#room-ideas

Vulversity*

This channel is for asking for rooms to be created

Can u create fun box

I try my best.

It's a great room

I tried on vulnhub

If you're not here to request a room on a specific topic, can I ask you to move to #general please?

Can we have a room about pwn completely?

There's 1 in works, IIRC

owo

@lunar plank recently got the opportunity to work with suricata, ftk imager and autopsy great tools, eagerly looking forward to have rooms for that. I hope you come back to room dev ASAP. Best wishes.🙃

Is there any rooms which are good for two people to work on??

I try my best.
@somber crow hahaha oh james

Ahhh I just realized that was from last night sorry for early ping 😱

Is there any rooms which are good for two people to work on??
@serene rain You mean like a team 🤔 You can pick any box you like or host a private KOTH

It's honestly my absolute favourite part art of my graduate degree @onyx rivet so I'm hoping that will reflect when I can get back to it (:

lots of blue team stuff to come

Can we have a room about pwn completely?
@sharp bough was just about to ask for that. Both PWN and RE would be nice

There are several rooms for RE

Intro to x86-64 and ghidra off the top of my head

Is there any chance that there will be a RE room for iOS Apps? Or are the Policies from Apple too strict?

From what I understand the rights are pretty locked down, so I doubt it.

Someone correct me if I'm wrong, though.

iOS stuff is difficult.

Apple seriously has that stuff locked down. Like they are giving out iPhone devices for certified reverse engineers, but you have to also pay for it and, again, be certified.

isn't that like a very restricted version of the iOS if i recall correctly, designed only for testing @valid loom ?

Yes you're correct

There is a room about noSQL injections? If not is a good idea to develop one

I saw noSQL in one room not sure

Yeah , in one of the hards, but I mean explaining it,a tutorial instead of a box

Ahh right

Smart @tacit anvil

rooms like bufferoverflowprep but for linux executable would be nice

For OSCP you mean?

For OSCP you mean?
@icy trellis No

PWK teaches both, but the exam is only win32

bufferoverflowprep has a bunch of vulnerable binaries and the tools you need to exploit them

I worded my response badly my bad

just in genral.. I'm still strugling a bit in the linux part using gdb r2 or whatever tool

I worded my response badly my bad
@icy trellis Point still stands, OSCP doesn't care about linux bof for now

Yeah that's what I was meant to say

really struggled with anonymousplayground

But the words aren't flowing correctly Sorry James haha

Is there a room that explains the logic of buffer overflow with baby steps?

Not yet

So should I wait for it to open or try to solve the difficulty at hand? I don't have self-research on the topic and I think it's difficult.

*If my question is a little silly, I will ask it more clearly. Are you thinking of bringing a room to explain from easy to difficult?

Me personally? I'm not making anything for BoF

There are people making walkthrough beginner level introductions to buffer overflow

Under a room ?

As a room, yes.

Thx.

I have a couple good resources that explain BoF if you want @mellow shadow, its not in "baby steps" but a good introduction if you have a little bit of programming experience

@tacit anvil Let me check if you can share. And thanks

@mellow shadow Check pinned messages in #resources

For Ctf101's buffer overflow ?

@light lynx Don't they have to get the room checked out first?

@somber crow

@south trail I deleted your message, your room has to be approved by THM first. you can do this by submitting your room 😁✨

also this is the wrong chat

Ah, I want aware, could you point me to the right chat please. In the developer options where may I forward my room to could you please advise to a document i can follow up on

also once it's approved it has to go in the queue and once it's published you can advertise 😁

I'm on mobile right now but if you go into settings of your room you'll see a heading called "make public" and if you click that switch it'll be reviewed :)

if anyone else is reading this please clarify I'm on mobile and out at the moment 😜

As it's a challenge, it will need to have an official writeup for the reviewer to follow

Plus on top of that your write up contains the answer.

Who rates the dificult? the creator or the reviewer?

It has both. and the writeup is supposed to contain the answer isnt it viewable once flagged?

Who rates the dificult? the creator or the reviewer?
@tacit anvil both, the creator suggests a difficulty and if the reviewer disagrees they can change it

An idea here: the posibility to delete all the completed task in rooms in order to do them again without the answers, just doing from 0 all the times you want. I think it could be a good way to learn also.

