skidy has said after networks

so is he gonna reset szy?

anyone ?

anyone ?
@quartz tiger It's known -- I believe the creator is looking into it 🙂

alright thnk you 🙂

@orchid remnant yea man I confused the question but still, the problem still the same

if you check the last question from the room I believe it is not possible to answer that anymore

anyone know why isn't showing me the IP of the machine?

Refresh

Is there a problem with the SSH response in the learning Linux room? Not getting the expected response using Putty to make contact. Fatal Error.

You connected to the vpn?

yes

connection looks good.

What credentials are you using?

"shiba1"

And the password?

Can't get to that part

Post a screenshot.

Post a screenshot of the putty options.

Try using ssh from the command line(powershell, cmd).

"authenticity of host 10.10.233.70 cannot be established....yadda, yadda..."
Do you want to continue? Yes
Shiba1@10.10.233.70: Permission Denied (publickey).

The username is lowercase.

yes, My fault. It was put in lowercase.

ssh shiba1@10.10.233.70 with the password of shiba1

do I need to put the password in the command line? I thought I was connecting and then waiting for a password prompt?

apologies, I am new to this, hence the reason I am trying the "learning linux" section 🙂

You are SSHing into the wrong VM @solid geode

Ok..

You are attempting to SSH into the VM from the Welcome room

You need to terminate that one, and deploy the one in Learn Linux

Thank you! totally missed that.

Each room has 0 or more VMs, and they're different

Trying it again. We were trying to get the browser stuff going earlier with no success. I've been opening and closing machines all morning, Haha!

Hi, I'm having trouble deploying the machine in the Alfred room, upon clicking the deploy button I have the notification telling me that the machine has been deployed however under the ip adress I only have this : -
I am connected to the network I checked the access page

You have to wait a bit- the machine is still launching. You can refresh the page and the IP should pop up

Thanks! @spiral flame I was definitely on the wrong one. Now, it just times out, LoL

Still nothing I'll give it some time then, thank you

@solid geode it takes time to boot

10 mins? 20?

5

Still timing out.

Check your VPN then

Not a bug, #site-support

JavaScript bug on website, to obtain IP address after deploying.

"
Uncaught (in promise) ReferenceError: startIPTimer is not defined
at deploymentInfo (activedirectorybasics:585)
at Object.success (activedirectorybasics:585)
at u (jquery.min.js:2)
at Object.fireWith [as resolveWith] (jquery.min.js:2)
at k (jquery.min.js:2)
at XMLHttpRequest.<anonymous> (jquery.min.js:2)
"

a hard refresh (to clear cache) fixes the issue, and a soft refresh (to keep cache) seems to give the IP when the server is fully deployed

Therefore it seems to be caused by old cache files, so you might wanna invalidate the cache in cloudflare 🤷🏻‍♂️

Yeah, I think Skidy already knows about this bug

Cloudflare caching be cloudflare caching too well

Move assets like that behind it instead?

New IP Timer script: Mouseover "Shown in XXs" should not give the ability to "Copy to clipboard", since it just copies the countdown-text.

Minor command line typo in Active Directory Basics, Task 8. "Get-NetComputer -fulldata | select operating system" should be "Get-NetComputer -fulldata | select operatingsystem".
@lament geyser hey sorry I didn’t see this until just now fixing now

Not sure if this has been reported but:
Even though I press "Add 1 hour" to extend my time in a room, I still get an alert that my session has ended and the "active machine information" disappears when the original session ends

Do you have multiple tabs open?

Because I've had extending work, but I've had the notification saying it expired when it didn't

I do have multiple tabs open, but not of the same room. My session is actually extended but the interface just isn't reflecting that change.

so yeah, sounds like what you have experienced

This is a typo , but since you don't have a typo room, I though I'd leave this here. This is from "Common Linux Privsec, task # 9 "What is path". On the second sentence it reads : When the user **run ** any command in the terminal, it searches for executable files with the help of the PATH Variable in response to commands executed by a user. " If it's a single user , a single user runs multiple users run commands. It's just one letter. Thanks!

