#site-bugs

its 30th sep right?

today

oh okay its next year

hello everyone ! I've got a problem to connect via openvpn... (TLS Handshake Fail) Am i the only one ?

thanks for reporting this. i've let the dev team know of is this issue

Gave +1 Rep to @wise maple

hello, here to report a bug

i won my first king of the hill match but the game doesnt show up in the completed games

and i did not get the badge for winning

thee game started at 18.30 circa and ended one hour later

Hello, I was attempting to regenerate my ovpn config file for US-East-Regular-1, however after regenerating the file and downloading it the file was empty. Using the same process for US-West-Regular-1 seems to work fine.

yeah i am having weird vpn problems too. this is a new one for me :
└──╼ #openvpn /home/user/Downloads/snoopbobb.ovpn
2021-10-01 05:23:35 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-10-01 05:23:35 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
2021-10-01 05:23:35 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
2021-10-01 05:23:35 OpenSSL: error:0909006C:PEM routines:get_name:no start line
2021-10-01 05:23:35 OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
2021-10-01 05:23:35 Cannot load inline certificate file
2021-10-01 05:23:35 Exiting due to fatal error

When we open a split windows as attackbox , copying from any room to attackbox is not possible. Is it a way to do it ?

There is a Clipboard popup in the sidebar towards the left of the AttackBox

on my profile page, it shows that I am currently charged £8.00

the currency should be in USD right? it reflects in USD for my receipt

@vivid hinge I was getting that same error with my original ovpn config file, which is why I was trying to regenerate it...I just tried again on the US-East-Regular-1 and the file has some content, but looks like it's missing the content between the <cert></cert> block

Resolved👍

Edit : Initialisation status complete but no connexion...

Weird message comes up after any room's feedback submitted.

Steps:

1. Submit flags/answers & complete any room, a pop up will appear with "Congratulations", at bottom of it, there's a "Leave Feedback" button, Click on It, Fill ur Feedback and Submit it.
2. Now go to "My Rooms" by hovering mouse on ur Profile Pic, Or... Visit: tryhackme.com/rooms
3. You'll see a weird message with "Thank you for your feedback! If you have anything else to add ever, write it here!" but there's no option to write further feedback.

It's Weird to see "If you have anything else to add ever, write it here" without any "write here" textbox or button.

Learning scheduler is still broken ??

I don't know how but when I go to My Rooms page, I have all these rooms (100+) I did not join. Is anyone else experiencing this?

(https://tryhackme.com/rooms)

Do the staff take bug reports from here or not? I have my one posted above and sent an email and a DM, no reply to anything?

Hey 🙂
I pinged you yesterday and asked for permission to DM, but I didn't see a response:)
May I DM you?

Hey, I didn't see anything? Yes, no problem

@orchid remnant I can not verify own.Why I cant send msg to bot

Have you enabled mutual DMs?

not sure if it's a bug or it's actually behaving as it should, but I've discovered an interesting behavior about badges.
completing the last room of any THM module rewards a badge to the user without considering if user has completed all of Module's rooms .

my logic says a user must only be rewarded a badge if he/she have completed all Module's tasks.

you can test it on the latest released module (intro to web hacking):

by completing only the command injection room you can get the badge

You are right, the badge is tied to completing one room currently. I agree it would be better to check whether all rooms are completed within a module prior to rewarding it. 🙂

it would be awesome but please don't delete my badge 😅

No worries. 😄

@lament geyser There seems to be another problem , recently i changed to my university email on tryhackme hoping to get a discount on premium but it still shows $10 a month. My university email does have a domain of .edu.pk so according to tryhackme policies , i am qualified for discount.

hi, the country monthly ranking seems broken. For this month it says that I am supposed to be #31 right now for Denmark, but my username is not in the list of top50 at all

after another room it looks like this:

so #12 vs #14

There are three users with 104 points, so there are 3 users with a ranking of 12. In the list those three users are listed 12 to 14 (even though they have the same amount of points). 🙂

ahh did not even look at the points as they are not saying much tbh (getting 100points never means getting a 100points added to that score)

.pk 🤓

@lament geyser I reported something to support@tryhackme.com a few days ago. No updates, etc yet.
Any Leads ?

there's still the bug where whenever you finish answering all the questions and get the finished message you cant turn off the machine unless you refresh xD

Its like that ever since I started thm lmao

Is it because of the confetti overlay element?🤔

I don't think so, No matter how long I wait I still can't press it.

It meas that overlay isn't being removed or disabled by the Javascript

This is speculation again, I would recommend leaving this to the site staff to diagnose and solve.

Was looking through some of the series when I saw this

It's a little misleading tbh

thanks for reporting this. i've passed it along to the appropriate people

Gave +1 Rep to @slate kite

it was acknowledged and should be fixed this week 🙂

That's been known for over a year 😆

some things take time muiri... 😂

Hi, I am facing some problem regarding subscription. If I can get any help

actually I was tryinh to have a monthly subscription, but the transaction is not going through the paypal. So i can;t understand if its the problem from paypal's side or tryhackme's side

try to ask #site-support

I was trying to update my level here on discord, and the bot said me I was already up-to-date. In fact, i'm now level 7...

Are you sure:)

🤦‍♂️

Sorry

Not a problem!

hello here !

i face a strange problem, i got my account on tryhackme totally reset.
i got a subscription, i have done some challenge, but today when i'm connect i see nothing !
someone can help me ?

not really a site bug but the bot said Im not subbed in the rank command

@ebon oyster I think your'e the one to tell this to xD

Bot has been broken for a while:)

!rank doesn’t work too

oh oops

Sorry i meant

Rank doesn’t work properly too

Hors is fixing it slowly

best way of fixing things xD

he better get paid by the hour and not monthly HAHAHA

Hors is just very busy

When i'm trying to add the static widget of my account on my github profile, Camo.usergithubusercontent.com (camo) returns an error : Non-Image content-type returned.... I contacted github and they say that the application/octet-stream isn't supported by camo. They highly recommend you to change the content-type of your images to image/png. Is this planned?

You cannot directly use the s3 link you need to save the image in the s3 link and upload it

Hey hi Cry. I have reported the same issue earlier to support (in august with little documentation) but support didn't catch up.

But actually there is a way. S3 provide meta. And anyone with sufficient permissions can edit that meta and set it as image/png

I have no idea how things work on your side. But when I was working with S3. I can clearly fix this issue.

@frosty cape that might be something to look into? 🙂
TL;DR: The profile badges in S3 have a MIME of application/octet-stream, which prevents them from being embedded. It sounds like it's possible to change, which might be worth doing if so?

POC to set header on AWS S3 Here a bot can edit or when the backend generate it it can be update at the time of first upload.

Not sure how big of a bug it is, but /usr/sbin isn't in the kali attackbox's path

Pretty annoying when a pre-launch installed binary isn't in path

Kali isn’t support by us anymore @gleaming spruce :)

Or maintained I might add

That's ootb behaviour on Kali though

Ohhh okay

Mb

Hey is there anyway to change the country of the account ?

Thanks for letting me know - I've fixed this in dev, will be live in the next few hours

Gave +1 Rep to @orchid remnant

In hours. wow. It's like dream come true. Thanks.