Ask the room owner or Muir kindly to reset your progress.

hashcat walkthrough

@sudden garnet I could take a look into making this. The issues are though is it depends on specific hardware, so I'd need to see the specs on a THM box and tweek it accordingly (this just means I have to deploy a box and do some testing)

Hashcat devs themself has said there isn't a lot of good intro2hashcat content (that is actually correct) so I could coordinate with them to get some ideas together

Why is this here

@sudden garnet

either put on hold or rejected probably

hashcat is GPU based

It looks pretty detailed tho

It was rejected

the reason being

It's very badly written.

It advises bad practices and techniques

Not that something's wrong with the topic ?

Also very bad grammar

It was rejected, end of story.

It's also made by a banned member 🤔

an intro to hashcat room is probably feasible with Google Collab

I mean if someone is thinking of making a room, like sandw1ch above, it's better to know beforehand the reason of rejection. That's all 🤔

https://github.com/someshkar/colabcat#:~:text=Go to your Google Drive,Runtime and then Run all .&text=You can edit the last,type of hash it cracks.

I mean if someone is thinking of making a room, like sandw1ch above, it's better to know beforehand the reason of rejection. That's all 🤔
@brisk tapir the description says it’s cpu based I think that outlines the misinformation and bad practices in it

Yeah it's clear now that it was just badly written

I wouldnt mind revisiting an Intro 2 Hashcat room post networks

Uploading an ubuntu VM with a working version of hashcat 6.1 on it, going to test resources and talk with someone who works with the hashcat team to get some ideas for a good set of intro info

You might struggle as there's no GPU

Isn't it better to let people run it on their own system ?

@somber crow Yeah, but we can still use the intel CPU there. Hashcat can use more than just GPUs. Uploading to see if it's even possible to get it running on a VM lol

It's highly recommended against

You just need to install some OpenCL runtimes

We've got one of the creators in here

It's highly recommended against
@native raptor They fixed it out of the box on Kali so you don't need --force now

Although that might have changed recently, given it's now fixed

You just need to install some OpenCL runtimes
@shut crown If you recommend --force I will hard reject the room

Ooh, fair enough. Ignore me

Oh 100% james

@native raptor you mean the creators of hashcat? I'm working with one on testing this box rn lol

Spooks recommended the Google hashcat tho, which is probably a better bet

I do. Haha, fair enough!

Yeah, ideally it would all be contained within THM. And trust me, I would never use --force lol

Just for ease of use ^

Certainly a wonderful way of teaching people about it

I look forward to seeing this

Yeah, hoping hashcat actually plays nice with me lol

Hi all, I am half way through the creation of a room called AC12, based on the Line of Duty TV show (BBC). If it is good enough to a beginner room, is there a process of review and or testing by peers?

Make sure you have the rights to make a room based off that show

The information from the show comes from the fandom site.

Hi all, I am half way through the creation of a room called AC12, based on the Line of Duty TV show (BBC). If it is good enough to a beginner room, is there a process of review and or testing by peers?
@near ferry To answer your question, if you're wanting to release it publicly, it goes through the review team first. If it does contain copyrighted content then it won't be released, but otherwise we'll be checking to make sure that it all works / doesn't have anything potentially unintended, is grammatically correct, contains accurate information, etc..

Hashcat can run on THM but it's SO slow (no surprise, GPUs are king):

hashcat@hashcat-demo:~$ hashcat -b
hashcat (v6.1.1-47-gb8a09615) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
OpenCL API (OpenCL 2.1 LINUX) - Platform #1 [Intel(R) Corporation]
==================================================================
* Device #1: Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz, 919/983 MB (245 MB allocatable), 1MCU
Benchmark relevant options:
===========================
* --optimized-kernel-enable
Hashmode: 0 - MD5
Speed.#1.........: 65444.1 kH/s (15.78ms) @ Accel:1024 Loops:1024 Thr:1 Vec:8
Hashmode: 100 - SHA1
Speed.#1.........: 48643.0 kH/s (21.28ms) @ Accel:1024 Loops:1024 Thr:1 Vec:8

Is there any way to request more resources? I don't think I'd need it, but it would be a good thing to know in case I need to request anything.

Yeah, speak to Skidy @shut crown

And try to pick passwords that are easy to crack...

You won't really be able to get GPUs though, most likely. They get crazy expensive @shut crown

Just get them to do it all locally?

Hashcat has builds for Windows on the site, and comes with Kali

Oh yeah, I wouldn't request GPUs, more curious on the request for more speed.