Fixed @midnight urchin 👍

In the Post-Exploitation Basics room, Task #3 (Enumeration w/ Bloodhound) says to use the button with a particular icon to import your zip file from SharpHound. The icon shown is incorrect however, that seems to be used on the button for importing a previously-exported Bloodhound graph. This is the correct icon:

I know I’ve just been way too busy to change it I believe that I put a note in the room on a second way to do it as well so users can still complete it

Oh gotcha 🙂

Ah yeah, I saw that but didn't try as I don't have a GUI file browser installed atm

Room ip is not showing

Reload the page

Do a hard refresh.

did a couple times. worked now

Not sure if its already known or not but
Room: https://tryhackme.com/room/goldeneye
There is no deployable machine anymore

@frosty cape may be able to help

Not sure if its already known or not but
Room: https://tryhackme.com/room/goldeneye
There is no deployable machine anymore
@fresh tide Added back, I think it was when @rugged ermine made changes?

oh szy already pinged you. mybad

Thanks for the link, our load balancer ended up kicking the bad server out.

So everything is well again

I'll make changes to ensure this doesn't happen again.

any one do bounty hacker machine pls help me

can any help me bounty hacker how to get root

@sinful tulip @robust dawn bounty hacker is a new room, no hints for like a week or so. also ask in #room-help next time

i tryed it but it show ssh bruteforce to the login passwd but rockyou does"t get the password

@robust dawn hoe to bruteforce the ssh password what wordlist use to crack that

@sinful tulip you have login ftp

i login that and get user flag and but after it hit to ssh brute force

i use hydra to brute force to ssh login to the password list rockyou but no passwd contain it

how do you get user lin ssh passwd

@robust dawn

@sinful tulip @robust dawn bounty hacker is a new room, no hints for like a week or so. also ask in #room-help next time

can you pls stop @robust dawn ?

ok @digital thorn

Hey, the activedirectorybasics windows box keeps dropping after an hour, I've been told it's a bug that I should report here 👍

I have no clue and think that is something out of my control @frosty cape can you look into this when you get a chance

Hey, the activedirectorybasics windows box keeps dropping after an hour, I've been told it's a bug that I should report here 👍
@vast canopy Do you have the machines IP (the one that just shutdown)?

@frosty cape No - sorry. I'll ping you if this one drops though. It's happened twice in a a row now

Okay thanks.

@median sapphire did the issue with jigsaw get resolved? do I get "bug hunter" for it? 😄 (not really sure what that is?)

@zinc viper Bug Hunter is for (3) Security bugs

as in none intended routes?

nope

Security Bugs on THM website

for example: XSS

aaah I see the site is 'in scope'' for testing then? 😉

it is ( i think) As long as you don't abuse the bug / damage anything and report it as soon as possible.

@frosty cape Fresh box, dead after an hour: 10.10.15.11 - RDP no longer works:

In the activedirectorybasics room with ~50 minutes left at this point, but it probably died at the 60 minute mark

can you ping the machine?

PING 10.10.15.11 (10.10.15.11): 56 data bytes
Request timeout for icmp_seq 0

No I can't - but I also didn't verify if I could do that before it died. I'll try nmap

Nothing back from nmap

because nmap relies on ping by default

can you ping the default gateway ? mine is 10.9.0.1

probably similar for you based on your tun0 address

that’s not the issue here

nmap -T4 -A -vvv -p- -Pn 10.10.15.11 - This gave me nothing - I don't believe I was making icmp / ping requests from this scan

it’s fine it more than likely isn’t an issue with you or the vpn skidy will investigate what is happening

I think Skidy said it was a known issue with windows boxes dropping before their time ran out, just documenting another IP / room 👀

rule # 14 needs to be updated from #streams-and-videos to #thm-community-media

!rule 14

Rule 14: You're welcome to post livestreams, writeups, and videos of THM content, just please post them in #streams-and-videos.

Thanks for reporting @cinder crow we're working on it 👍

submitted

Hi! May I found a bug when terminate the deploy of machine's room. I was working on Bounty Hacker room but terminate the machine and open a new tab to finish the Smag Grotto room but I was receiving warning messages saying that Bounty Hacker machine will expire soon.

sorry about my english. I pratice writing as much as it should.