I'm crying 😭😭. I reported this long ago and thought will never be fixed. And it works now

the pentester badge doesnt work

ive activated and have the lucky badge again

Let me check for you. 🙂

Can you try to refresh your browser cache and recheck for me, please?

I was control f5ing to hard refresh the page, not sure if that does it. I’m AFK now but will check tomorrow

I just checked your profile, it shows it correctly now. 🙂

Thank you for reporting this. 👍

Gave +1 Rep to @low knot

No worries 🙂 thanks

.

Tysm it works now

The Leaderboard Ranking of KOTH is showing different result on every refresh...
Sometimes my Country Specific Rank is > All Countries Rank

These are the results of consecutive refresh

Doesn’t seem to be random so I assume that’s intended but I’m also not sure why it does that

Maybe You can check if you find the random results...

Issue on IDOR, Task 7

Key-word detection says IDs is the same as IDS for Intrusion detection system in its description box
Got told to post it here after posting it in #room-bugs

Thank you for reporting. 🙂

Gave +1 Rep to @rotund light

Heard it’s on task 3 aswell in #room-bugs

it will be everywhere, the keywords are a site-wide feature and i think it's just doing a case insensitive match for every word within the glossary

Would make sense

We've requested for it to be case-sensitive. 🙂

A toggle for room developers would be awesome

can be sitebug, in some path, as free user see cooming soon?

(threat-and-vulnerability-management) Misp room (there is free, but not work)

same situation
security-operations-and-monitoring btsuricata room ; btgraylog room ; btopenedr room

same situaction
threat-emulation module ...btatomicredteam room

I was doing the 'Intro to Web Hacking' module, since it's a part of the JPT path for the current event that's running, and coming to the end of the module, I had one room left, the SQLi room. Yet, the system auto awarded me the badge for completing the 'Intro to Web Hacking' module, and I haven't done the final course yet. Just figured I'd let someone know. I'm sure it's probably because the SQLi room is newer than the others or something and the system doesn't know to include it in the requirements. Maybe someone can look into it when they have a chance.

https://aaron.kill-all.men/5dr4l4JYL

on the badge script

it still says lucky

not pentester

Hah that’s funny

I know why that’s happening

@topaz venture could you drop a message in slack? ^^

My badges got reset a few days ago and I put in a ticket on the site, but didn't hear anything back It says I've only got a 6 day streak, but if you look back over my past week I never missed a day. Is there any way to get my badges restored?

Yeah, email support@tryhackme.com and make sure you keep up your streak until it's restored

great, ty

Gave +1 Rep to @spiral flame

Once a learning path is completed, the certificate of completion outputs the username instead of the full name. I have emailed support@tryhackme.com to have it changed to my full name but no reply yet.

@knotty acorn

Pinging random members of staff isn't going to get you very far -- especially given the person you pinged is a content dev with no control over the actual site.

Emailing support was the correct thing to do, although I don't believe it's possible to change the name on a certificate that has already been generated at this time.

That is accurate^^

I cannot update the name on your certificate.

Sorry, just saw them in the "Staff" category and did not feel like scrolling down to find the correct person to ping.

that is very unfortunate though.

Allo mates, found a bug. If you claim the 1 day streak freeze prize and then unlock the 7 days streak freeze prize they are not cumulative and the 7 day wipes out the 1 day.... This is a notably sucky user experience.

Fix please sudo baron in Room Internal

That's not a site bug

👌

i upload .ova its blocked at 39% for 2h why ?

I agree, this would be a lot better to have

#feedback-and-ideas

Hi there. I was working through the “Introduction to Web Hacking” and finished all of the modules except for the last one, “SQL Injection”. However, I was awarded the “Intro to Web Hacking” badge after completing “Command Injection”. Wanted to pass that along as I assume you would want all modules done for that badge.

The badge is attached to the last room (in the module) that is VIP. SQL Injection is a free room. 🙂

Ahhh ok that makes sense. False alarm. 😛

Hello Team
Do you accept the security vulnerabilities associated with TLS ?
Knowing that it is considered : CWE 200 Exposure of Sensitive Information to an Unauthorized Actor!

Drop an email to support@tryhackme.com with that :)

okay thx ❤️

Gave +1 Rep to @orchid remnant

redeeming a 7/1 day streak freeze prize causes user's subscription renew date to freeze too.

my subscription was supposed to be expired on 24/10/2021, i redeemed a 7 day streak ticket on24/10/2021 and I'm still a subscriber (26/10/2021).

I believe that's the reason why I'm still a subscribed user.

Seems to be some issues with guacamole in a room im currently in, loosing network connectivity and shit all the time, just wanted to let you know.

Rather a discord bug; I can't see the 0xD channels because of the pentester role replacing it

can't y'all change the way the bot uses the special roles? For example keep the standard role when setting a special role

(although I'm pretty sure the bot uses the API or whatever to pull levels from the website, so that'll be fun)

Not exactly. The pentester role replaces it on the site too

Hey guys I saw a recent video where a researcher discusses how VPN users can attack other VPN users because there is no ACL to stop them from doing that. Is this being addressed? According to the researcher this issue has been reported multiple times to THM.

If you're connecting insecure systems to a network full of hackers, there's a problem

Also, there'd be nothing to stop them pivoting via the target machines seeing as you need to be able to reach them.

You should take steps to secure your system before connecting it to an insecure network.

Well I know that, but shouldn't the platform take the necessary measures to reduce that risk? Other platforms do implement some type of ACL to protect their users. A paid learning platform shouldn't be the equivalent to the wild wild west

A lot of users are relatively new to Cybersecurity and don't know the basics of securing their system. The platform should do its best to protect these users and it does not seem to be the case.

https://youtu.be/RRHBGwwNi98

That's the one, thanks.

Gave +1 Rep to @celest crater

Do you know how network segmentation works?

ahm, that's not completly true

Put simply, to prevent users from connecting to each other in a network, you need to drop routes to each device. Easiest way to do that is subnetting, but that poses a huge problem to implement

I do, this is not a flat network.

for example, in hack the box, hacking another user is not as easy as it is in tryhackme

Yeah but it's still possible

Each VPN server is already routed to prevent you from connecting to devices in other subnets (e.g. 10.11 can't connect to 10.9), but, whilst you could, theoretically block off 10.9.0.2 from connecting to 10.9.0.3, you can't stop 10.9.0.2 from connecting to 10.10.10.2, as that's a target machine, or stop 10.10.10.2 from connecting back, as that would stop any reverse shells, etc

You're also warned when you sign up to HTB, or at least you were when I signed up.

This is a VPN network, actually by default most if not all VPN servers don't allow this user to user communications, also known as U-Turn by default

In other words, no matter what you do, it will always be possible to attack others, because the only way to prevent it destroys the functionality of the site

It's an AWS VPC

That happens to have an OpenVPN server in it

yep but attacking another user is easier in THM than in HTB

How would you know?

I am not taking about Pivoting, I am taking about direct VPN user to VPN access. That can be prevented

That's sound weird, I connected to another user who saw that with me and we were on different subnets.