To be honest, tasks explaining how to install it properly would be a Godsend, although having a copy in the cloud could be great for beginners

I can get away with this speed and then have harder bonuses for those who can run stuff locally

My one concern would be people booting it up to use it instead of their own VPS or whatever, which is where a lack of speed could come in handy I suppose

Yeah that's fair. I can assure you that it would be insane to try to crack anything on this

Hehe, fair enough

Is this a walkthrough with some challenge elements by the way?

Hashmode: 0 - MD5

Speed.#2.........:   439.2 MH/s (56.33ms) @ Accel:1024 Loops:128 Thr:8 Vec:1
Speed.#3.........:  4093.0 MH/s (64.73ms) @ Accel:512 Loops:512 Thr:64 Vec:1
Speed.#*.........:  4532.2 MH/s

Hashmode: 100 - SHA1

Speed.#2.........:   197.1 MH/s (62.75ms) @ Accel:512 Loops:128 Thr:8 Vec:1
Speed.#3.........:  1341.5 MH/s (49.20ms) @ Accel:256 Loops:256 Thr:64 Vec:1
Speed.#*.........:  1538.6 MH/s

My macbook does these speeds just as a comparison ^

Yeah, that's going to be the goal. Going to go over the common attack modes and reasons to use them.

Awesome

Looking forward to seeing that

Going to run it by the hashcat guy I know first to catch any of my slip ups too lol

@native raptor That is perfect - thank you. Much appreciated. Saves me asking for the template that Nick Cage and Brooklyn 99 supplied 😆

If you want to include installation instructions for various platforms alongside the VM, that would honestly be gorgeous @shut crown
Great either way though obviously! 😁

I'll probably include some basic stuff but include a your mileage may vary note, cause there is no way I'm going to try to help every OS lmao. I'll include ubuntu 18.04 and win10 because those are the easy ones.

That would be perfect

@shut crown why not just utilize the google collab for cracking?

@karmic raven Haven’t looked at it yet, but I think there is some value in using the actual hashcat commands and understanding the attacks. I’ll need to look more into google collab to be able to answer your question better.

It just gives you some crazy fast GPUs

Oh yeah, colabcat looks pretty cool, especially because you can just get a shell and run your commands. Maybe for the harder tasks I can say you can run locally or just go and run colabcat

Google colab is so damn good for everything datascience and ML

I v much imagine that translates to password cracking etc

@lunar plank This was linked above, but someone already did the heavy lifting for setting it up https://github.com/someshkar/colabcat

😮

That's getting a star

Jupyter notebook too heck yea, nice share!

Thank @sleek elbow , they linked it first :p

@brisk tapir that hashcat room ain’t mine

I know it isn't yours. I thought a room on hashcat was already developed and was in works

But it was rejected

I was already making one on hashcat @shut crown , but if you want to do it, go ahead

There's no reason you can't both do it.

What's the point

of two intro 2 hashcat rooms

They're from different people. They cover the content in different styles.

All right then I will keep working

@toxic quarry wrong channel

ok

@brisk tapir If you want we could collab a bit to not have overlap.

Works with me, but I don't see how it can't overlap. Mine is like a walkthrough along with some challenges with a ctf at the end

Users need to install hashcat on their own system

Hit me up in dm, if you wanna talk further 🙂 We can try to avoid the most obvious

Sure!

I am unsure this is the place to post this so be free to tell me if i am in the wrong.
I downloaded openVPN thanks to some resources over internet in order complete the introduction room. I then found the openVPN room which would have been helpful at the time but now feel like confirming what i know. Did you ever though of linking the openVPN room inside the introduction room?
If my english is awful and/or not understandable, feel free to comment i am still learning.

@turbid schooner probably one for #544951750801752079

The welcome room integrates the VPN room

yeah but it only show for a kali linux while the openVPN room is showing for windows, macOS. but you might be right, this might be enough ^^

@strange schooner i feel like it's about a room but if you are sure i am in the wrong i will move it

I just have an idea for someone to do a room about bluetooth hacking. I don't have a clue about how it works or what it does. It is just an idea so please don't roast me 😔

Nobody will roast you dw :)

The theory side would be ok to make, I'm interested if we can add to that with dome practical bits

I just don't know what can you in general do with hacking someone's bt device, and this is the only place that I'm relying on to teach me 😂

Bluetooth hackers can use your phone's Bluetooth connection to make phone-based payments or call pay-per-minute numbers. They can also download texts, photos and other files and install malware.