Are you aware of the Cloudfare bug atm?
Edit: I can't reproduce it again.

How can i check that?

cloudflare bug?!

actually I can access the site now

can't*

The site loaded with a message regarding viewing the page as a snapshot because it was offline.

when I refreshed I ended up with a 502 from cloudflare

I'm having the same here

Mine is gone, I can't trigger it again.

Ctrl + Shift + R (force refresh) could of been a new code push for a second

I can access it fine from a few different IP addresses now ❤️

Makes sense. Thanks @topaz venture

weird flex but ok

szy

imagine having different ip addresses to spare when there's an ipv4 shortage

smh

Let us know if there's any more issues with accessing the site

cmnatic will single handedly take down ipv4

@median sapphire did the issue with jigsaw get resolved? do I get "bug hunter" for it? 😄 (not really sure what that is?)
@zinc viper Hello, just saw this message, haven't been on Discord all day and just got back, can you link your previous messages that explain the bug, so @topaz venture or another mod can put in #685858111952781324.

Bug hunter is security flaws only, I'm afraid

^

@median sapphire @topaz venture conversation started :- https://discordapp.com/channels/521382216299839518/559443389058252800/737638878915199020

I am / was unable to capture broadcast traffic from the jigsaw box, I spoke with the box creator who said socat runs every minute sending a broadcast packet. I cross tested this with the actual vulnhub VM, which worked fine.

one test suggested was to use your web based machine which a friend did and was still unable to catch the packet either with arp, tcpdump or wireshark.

My guess would be you're filtering broadcast on the VPN certainly I made extensive captures and never saw a single broadcast packet from your ranges. If I am right about this, it probably means it's never been possible to catch the packet on THM. ? (on that basis me and my friend should get bloods 🤣 joking)

OWASP Top 10 - Task 3 needs to be updated for users that are not in this discord https://tryhackme.com/thread/5f208511ad416e66791c99cb

Oh, Good shout, thanks Cry

I'll copy those across now

FYI @median sapphire @topaz venture 2020/07/31 15:28:01 CMD: UID=0 PID=18088 | /bin/echo -e <snip spoilers> words. 2020/07/31 15:28:01 CMD: UID=0 PID=18087 | /bin/sh -c /bin/echo -e "<snip spoiler> ords." | /usr/bin/socat - UDP-DATAGRAM:255.255.255.255:666,broadcast 2020/07/31 15:28:01 CMD: UID=0 PID=18086 | CRON 2020/07/31 15:29:01 CMD: UID=0 PID=18093 | /usr/bin/socat - UDP-DATAGRAM:255.255.255.255:666,broadcast 2020/07/31 15:29:01 CMD: UID=0 PID=18091 | /bin/sh -c /bin/echo -e "<snip spoilers> ords." | /usr/bin/socat - UDP-DATAGRAM:255.255.255.255:666,broadcast 2020/07/31 15:29:01 CMD: UID=0 PID=18090 | CRON ^CExiting program... (interrupt) root@jigsaw:/tmp# tcpdump -i any udp port 666 -vv -X tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 15:35:01.430947 IP (tos 0x0, ttl 64, id 31435, offset 0, flags [DF], proto UDP (17), length 121) ip-10-10-79-38.eu-west-1.compute.internal.34650 > 255.255.255.255.666: [bad udp cksum 0x59a6 -> 0x812b!] UDP, length 93 0x0000: 4500 0079 7acb 4000 4011 6679 0a0a 4f26 E..yz.@.@.fy..O& <snip spoilers> 0x0070: 7373 776f 7264 732e 0a words.. ^C 1 packet captured 2 packets received by filter so the box is doing what it's supposed to

yes I was bored 😄

same here

The website is currently experiencing issues.

Ever since i discovered the bugs room, i keep getting something to post

Wait a couple mins

please wait as the staff try to fix it

ohh thank you. thought i gynxed myself

the server went down

We're sorry! The server encountered an internal error or misconfiguration and was unable to complete your request.

the server went down
@sonic seal not on world sysadmin day!!!