Yes, protection should be in place, but if you start putting segmentation in (ex. Only VMs can connect back to users), then you're still in the same boat. All the VMs here are intentionally vulnerable. If someone wants to cause harm, they can still do so. They just need to pivot through a VM. There's no real way you can deal with this.

tl:dr any level of protection you put in place is moot

anyway you look at it, there is a direct path to another real person

Ah, that would be a @topaz venture issue, I believe. Again, the different user subnets are already locked down to prevent access between them, but if it's possible to prevent users on the same VPN server from connecting to each other then implementing it probably wouldn't be unwise

That said, as Spooky says, it's all a bit moot when you can just get around it anyway

By design there has to be routing between users and vulnerable servers 🤷‍♂️

if you're genuinely concerned about a user compromising you, use the Kali VM or Attack Box VM.

(Which is what new users are advised to do anyway)

It's risk reduction, that's what Cybersecurity is all about. You can never be 100% secure but you can apply controls to reduce that risk. And again if other platforms have implemented it why not THM?

True enough. I've pinged CMN to get him to look into that aspect 🙂

Thank you. Much appreciated 🙌🏾👍🏾

Having said which, that particular control is really not going to do a whole lot 🤷‍♂️
Worth having in place, but A) everyone in the network is a hacker -- if they're good enough to have a hope of compromising you then they can sure as hell pivot, and B) We already give people AttackBoxes on the 10.10.x.x subnet, which removes pivoting from the equation completely 🤷‍♂️

(Same applies to the HTB Pwn box for that last point, I believe. No idea what they do for VPN controls)

afaik AWS won't let you implementing a "ap isolation" esq feature tbh

That would be my bet as to why it's not already in place

No problem, it shocked me too since I love the platform and had no clue about this

You misunderstood.
I was talking about the case of ACLs dividing users.

all about that subject, sounds weird to me, "we can't avoid that risk, if we implement a solution the platform will not work, we are not as bad as it looks". i like the platform but the risk is enought to think on it.

the fact that it is not possible to make a system 100% secure does not mean that it is impossible to make thm a more secure platform

I don't understand why you still make it so easy for anyone with bad intentions to attack members of your platform.

you're right, but you also need to make an effort to make it as secure as possible, if you can ping other users who have vulnerable services and therefore attack them, that does not say anything good about the platform's VPN security.

you are teaching people how to do pentesting and secure their things but you do not secure yours

In AWS, Network ACL is defined by subnet, Security Group is defined per instance. 🙂

This guy made a big mess, but yeah, I know we have to secure our own machines but we as a costumer need a secured place

I'm not THM.

I trust this platform, and prove me wrong

true sorry

but, probably all this is not a new notice for you

I want to trust, but I can't if thm has this kind of problem and apparently does nothing.

Please note that this channel is to report site bugs. So if you have concrete examples of issues, please let us know. 🙂

I think this is a site issue, we all humans and we do mistakes now let’s fix this problem and let as know how we can help

Hey Tim, you do have the whole issue's PoC in the video, I can help translate if you or any admin needs that

I believe Tim knows. He means of any more issues

I mean, it's basic networking 😆

Things always can be better. We have faith in you THM. We love you, and we want to stay here. If technically don't have a general solution, consider a ROOM to teach how to protect our VM to avoid instrusions.

@bleak wraith 👍🏽 best words ever

+1

The problem is that this is a learning platform and most users do not know how to protect themselves against these attacks, at least at the beginning.
In fact they are likely to start with insecure machines.
On the other hand, non-premium users can access premium machines with the same VPN simply by having the machine's IP.
Your argument is disproved, the THM system is poorly implemented and must be fixed, both for the sake of its users and for the sake of the company itself.
If I am going to get a driver's license, I hope that the driving school does not set traps along the way, excusing itself by saying that there are accidents on the road...

I'm not THM.
I do not represent THM.
You should be security conscious.

Systems like Kali are secure out of the box.

you are senior mod of the channel and rooms tester... I understand that in some part if you represent THM more than any other user.
And kali is as secure as the user knows how to make it secure, like any system.
Nothing is 100% secure

Kali, out of the box, has no network services listening.
That makes it pretty damn secure, in particular against network attacks.

what was the command on linux to check what network listening services you have running???

One last reminder, that this channel is to report site bugs, it's not a channel for general discussion or opinions. Thank you for your understanding. 🙂

Hello @lament geyser . Sorry if this is not the place.. Can you show me the right channel to following this issue? there are any Ticket support or it will be no attended by THM?

they wont to fix it, its very clearly along the reading, they will update the terms and condition and done, "the user has the responsability to not be hacked on his platform".

This is speculation.

maybe, i like to call it, prediction.

Let the site staff do site staff stuff

Stop trying to stir trouble here.

why did i lost my streak?

I even had a 1 Day Streak Freeze from the last action I never used....

There is an error on the page
https://tryhackme.com/about

Since what is said there is not true, the bugs are reported as the big problem of the VPN and far from proving it, they try to make it look like it is the user's fault for not knowing how to protect himself.
So the text "by constantly speaking to them and taking any actions with their best interest at heart" is wrong.

Will you change it? or is it also the user's problem?

Do you know how many users have reported being hacked in the almost two years I've been here?

Rhetorical question: the answer is one, and that was actually because the user had downloaded malware from a shady video site and had nothing to do with their VPN connectivity.

Believe it or not, this is not actually the problem you think it is. You are significantly more likely to get hacked by connecting to public wifi.

Please note that this channel is to report site bugs. So if you have concrete examples of issues, please let us know. 🙂

That and, as James said above: Kali, out of the box, is actually highly secure.

I have not given my opinion 🙂 I have reported a typing error of the we

smh, don't be petty -- it's not a good look.

I think we both know the point you were (less than subtly) trying to make.
The site staff are aware of the issue, and will be looking into it, I'm sure.

I am not trying to make fun of the platform or be mean, even though I may have hurt feelings when writing, which I am sorry for.
I am aware of the effort involved in a platform like THM, but if it is known it is because of all the users who make use of it.
And I put myself in the shoes of the most novice users and the risk involved, not every initiated person uses kali.
In fact it is quite probable that young and initiated people start from windows machines.

I think the least the users deserve is the status of this report and the changes to apply.
Let's work to make the network more secure, that's what it's all about.

they should have looked into it a long time ago tho, this was discovered some time back and they have not done anything to stop or fix it.

It's basic networking -- of course it's known 😆
It's not something that needs "fixed" because nothing is actually broken.
If anything changes it will be an extra layer that gets added in to perform more isolation -- although I suspect AWS VPCs will make that difficult.

Again, there is no more danger than connecting to your local coffee shop wifi, or even to your corporate or school network (you never know who's there, right?)
In many ways there's less, as you should be connecting with a VM which will usually be secure off the shelf.

I doubt that in my trusted coffee shop as many simultaneous hackers are connected as in THM... so the risk is not the same.
And obviously it must be known by the staff this vulnerability, but you assume that when you connect on a learning platform on cybersecurity these types of holes will be plugged and it is logical that they should be.

I've made a thread for this -- please put your full concerns in there and we can discuss them without taking up this chat :)

can't write there

If anyone else has any concerns on this issue, please let me know and you can put them in there too

Oh?

How about now?

same thing

Should be sorted :)

add please 😄, interesting stuff

https://tryhackme.com/terms - terms of service are here. Section 4 "In no event shall TryHackMe or its suppliers be liable for any damages..."

if they violate the code of conduct, report it under Section 9.1

Is this the right place to discuss/report a potential vulnerability with the THM site? I did report via "Give Feedback" a few days ago but perhaps Discord is better.