We know.

ok

im sorry

@spiral flame

Streak not in sync.

Hello.. I can't seem to answer any of the questions for Task 21 in the "OWASP Top 10" room. And I know I have the right answers. For example,

That's not how it works

#room-help

sorry.. I'll try there

is the plataform down?

#announcements

damn!! thanks

i was on a roon

Unfortunate 😦

Hello.. I can't seem to answer any of the questions for Task 21 in the "OWASP Top 10" room. And I know I have the right answers. For example,
@sharp wedge

Your machine is not up.
When up, ip will have value

We should document the current issues with the Brainstorm room. I was working on it only to realize that the answer to the number of ports question was ||6|| rather than ||3|| which I got from my scan. Also, the memory doesn't seem to match up on a test machine vs the actual machine on THM.

@covert kernel Gimme a list of issues and I'll add them

The "actual machine vs test environment" thing is a common BoF thing

That room has definitely been having issues

||We should document the current issues with the Brainstorm room. I was working on it only to realize that the answer to the number of ports question was |6| rather than |3| which I got from my scan. Also, the memory doesn't seem to match up on a test machine vs the actual machine on THM.|| @covert kernel

@covert kernel Gimme a list of issues and I'll add them

1.) Answer to Task 1, Question 2 is ||3|| not ||6||.
2.) Buffer overflow works in a test environment but not on the THM machine.

That's pretty normal for BoFs tho

You're running it in a different environment

What is the operating system of the actual machine?

There's more to it than that

Isn't the ||binary static|| though so it should be portable? Should I try different offsets?

Static just means libraries are included in the binary

And it wouldn't be dependent on the operating system right?

Have you done Linux BOFs before?

Yes.

So you'll know that it's slightly different depending on environment variables etc

I'm just saying you can't write it off as a bug yet

People have completed it just fine

Hmm OK. So the operating system could have different environment variables being passed into the program which would move around the stack.

I don't do windows

But people have completed it, and it hasn't changed

Yeah, me neither.

Is that not the one that's a Linux machine running a Windows BoF vulnerable program through Wine?

I think that’s brain pan?

There's brainstorm and brainpan and they're too closely named

I always forget which one's which

Should I try it in another OS?

The conversation is outside the scope of #site-bugs now IMO. If you'd like help, please go to the correct channels

All good. Thanks.

I had to generate .ovpn file multiple times. First 5 times <cert> </cert> was left empty and not populated. (https://tryhackme.com/access)

Which region/server did you have selected?

And which browser were you using, did you have any browser extensions installed/running?

VPN server is having issues, I'll bring it up w/ staff for you.

hey

i cant access login.php on this lab https://tryhackme.com/room/smaggrotto

i have tried 4 times resetting machine

@stoic marsh What is the Machine IP

10.10.181.136

Is the error The requested URL was not found on this server.

yes

I'm going to take a wild stab in the dark and guess that that's not the correct directory?

no acc. to packer analysing the directory is correcy

have you added it to your etc hosts file

yeah

dev.thm

That's what you put there?

Uh are writeups released for that room yet...?

Because I don't think that is correct.

Uh are writeups released for that room yet...?
@pine quiver Nope

You need to add the correct name

dev.thm is incorrect

Read what the host is

Can you delete that message then @stoic marsh

done

You should have found a file that tells you exactly what to put in your /etc/hosts file.

Try harder.

yeah

Thanks

@pine quiver any suggestions bro?

You should have found a file that tells you exactly what to put in your /etc/hosts file.
@brave reef

@brave reef yeah

Literally told you how to fix your issue.

Jabba is helping you I’ll leave it to him 🙂

Thanks Bob

Can we move this to #room-help or #room-hints tho?

As well as that, the writeup you send also tells you.

Cuz it doesn’t seem like a bug

I think I'm done here, I will no longer be offering my help.

yeah ohk

thanks @brave reef @pine quiver

Surely cant be level 8 with that many points an also top 50

There's a reason for that.

ok. 👍

Which region/server did you have selected?
@covert kernel Europe 1

Is this the issue with the cert line @brave knoll

yep

I kept regenerating ovpn on the site until it finally yielded working ovpn

Here is the screenshot from the very first configuration file i got

Streak count value is out of sync between side-bar stats and dashboard-streak on /dashboard page.

@brave knoll I spoke with one of the Owners, apparently Eu1 and Eu2 were fixed.

So this issue is no longer an issue per say.

You need redownload the config file though right @brave reef ?

If the issue happens, you just have to regenerate a bunch of times and then download the file

Re-generating the config file should work.

But as it was fixed it should no longer happen.

This might be an intended interaction(?), but when viewing Hacktivities and filtering incomplete, the filter will stay if you swap to Suggestions or Featured. But if you click on a room and then back out the filter will be visually "checked" but not applied, thus displaying completed rooms. Filter can be re-applied by unchecking and rechecking the box

i think that's something that browsers do when going back to prev pages. they fill out fields and such to the state they were in previously

Potentially, I don't know for certain it is a bug but seems odd. Other filter settings remain and are applied, this is the only one that doesn't

This might be an intended interaction(?), but when viewing Hacktivities and filtering incomplete, the filter will stay if you swap to Suggestions or Featured. But if you click on a room and then back out the filter will be visually "checked" but not applied, thus displaying completed rooms. Filter can be re-applied by unchecking and rechecking the box
@mossy ginkgo This is a bug already, I submitted it like ~2 years ago

If you filter, click on a room, then go back the same happens too

Ah, I tried to search the disc if it had been previously submitted.

Yea that was my experience as well, browsing my rooms having to reset completed filter, now I just open all in new tabs

I can't change my email address after I confirm my password nothing change and I don't receive a confirmation email

Yeah there were issues with cert genning on EU-REGULAR-1 last night so

You’d need to regenerate if you got one from there last night 👍🏼

They can take a couple of minutes, especially THM ones @stiff wind

It's weird because when I input a wrong password don't give an error just close like I input the correct one

@cinder crow Task 3 question 1, What is the term for a hierarchy of domains in a network? it asks for a hierarchy singular so should the answer be singular or plural?

Task 8 Q2 also needs the capitalisation fixed

singular

singular
@cinder crow Then maybe update the answer 😉

fixed, thanks

wait no

it should be plural I’m tripping out

A singular heirarchy is multiple ||trees||?

yes

a ||tree|| is a collection of domains

Collection of trees is a forest

that would be the hierarchy

https://searchwindowsserver.techtarget.com/definition/Active-Directory-tree-AD-tree#:~:text=An Active Directory tree is,is known as a forest.

I think it could almost go both ways I’m not sure?

It's singular, or the question needs to be reworded

I agree it’s singular it just confused my cranium for a minute

I just found a bug; in the portal of the in-browser machine, the time in the Expires in: alternate between two values (both are in a countdown)

? Could you show a screenshot or video recording

Sure!

I tried to reboot the machine and it's still happening

ugh?

@frosty cape I know you’re already dealing with things but timer go brrr?

that’s literally the oddest thing I’ve ever seen

Hahahaha

I though it was worth pointing out xD

They can take a couple of minutes, especially THM ones @stiff wind
@topaz venture I haven't received the confimation email yet

I can confirm streak badges are kinda broke

@frosty cape plz can I have my 30 day streak badge? Reached a 30 day streak, but no badge

@frosty cape plz can I have my 30 day streak badge? Reached a 30 day streak, but no badge
@spiral flame You will have got it today at some point:)

But I added it to your account.

Thanks

Nw, and congrats on 30 days!

45 is next

Going for that discount

Wow, you're very active.