Email support@tryhackme.com :) @blissful pecan

When you change your password in THM doesn't logout other active sessions automatically, implementing this would be good. (idk if this goes here)

Try putting it in the site feedback form -- it's more likely to get acted upon there 🙂

Thx

i got scared btw

not even sure if i got the tickets

same

right now

Uh

@frosty cape, if you're awake, why is the ticket redemption telling people that their accounts are being deleted?

I'd imagine that the event is over if it's on BST, but, uh

I get that message but they gave me the ticket

Jaysus I just got the same notification after finishing an nmap room, my palms got sweaty, mom's spaghetti etc. 😬

Ah, it was a response if someone tried to redeem tickets from a non-ticket room. As the event ended, if a user is completing a room as the event ended, they’ll get the phoney response.

I will fix it for the next ticket promotion event - thanks for letting me know

Aha, fair. Yeah, seems to be scaring a few people 😆

Question: I received the title of pentester. Then the TryHackMe bot set the title. I fell out of the advanced chat room. Can you change that?

Short answer: no

Long answer: it will disappear soon giving you access back

thx. :)

thats lame

I'm not sure if this is considered a bug. I've had this happen on a frequent basis; I've clicked "Add 1 Hour," and it only works once. If the timing is close to expire and I try again and it doesn't work, and the room became expired.

I need to report a bug

Hi ya'll . I need your help . The machine on "Subdomain Enumeration" is not starting . The ip address is not populating here 👉 (http://machine_ip/ ) How do I resolve this ?

Has anyone managed to find a solution for the connection problem with Task 6 in Linux PrivEsc room in Junior Pentest path? Actually I've just tested all the task's 6 through 12 and have a connection error with all of them.

The work around for now is to use the AttackBox and SSH into the machine using the provided task credentials. 🙂 This will be fixed soon. 🙂

Ok thanks

Gave +1 Rep to @lament geyser

TryHackMe staff, The vm's are running really slow, to the point of being unusable, Please add more resources. Thanks

Which VMs? 🙂

not really a bug but the inconsistency between left-aligned and center-aligned is bugging me

I uploaded a machine , and after trying to test it . I'v figured out that i have to make some changes.
But i can't delete the VM and re-upload it again.
What can i do ?

Press "Reset Upload", clear cache and log out of THM, log back in and pressing "Reset Upload" once or twice hsould work

Okey , i ll try it now , thankyou

I'm not sure if this is a room bug or site bug,. There are instances when clicking on a task and the page refreshes.

had that when checking for writeups too ^

this is at the bottom of the new room

what's wrong with it?

room is 137 days old

for the room that came out today

that's when the room was created, they all are like that

oh oops

had this aswell

Hi there 🙂
It is not possible for me to swith tabs in any given room..
No matter if I click on "Scoreboard" or any other tab, nothing changes..

Same here for me!

I also tried it in FireFox, Chrome & Opera. With the same outcome..

Same here.

I have this issue too. I noticed that appears only after i start a machine or the attack box

Congraulations on completing the Pentest+ pathway!
I found a typo on congratulation message when finished the pentest+ pathway

I am also recently noticing this issue.

During the last few days, sometimes the page will refresh when I try to click on a new task tab, or the page will refresh when I click on the "writeups" button. Sometimes it refreshes everytime I click on "writeups." Anyone else having this issue?

Noticed this too. Switching tabs refreshes the page..

Same issue. It happens both with the new tab interface (nothing happens) and the old interface (clicking an item reload the page).

It happens both with the last version of Firefox and Chromium.

So same issue and behavior confirmed by at least 7 persons here.

@orchid remnant It's been at least 2 days this systematically reproducible platform-wide impacting everyone is happening. Could you alert the tech guys maintaining the platform please 🙂

@remote laurel fix site pls

Temporary workaround:

Execute manually some steps of this function: https://assets.tryhackme.com/js/rooms/public/logic.js?v=3.11

function initWriteupClickModal() {
  const _0x22be06 = document['querySelector']('#writeups-simple');
  _0x22be06['style']['display'] = 'inline-block',
  _0x22be06['addEventListener']('click', function () {
    modalFooter['innerHTML'] = '',
    writeupFormEl['style']['marginTop'] = 0,
    modalTitle['innerHTML'] = '<i class="fas fa-pen-alt"></i> Writeups',
    modalBody['innerHTML'] = getWriteupListHTML(roomDataGlobal['writeups']);
    if (!addWriteupBtnClicked) modalFooter['innerHTML'] = '<button onclick="showWriteupForm(this)" type="button" class="btn btn-xs btn-secondary mb-2">Add Writeup</button>';
    modalFooter['appendChild'](writeupFormEl),
    $('#modal') ['modal']('handleUpdate'),
    $('#modal') ['modal']('show');
  });
}

Eg. in the JS console:

modalBody['innerHTML'] = getWriteupListHTML(roomDataGlobal['writeups']);
$('#modal') ['modal']('handleUpdate');
$('#modal') ['modal']('show');

This will show the Write-up modal.

Enjoy @vital plover @wooden plank @quartz whale @mellow basin @young quiver

This has all been reported and we're looking into it. Thank you all for your reports! <3

Damn! Thanks!

Gave +1 Rep to @wheat heron

Fix Fix Fix

This bug has now been fixed - thanks for reporting.

Gave +1 Rep to @wheat heron

Thanks @frosty cape

Gave +1 Rep to @frosty cape

https://tryhackme.com/terms

extra the

Thanks 🥳

Gave +1 Rep to @frosty cape

it's not any the, it's THE the 😂

Hello there, im having an issue where i want to reset the password. I don't receive the reset password's mail (i checked everything) and still got the message 'email already taken' if i try to sign up again. What can i do ? Rip for this email adress ? thx 👍

It appears that THM's store site is blank at this moment
https://store.tryhackme.com/

it's fine atm for me, do you have any console/network errors?

Just went back to check it out, it works perfectly for me now. I was curious about the swag and decided to take a look just now and appeared to have an error, but there wasn't any console/network errors on my end tho. Tried to refreshed it earlier on as well.

ah maybe it was dead for a bit then earlier

Now it makes sense, thanks a lot for looking into it man 😄

Gave +1 Rep to @mild breach

hehe i'm not staff, i just wanna make sure it's not user error before things are potentially escalated to the admins/staff 😅 glad it's fine for you now

Was idly playing with the button and learned that the Scheduler seems like it thinks things will take years and years.
Example:
Jr Penetration Tester Pathway: ~56 hours
If I set the scheduler to 56 hrs/week, It thinks I should be done by the 5th of June.
Counting from the max 168 hrs, 18 Jan 2022 (Presumably?)
I think it assumes that at 1 hr/week I should be done sometime in 30 July 2028, unless the smaller numbers are skipping whole years.

Does anyone have an idea why the skills matrix is not visible in my dashboard? I have tried different browsers but I cannot see the skills matrix anywhere (Firefox, Edge, Brave). Would love to see it to keep track of my progress.

Hi. Please can you repare the room "zero logon". I am trying to access it it is not possible. The page is broken AGAIN. It does not load.

small type-o: underlined should be "changed" not "changes"

My user name not showing up in the country leaderboards ?

this is not where I live

@gentle raven change the flag by clicking on it

Did

It keeps changing back lol

It's a bug and has been acknowledged by site staff

lol im dumb :D, didn't know you can do that, now it shows up correctly, ty

Gave +1 Rep to @zinc orchid

Lol

Typo in the msg after submitting "About me" details. Horay Hooray

When I start any room site give me same ip all times (its down )

It says I have running machine , but its not true

regenerating vpn didnt help

I cannot terminate "running " room

Its ok now

Sounds like you're using the IP on the top bar when you need to be using the IP under Active Machine Information.

Hi guys! I'm having troubles with the leaderboard. I'm supposed to be at rank 40 something in Argentina leaderboard but I'm not, I have 14604 points

nope , it my tun0 ip on top , isnt it?

That's your IP.
That's not the IP of the target.

You need to be using the IP listed under Active Machine Information, that's the target machine

http://gen.sendtric.com/countdown/wx988xkug5

the site timer is off by about an hour

and it could not be messed up timezone thingies then???

hello, when i connect to oscp overflow with fuzzer.py, it straightly show could not connect to the target? why ?

@frosty cape

Can the username on THM be made case - insensitive?
It doesn't seem to be a good idea to use the same username with different case

Hi there 🙂
At my Public Profile, in front of the Yearly Activity Tab, the "M" of Mon and "W" of Wed are cut off on the left side. This is NOT browser dependent.

this is a good idea (if done from the start) but think about people that are currently overlapping with case, what would happen to bob and Bob?

As THM is now a more popular than ever before, people started including their profile links to their resume.
One of my friends told this issue and I wrote it here.
For the current overlapping cases, need to find a workaround

Or this even an issue ?

Why doesn’t it? Just because it benefits you as an employee or job searcher doesn’t mean it’s a good idea

Case sensitive usernames are much better imo and they allow for more availability in usernames

As well as that, case insensitive usernames means that all usernames are in lowercase but personally I like my username to have a capital letter

Furthermore there’s literally no reason why it’s a bad idea for people to have similar names but with different cases.

There’s more than one person called “John Smith” in the world, it’s your job to let your employer know which John Smith you are

And finally, if you sign up with “Jacob” but then you use your username as “jacob” then that’s your fault for typing a different name to what you signed up with

Thank you for coming to my Ted talk

Looking apart from job related topic, for a public figure
how about like johnhammond and JoHnHammond

As someone in infosec, you should be trained to spot scams

It’s like “stean.community” instead of “steam.community”

That's a good one! 👏

But in terms of another person's perspective, for a scenario like picking the profile link during a call, the user must define each letter as capital or small right ?

I just xprnced it a few hours before. For a 5 letter username, he was coming up with a sentence

As the manager of the inbox, I experience it all the time. I think it could be made clearer from sign up that usernames will be case sensitive but even in other games and platforms I’ll tell my friends the same case as how I signed up and how it appears on the leaderboards

Hi, I have an issue I want to let the devs know

There's a bug with the leaderboards in which it locates me as someone from Afghanistan when I am really someone from Chile, the issue being that the whole leaderboard bugs out because of it, placing me in last place when in reality I should be way higher in my own country's score considering how many rooms I have completed. Please fix it! I really want to compare my score with people from my own country.

Got the same same issue

Hi support, I'd like to ask for help, just noticed that my country profile changed upon checking the leaderboards.

Ohh, it seems that we have the same issue

My country too changed

it's still in Afghanisthan

I can't change it

is the site forgetting our old inputs? i partially did a room yesterday(tor room) and today some of the answers were gone, I re-entered the answer and clicked submit.

faced this in another room yesterday as well.

It shouldn't have accepted

Obviously answer is this:

Answer tolerance. It's the same across the site -- you can afford to get a certain number of characters wrong.

Hello! I'm pretty new to the site (and this Discord) and wanted to submit a problem I've been having recently. I'm working through the "Complete Beginner" path and have found on a few occasions that when my deployed machine is nearing the termination time, I'll extend it and still get the notifications that it'll be expiring soon. Then, after a few minutes, I get the notification that it's expired and regardless of the time left on the machine, it'll terminate. This isn't a huge problem, but a mild annoyance.

I've experienced the thingy with the notifications, too. But without the machine actually shutting down..

Hello! i have was intented to buy 1 month subscription but by mistake bought 15 months.... Could any one help me on how to get refund... $150 is a huge amount for me

Email support@tryhackme.com

Thank you

any news????

Following this as well

Hello I am having an issue with the country, it shows am in afghanisthan when infact am not

Good morning, this is a known issue atm. Visiting https://tryhackme.com/api/user/update-timezone should update this for you

i cant use the hint button

in any room basicly

and in my browser it throws up errors

like this

each time i press the hint

am i doing smth wrong?

or is this a bug

That image is very truncated

I think there is a bug that occurs when you update your profile info, my country on tryhackme was originally Ireland, after adding some info about myself it changed my profiles country to Afghanistan. I have tried changing it back but it doesn't save to Ireland, but instead reverts back to Afghanistan

im on the afghan leaderboards, used to be on Irelands'

+353 is Ireland prefix

Visit https://tryhackme.com/api/user/update-timezone it should fix it

worked thank you

Gave +1 Rep to @waxen quarry

anytime

Thank you for this!

Gave +1 Rep to @waxen quarry

Anytime

Is there someone I can speak to regarding my thm 30day streak? I seem to have lost it at one point but I made sure I was on it everyday.

support@tryhackme.com

ty

Gave +1 Rep to @mild breach

Sorry for directly replying

The static badges are now embedded in GitHub and work fine. But are not updated when you regenerate the badges. WHY? because GitHub need a new header as Cache-Control If there is no Cache-Control header GitHub doesn't update it. So please add a Cache-Control to some realistic value like 1 day or 12 hours or no-cache
IF you set it to no-cache It will cost you (tryhackme) money. Setting to real value like 1 day will costs GitHub bandwidth.

Setting Cache-Control to a age require to add time as cache-control: max-age=120
else Cache-Control: no-cache
More info about cache control header from morzilla docs - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

Further evidence how and why issue happened- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-anonymized-urls

TL;DR - static badges doesn't update automatically embed on github. Require a header name Cache-Control set to a real value or no-cache (can be set using metadate)

can be set as same way other header are updated

My student email is not recognised, the site is displaying the same 10$/month, what should I do?
Edit: Emailed already.

okey generating certificate, for advent 2020 generate certificate for aoc 2021, proudly achieved 😄

Hi

Could you please not post "Hi" in half a dozen different channels -- especially not channels that have a specific use? 🙂
Drop into #general if you want to chat

Make that a dozen. Jesus that is spammy

It said that i needed to do this for verification

Sorry

What did?

The website or so I thought

If something said you need to spam something, it needs to be changed

Turns out i got trolled

Sorry about that

I am facing an issue where I am unable to change the country option in my profile

When I update it, it says that it has been updated but as a soon as I refresh the page. There is no change.

Which is the latest version of Windows Server? Answer: Windows Server 2019 is wrong

this is for #room-bugs , but you also need to say: what room? what task? why’s it wrong? what should it be?

i didnt find a channel for "report wrong answers" and i didnt must help..... https://tryhackme.com/room/intro2windows

What task?
What question?