Going for that discount
@spiral flame As a THM mod you get it at the same price we get charged to make it for:)

But go for it:)

I'm aware, but theoretical 5% is a theoretical 5%

Aha, inb4 "Can I use the THM Mod discount & my 5%"

gib me my discount

How to get mod?
Get gud

where are CM discounts

No one can beat my streak tho

https://i.imgur.com/MSc3ZZ0.png 100%

Heatmap and streaks count different events

You are not easily satisfied

👀

https://i.imgur.com/NzvO2yi.png

https://i.imgur.com/jF8Gvsu.png

not impressed

i'd be impressed if you had a 5k badge and flexed with that

also #site-bugs

so maybe #general D:

I really thought this was general

Heatmap and streaks count different events
@spiral flame Yeah, apparently you can have 0 activity for a day but continue your streak 👀 ~~cough cough Szy cough cough

😎

Should be on 82 days

excuse me?
*also #general *

Typos in task
/meltdownexplained [Task 1]

The paragraph needs a general rewrite, but when you have a word next to parenthesis, there should be a space before (like this example). The first example doesn't need to be in parenthesis and can instead, use a comma.

The second sentence has an apostrophe in processes'. There is no ownership for processes.

All Intel CPUs and some ARM CPUs are vulnerable to Meltdown, but various companies have release patches for this vulnerabilities.
should be
All Intel CPUs and some ARM CPUs are vulnerable to Meltdown, but various companies have released patches for this vulnerabilities.

except it's not all intel CPUs

It's x86 CPUs, that's what it's trying to say

That should be edited as well

That's not a bug with tryhackme - refers to deleted message

#general

I'm pretty sure this is a bug, but can someone please confirm this:
When the month resets your monthly score is still the rank of the previous month in the leaderboards until you scoore your first points.

Maybe it's reported, or maybe it's intended, but anyone can join a room even if it's private, if the person know the name.
(I just joined the regex room with a guess) (tryhackme.com/jr/roomname)
Add some permission ability to the room creater, so private rooms cant be joined without permission. (Maybe it should go to #544951750801752079 )

#room-ideas message

@brittle juniper we have the option to lock them already

The jr links are there for the room testers, as well as so that teachers can make private rooms for their students.

👀

Not really a bug, I do this all the time to join unreleased rooms

Oh, thanks for the reminder mal, I need to go ban you from that regex one 😁

me too lmao m in room

Um, maybe add some random chars after room name until it's public?

So people can't just guess-join them.

The jr links are there for the room testers, as well as so that teachers can make private rooms for their students.
@orchid remnant teachers will be annoyed if someone uninvited joined it to blow the scoreboard...imo

True that...

That would make sense 🤔

Um, maybe add some random chars after room name until it's public?
@brittle juniper now that I believe has been suggested

👍

👍

adding time after machine deploys; but after 1 hour the page says box expired giving false alarm, after refreshing the page the box shows remains time again and box is not expired. I don't know how to explain it more clearly.

I had this problem earlier

ah thx i am not alone

I didn’t really pay attention to it much because i didn’t find it to be a big deal

Yes, +1 , If a machine is terminated and redeployed, then it gives false notification at the time when the inital machine would've ended. (This one is about room machines. But seemingly its some problem with notfication system not getting machine re-deployed update, or refresh update.)

Why did you turn unofficial? 🥺

That issue happens if you have multiple tabs open iirc

Hey. I've noticed in "Linux Walk Through" TASK 33 title is shiba3 but description mentions shiba4 user. Probably forgot to rename after rotating task. Just a minor cosmetic issue. Tried to search through here but didn't find anyone mentioning this.

EDIT: Not sure if this the right channel to report this 🤔

Why did you turn unofficial? 🥺
@pine quiver so new people joining dont get confused and take the username seriously

oh nooooooooooo

:((((

I had this problem earlier
@final mountain Do you remember which box you had this issue on?

The intro x86-64 room

adding time after machine deploys; but after 1 hour the page says box expired giving false alarm, after refreshing the page the box shows remains time again and box is not expired. I don't know how to explain it more clearly.
@hard horizon What box did this happen on

JoyStick but it also on another room i don't remember

If you remember give me a ping ;)

maybe Injection

but i think it is notification problem not specific to any box as mentioned by "THM's unOfficial Detective" above

We're looking for similarities. If it's windows machines it only happens on, then we have an issue with windows machine etc.

i see