Hi , I have a problem with my account in tryhackme . After I cancel my subscription , my region has been changed to afghanistan , I tried to change it but after when I go to my profile it shows my region afghanistan again . I had typed my phone number too , there was not any problem when I had premium . Please help me to fix this problem.

Try this link https://tryhackme.com/api/user/update-timezone

It worked , thank you

Gave +1 Rep to @zinc lichen

hi guys. on my public profile it shows a ukraine flag when actually i dont live there. is there a way that i can change it? i didnt find any option on my profile settings and the above link with update timezone redirects me to my dashboard

This should do the job, I think 🙂 (without any vpn)
Visit this link: https://tryhackme.com/api/user/update-timezone

tried that already nothing changed

hmm.. sry that's all I got..

no problem thanks though 🙂

contacting the support email might help too

!email

ye i will try that thanks

good luck

Hello -- I'm unable to update the country on my profile. I can see on the AJAX request that the countryCode property is being sent but when refreshing, it goes back to the old one.

1. update - https://user-images.githubusercontent.com/63473630/143543817-c0db1ccc-29f6-4def-82e6-3c03aa72e954.png
2. reset - https://user-images.githubusercontent.com/63473630/143543805-815c6d02-9f72-4f68-b2c9-6185a572eb5a.png

sent on email too, support@

@harsh vessel

did anyone notice that on few courses like https://tryhackme.com/room/owasptop10 for example, exercise is going to the port 8888, but only 22 and 80 are open? I had the same problem with https://tryhackme.com/room/kuberneteschalltdi2020 where I needed to access 6443 port, but only 22 was open. It seems like some kind of filtering is happening even though those ports should be opened, they are blocked.

Good morning. This sounds like you may just eeed to wait a little bit longer for the services on those ports to start up (:

Usually means the wrong VM is open for the owasp room

@covert kernel yo can you dm

worked, thanks @zinc lichen !

Gave +1 Rep to @zinc lichen

Can somebody help me with Road?>

This channel is for reporting bugs with the tryhackme website

#913866798284288110

Verify yourself typing !docs verify and follow the instructions given by the link, then you'll see the appropriated channel

...are you sure they need to verify for that?
It's good that people verify, but perhaps misleading.

I'm not 100% sure if they can see boxes channels being unverified so I still told him no matter what

There is a problem with the pre security certificate

The certificate doesnt have a picure of the course i finished or any information of what course i bypassed

i subscribed to premium with Paypal.
I got transaction email from Paypal and Premium activate email from THM.
But my account still has not Premium features.
Pls help me

Email support@tryhackme.com

Some rooms do not give points

15 + 0 == 15 🤷‍♂️

Potentially

What room is it @sharp gyro?

As in:
https://tryhackme.com/room/tutorial

Correct -- it's only viewable through the management page

The site isn't really about the points

Oh, for THM it's 0+15=0

I asked Skidy if the +50 etc applied when it was set to zero pts/q and it doesn't

Huh, TIL

It's also weird with the walkthrough %age thing

That's still a thing?

Yeah, walkthroughs are still 8pts/q. That's implemented with 25%

i've seen today people sharing their badges with broken icons

Hi the code AoC**** for 20% discount is shown as "Invalid Coupon Code". I want to subscribe for annual subscription. What is the email for support?

!email

There you go :)

Hi, I've been trying (several times) to change my country from Afghanistan to France (since I'm french 😅 ) but the change doesn't work

Hey THM-Guys,

i had recently struggle with removing friends, since scrolling down made that remove (x) function wander even more down the page without being able to reach it with my mouse cause it was leaving the intended container for it.

I also found a little workaround to it. still, you may want to have a look at it, i noticed this happens to everyone i talked to about that "wonky" remove friends feature on the site.

what i tried in the first place:

• resizing the browser window
• using different browsers
  • ff, edge, chrome
    -having no addons running at all

what actually got me to the remove friend function:

• aiming to othe "friends-block" function in devtools
  • unchecking "max-height" setting.
  • unchecking "overflow-y" setting.

Hey guys @small forge @twin oyster , I think there's an issue in the answering of the 4th last question of the Room Carnage

guess this is for site related issues. go for #room-bugs and/or #room-help

👍@storm meadow

Hello, recently I've noticed that the country affiliated with my profile has 1) changed for no reason and 2) can't be change back (bug?).
For days, I've tried so far to change it to something else, but it always reset to "Afghanistan" (after a refresh or checking on my public profile).

Is this issue known ?
How can it be fix ?

Yeah, I just realized that this is the reason why I cannot promote in the leaderboard of my country. I also tried to change it, but no luck. Any help would be appreciated! 🙂

Here is the answer.

https://discord.com/channels/@me/915706187050274857/915706642908217355

I dont know if you can see the content, so I paste it here.

Hey there!
With our new API changes, our "update-timezone" URL has been moved.

To update the timezone/ country flag on your account to your current location, disable any incognito browser sessions/ VPN connections and click this link:

https://tryhackme.com/api/user/update-timezone

You do not see anything happen, but it should take you straight to your dashboard -- this means it has worked.

anyone knows if the broken badge icons are gonna be fixed?

mini bug with leader board not updating when changing countries

^

Hey, this is a known issue with the software team. We're working on resolving it ASAP!

try the reset timezone link, https://tryhackme.com/api/user/update-timezone

hi

It worked, many thanks!

Gave +1 Rep to @celest edge

You cant register on the new advent of cyber day 2 https://static-labs.tryhackme.cloud/sites/aoc-cookies/#

That's not a site bug or a room bug 🙂

Keep reading the questions

Also, @cinder crow, put a goddamn warning in the question

Hi guys, on my profile its showing that I'm from Afganistan, while I'm sitting in Scotland 😄 I tried to put my number with +44 but it doesn't help. Now I sent !rank command to tryhackmeBOT and he said that I'm not subscribed, but I'm 😄 Do you know how to change country origin ?

https://tryhackme.com/api/user/update-timezone
🙂

Thanks! Now it's correct

Gave +1 Rep to @orchid remnant

What do you mean?

it lets you register

and there is a hint

no terminate button in ustoun room 😭 just cannot restart machine

Someone to speak privately about a problem?

hi everyone

cookies are the biggest scam

they trolled me

Oh dear. That's not good.
https://admin.tryhackme.com/complaints for complaints 🙂

nah

(In other words, can we get a little more information on that?)

I'm good

oh

I played Advent of Cyber, did everything that room told me, refreshed the page and it didn't work. You had to go there again and press on here link again for the page to display content. Refresh doesn't work, when theoretically, it should. These are trolls

I couldn't figure that out

That doesn't sound like a troll to me

Why not? So you're saying it was done on purpose?

No. A badly developed application perhaps (cc @cinder crow), but not a troll

Unfortunately for you, you'll see many of those IRL

Initiative will take you a long way

bruh

Its not a troll. You had the wrong page. You were probably reloading the registration page and not the login page

prob.

It was my stupidity for not being able to figure out such a simple thing. Sorry for bothering

I am now watchin John Hammond's video, he had the same problem as me lol

Why cost the premium after login 1,5€ more? Without 6€. With Login 7,5€, newsletter (aoc2021) 4,8€

Hi, is there a problem with email ? Didn't receive any email like password reset / subscription confirm

Did you use a email connected with a account/ did you type it correctly/have you checked spam folder

Yes

ofc

hmm

maybe it will take some time, maybe wait a few minutes and see if it shows up.

more than 1 day ?

for me it comes instantly, maybe if you have multiple emails you could try to search through their inboxes and see which ones have gotten emails from TryHackMe and try that one (that's what I did when I forgot what email I used for TryHackMe).

Email support

hi am facing a problem in THM website

the problem is when i update my profile !! when i set the country and submit everything and it tell me "Thank you. Your details have been recorded"

after that when i reload the page it reset the country to afghanistan flag

#site-support message

thank you i fixed it

No problem

link "process here." on https://docs.tryhackme.com/docs/room-creation/room-creation-getting-started

What's the bug?

the link href is https://docs.tryhackme.com/docs/room-creation/the-review-process%22 the extra double quote is breaking the link

The docs.tryhackme.com site is deprecated -- it has been replaced by help.tryhackme.com. Where are y'all even finding these?

Idk, ask UsN, it's him who reported it, but I guess from google results

if i start a machine, then after 55 minutes or so i go ahead and add more time. after 5 minutes has passed (the original time limit ends) i get a message about the box time has run out and the box shutdown (even though i just added 1 hour and the box is still live)

and the information about the box disappears because the time ran out

That last bit can be resolved with a refresh

also for rooms with more than 1 machine to run. if i complete a machine and terminate it within 60 minutes then start another machine. after 50 minutes i will get a message about time running out then the message about time being out and machine stopped. Even though I already terminated the machine and started a new one

in https://tryhackme.com/access -> FAQ -> I can't get my VPN working -> "docs " link (in "I keep getting disconnected " too)

Hint for Question 1-Day 7 of AoC shows the flag for the question

oh I see what happened there

that was supposed to go in the answer field I think

Yup

Day 7 AoC attached VM unusable and unstable as of 9:00 AM EST today.

Is fixed. 🙂

Is fixed. 🙂

Day 3 AoC Attackbox/Room is unstable and crashing as of right now 😦

First question of Day 3 AoC indicates http://MACHINE_IP instead of the ip.

Not a bug. That means you haven't deployed the machine

okey, thanks, sorry for that

There is a bug with changing country in number phone (Profile > About you) - when selecting a country and giving phone number (or leaving empty phone number with just selected country) it gives back to the first option (Afghanistan) after refreshing page (but number phone is saved).

#site-support message

Thanks ❤️

Gave +1 Rep to @waxen quarry

Anytime

is this a bug?

idk

It shows your progress towards your next rank. 🙂

huh

3020

i didn't really pay attention to the bar

but 3020 doesn't look correct

i leveled up yesterday

https://tryhackme.com/room/cyberweek2021

http://repairshop.sbrc/wp-login.php

this link not working

Did you add it to your hosts?
This isn't a site bug. It's an issue in a room.

ohhh

hi

is there any problem in
https://tryhackme.com/room/adventofcyber3#
Task 14 [Day 9] Networking Where Is All This Data Going
What is the username and password used in the login page in the HTTP #2 - POST section?

i got username and password with dot between them like
McSkidy.Christmas2021!
and still wrong !!?

https://tryhackme.com/christmas

Not really a bug just a typo but as you can see it says “beginner friendly security exercises VERY day”

: instead of . 🙂

@runic crag #room-bugs

Counts as a bug IMO, at least here

https://tryhackme.com/develop-rooms there's no space between assign and tasks, and there should be. not a bug, just a typo.

hey, this might be asking just to ask, but there's a lot of grammatical errors in https://tryhackme.com/room/packetsframes, would you like me to send an email with everything?

Details in #room-bugs

yeah me toooo

it's really annoying

Just had a machine stay up after refreshing the page after it should have expired. (Time remaining said something like "0-3m 0-15s" and didn't count down, and it was still reachable from the Try Hack Me AttackBox, which was also still up after it should have expired.)

Refreshing again fixed it, though.

anyone have problems with the room Relevant? soon as i run gobuster even with a timeout etc. it goes for awhile 30 minutes or so? Then i get exceeded error. and i cant run gobuster after that. I also cant terminate the room and restart it? what gives?

When you launch the attackbox you can reset the timer by clicking on THM AttackBox button next to the Machine Information one. I think that the machine would still expire when it should but i don't think the timer should be reset when refreshing the site or the attackbox.

minor bug, completed rooms not hidden after you go back

I feel that this button is poorly named...

Hi, I don't know if it is a bug or me who does not understand. The Leaderboards say I am no.42 and when I go at 42, I'm not there ...

looks like there's a tie

hello , i can't enter acting with my machine

in Kali Linux Box there is lag and very slow
my account is premium for 1 year

Minor issue, static profile badge isn't generating the icons properly regardless of how many times its regenerated

they are right, just tried regenrating the static image, its broken

seems the time for the browser vm 's is broken as it keep resetting to 2hours left every time i switch vm's or just click on the vm name again as shown here:

https://imgur.com/a/gGyXYzz

tryhackme@linux3:~$ wget http://10.10.49.77:8000/.flag.txt
--2021-12-15 15:48:21--  http://10.10.49.77:8000/.flag.txt
Connecting to 10.10.49.77:8000... failed: Connection refused.

This is definitely not a site bug.

dunno if this is intended behaviour but I have noticed this 3 times now. On occassion I willy copy / paste a flag to short. Like if the flag is THM{THIS_IS_A_FLAG} I will copy only like THM{THIS_IS_A_FL

the challenge accepts it cut off like that

Answer tolerance.

static badges are broken please fix it

spelling error ig

is multitasking like this by design?

Enroll in US English, Enrol is UK English. 🎄

Can you pls fix the static badge. It's broken for more than 2/3 week

No they aren't

I cant terminate the machine and the hints won't alert any pop-up after few minutes

Hi, whenever I try to accept a friend request, I get an error 404... Any idea why ? Might be a bug ?

I can't connect to openvpn it always said file corrupt

On my vm of course

Drop in to #site-support for that one

Hello, I just completed the aoc room a couple minutes ago and still had my streak, then started another room and it went to 1

Up ?

I found a flag submission bug where it takes the answer as correct even when a character is missing. So far it has happened to me twice in AOC rooms

That is called answer tolerance

oh, didn't know that existed

There's a slim margin of error that's accepted in case you make a typo copying a long command or flag

Thanks for telling me :D

Why does it say 5 learning paths ? Shouldn't it be 7

web, complete b, junior, comptia, offensive, defense, pre security

Maybe it should be "Last 7 days" and not "this week" ?

My location is erroneously set to Afghanistan and I can’t change it 🤔

Try this link https://tryhackme.com/api/user/update-timezone from your laptop and I hope your location will be set to normal where you belong from.

Thanks!

Also it's a bug which is faced by every users who have changed their country location or have modified their location via mobile phone.

Gave +1 Rep to @lament lodge

Is this normal?

Thank you for reporting. I have forwarded it internally. 🙂

Gave +1 Rep to @lapis heron

Thx

Gave +1 Rep to @lament geyser

no

Do u know what it is?

nope

I know for sure that it isn't normal

Fr tho

the room https://tryhackme.com/room/rpburpsuite in task 9 tells you to learn more about Burp go to > https://tryhackme.com/room/learnburp which has been set to private.

hmm

please anyone can fix that static badge.... Pleaseeeeeeeee...... ITs stucked

guys can someone help
on my about page the country keeps giving me Afghanistan and each time trying to change it to my country it doesn't change

reload the page

i did multiple times it didnt work

close browser from process , try again , clear cookies , try again ..
i hope thats work for u

what os are you using ? are u inside the thm browser based instant ?

nothing worked

i tried from windows and linux

chrome , opera and firefox

check your network connection then , i think it is a network issue i guess

Visit https://tryhackme.com/api/user/update-timezone

thanks done

Gave +1 Rep to @waxen quarry

Np

Not a site bug but related to discord, this @patent garnet cooldown is killing me, can't the time be reduced somewhat?

What cooldown? For rep?

Yes

+1

Why would you like to reduce it though, I'm interested

Well because of the following example

Thanks @spiral flame

Gave +1 Rep to @spiral flame

Thanks @covert kernel

I could say I understand but since reps are mostly meaningless I don't really see the point :p

The cooldown is in place for a reason.

& yeah it's to avoid rep abuse ig

Yeh, I guess that makes sense

👀

Let's see if it's over thanks @covert kernel

Hii

I am new member

Please is this normal? my badge does not load properly even after regenerating it multiple times.

@torpid hedge Please do not spam.

Not a big deal but in the Day 24 of AoC3, phishingemails1 leads to nowhere

https://tryhackme.com/room/adventofcyber3
https://tryhackme.com/room/phishingemails1

When are we going to get the list of winners for cyber advent 3 of thm?

They said it will be on the 27th december

small site bug

And it is the 27th December. This isn't a bug.

Greetings support.
I must have changed my number 20 times already and it keeps on resetting and putting me in Afghanistan and without my number everytime I leave my profile page and come back

https://tryhackme.com/api/user/update-timezone

Hehe, niceeeee
Do us a favour and drop that one to support would ya?

Deleting it from here given it's falling into the range of security bugs but if you drop an email to support@tryhackme.com with it, they'll get back to you 🙂

Any update on the Suricata room? Seems to still be in progress. 🙂 Thank you!

last time I checked 1/3 was 0.33..., not 0.32

also would be nice to have an indicator that the room is a subscription room before clicking on it

https://tryhackme.com/room/windowsfundamentals2x0x# -> Task 7. i don't know if this is a mistake, but addon uBlock blocks the picture"netstat.png".

It's known bug from weeks and people might be busy to fix it. You need to wait

-The rooms on the phishing module don't appear on the search tab. They are available only from the Learn tab.
-None of them add up to the total of completed rooms in your profile.
-No points were awarded for the tasks either.

Besides from that, it was a nice module.

They're private rooms, pretty sure those are all intended consequences

There is a bug with static profile badge icon: The rank, room and badges icons are not appearing

When I terminate a machine manually, the javascript on the page continues to operate. If it is the only machine on the page, I get expiration popups, which is only a minor annoyance. However, if the page has multiple machines, the false expiration of the previously terminated machine winds up hiding the header on the page that displays the IP address of my current machine and the terminate button. This really becomes a problem on pages that have multiple machines, such as AoC. I wound up having to refresh the AoC page after terminating a machine because my progress was stunted a bit.

Same issue, I found to work around this I need to:

• Log out
• Log in
• Terminate machine

I generally re-log one more time to make sure.
Has happened probably 3 times to me. Very frustrating.

You should just be able to refresh...

Nope, will not fix it, it will pop up again and allow me to click terminate, but will not actually terminate

Click the button, it confirms it is done, but wont allow me to open a new machine

It keeps telling me I still have a machine active.

That's likely a different bug then

Hey, when I try to download my opvn file, I'm redirected to page 404.

Try to follow the instructions from the below link see if it helps
#site-support message

Thx @sharp gyro for help !

Gave +1 Rep to @sharp gyro

I get a 404 when trying to download a holo vpn file

I've tried regenerating

Seems like it's just holo

Wreath works fine

welp, I just read the messages above

welp, followed Jabba's instructions (logging in and out and regenerating) and it's still not working

I can't switch VPN servers because there's only one for Holo

pictures not loaded @ Network Services only

In Profile page, in the About tab, whenever i change the country flag and click on submit details i get a popup that the details have been recorded and then the flag changes. But when i refresh the page i get the old country instead of the new one. Its not a major issue in any way but its still an issue.

Try this:
#site-support message

Ohh wow it worked just like that.. thanks 🙂

Gave +1 Rep to @astral forge

Not sure if this is a known issue but I see a bug in the monthly regional leaderboards; I'm listed as #6 up top but then on the list I'm #8.

I've seen a similar issue a few days ago where I was listed up top as #15 but then looking at the actual list, a different user was placed as #15 and I was actually nowhere to be found on that list.

Both issues were specific to the monthly leaderboard only.

screenshot for context

@scarlet creek it’s because you 3 have the same amount of points

Fair enough, makes sense. Although it doesn't explain the other bug I mentioned (which sadly I haven't screen grabbed). I'll be on the lookout in case it occurs again and will follow up if so.

So I subscribed a month ago (in a couple days is my payment date from what I remember)
The profile section on the website shows I'm not due to renew until 06/01/2022 though

That's today

Oh I'm an idiot! It's backwards xD

*Forwards

Today is 01/06/2022 xDD It throws me off all the time lol

Local formatting is just different

can't operate website (click links) while confetti is falling. seems like confetti is in the foreground.

I don't think that's a bug, it happens to everyone, unless it wasn't supposed to act that way

of course a bug can happen to everyone. since when is it a criteria that bugs only happen to some people?

either way it was annoying me

here is another one

It annoying you doesn't mean that it wasn't intentional 😆

No idea if it was or wasn't though 🤷‍♂️

I've been solving rooms for the last 40 minutes

clock is in the top right corner

Chances are that's time difference, but don't quote me on that. It's not midnight in UTC yet

Either way it should probably be in local time

it probably should

(but then you get other issues. good luck with that)

Lol, I gave you an opinion, who took a dump in your cereal?

Calm it 🙂
No issue

sorry I didn't mean to sound (look, read?) offensive. i probably could've worded it nicer.

Hi! I have a class that is using the THM platform for some intro labs, however, we need to start using the OVPN app with the configuration files. Attempting to download the files, brings up the 404 page. Regenerating doesn't help with this. Any thoughts or a timeline on getting this corrected? Is there a different webpage for it? Thanks for any help!

There's steps to address this pinned in #site-support

Thank you!

Gave +1 Rep to @spiral flame

Hey, I cancelled my premium like 3 months ago because I didn’t have time to get on. I thought it would stop charging my card the month after I cancelled but it didn’t(I even logged on and I had no access to premium rooms or services, yet my card was still charged). So what I did after that was delete my account, I was still charged… What is even more strange is that it sends the invoice to an email which I have never created a THM account with.( I got two emails). I’ve emailed support but still no response. Help me please.

I wonder, if just by being here with the discord token of my old account makes it believe that I still have that account even if I deleted it ?