This is only a snippet and obviously it depends on the device but there does seem to be some discussions and posts online about the possibilities so you might want to read about them if you’re interested

So if I'm not wrong. Technically if u can install malware on it, that means you can take control over the device completely... Or am I missing some knowledge?

Bluetooth hackers can use your phone's Bluetooth connection to make phone-based payments or call pay-per-minute numbers. They can also download texts, photos and other files and install malware.

This is only a snippet and obviously it depends on the device but there does seem to be some discussions and posts online about the possibilities so you might want to read about them if you’re interested
@icy trellis btw thanks 😂😇

So if I'm not wrong. Technically if u can install malware on it, that means you can take control over the device completely... Or am I missing some knowledge?
@tacit anvil yes if you can install malicious software you can take over the whole device.

There's rooms on linux/windows exploitation, what about android/ios? I know there's an android room but as far as I know, it's more theory based on how applications run so idk, food for thought.

So it's possible to do android on AWS, but creators can't upload android

it gets a little difficult there

I see, aren't there like simulators or maybe even VM's that can use android?

You can have an android VM on AWS

But a creator would have to ask Skidy/Ashu nicely to spin one up to work on it, or use their own AWS infra and then transfer it

since it's back to school time, at some point soon I'm going to begin work on a room that uses Canvas LMS which is used by lots of US universities and school districts. i'd also like to approach it from the perspective of a security analysis and forensics after someone else has accessed the system and made unauthorized modifications. i would appreciate any input and will be reaching out for help to some of you i'm sure

Someone is working on a mobile room as I can see 👀

Mobile forensics, rather than mobile hacking

Mobile is mobile, idc 😂😂

Idk shit about mobile hacking, that's why I was asking yesterday about the bt stuff

There is an android hacking room that may help you understand a bit better about mobile hacking

Mostly what I got from it to go on intro to x86/x64 room, where I was supposed to learn Assembly or what was that, so I gave up a little

I'll come back to it after I finish all easy rooms

yea buffer overflow yea I stopped that but will come back to it BOF hurts my brain sometimes

63 to go 👀

I still don't understand it that well

Buffer overflow was the second thing I started, but dnf

Same 😂

I've mostly finished the non-web based challenges

I think this belongs to #general

Arch/Black Arch tutorial? Anyone? 👀

Arch/Black Arch tutorial? Anyone? 👀
@tacit anvil their official website have tutorials on how to use it

Arch is too complicated to throw into a room. And I think Black Arch is not as worth making a room about since it's used less here on this server than Parrot. I don't think I've seen anyone talk about using Black Arch. As for Arch tutorials, the wiki contains a lot of good information and some of it you can transfer over to help with other Linux troubles.

Also Black Arch has like 2400 tools. I don't think it's within a reasonable scope to have a "tutorial" on it

The Learn Linux room is good enough to get you going. If you use Kali Linux for long enough you’ll gain the confidence to move onto arch.

I myself learned Linux through the learn Linux room and I’m slowly transferring over to arch. It something you should do on your own in my opinion ;p

I can't see the point of an Arch tutorial, if you know UNIX you can use it. Installation is an easy process extensively described on the website.

I guess you could want a pacman tutorial but that would really just be reading the included --help to you, and stating "generally never do pacman -Sy package"

and a pacman tutorial wouldn't get anything from the interaction with an actual machine

make a room for NixOS

I have like 0 expertise in this but would it be possible to make a like apple themed room?

Where you give out iphones and macs to all the people who root it ?

isn't that not allowed by Apple?

I have like 0 expertise in this but would it be possible to make a like apple themed room?
@long kraken MacOS VMs are... uh...
Well, I don't think I've ever seen or heard of one.

Apple certainly would not be licensing them through AWS...

iirc they are not very legal to get

(MacOS vms i mean)

You're allowed to virtualize macos, but only on apple hardware. That's the problem.

I thought apple just doesn't allow it. Ah, that must be why people can make illegal copies out of the system.

Hi! I would like to suggest a simple linux attacking room where you get in by finding a swagger page and finding a interesting API endpoints which you can use to get credentials or whatever...

Anyone's interested in creating a room for M-i-t-M attacks?

those will come more as networks further release

a lot of them can be difficult in just a stand alone box

the new throwback network has one mitm vector

Hi! I would like to suggest a simple linux attacking room where you get in by finding a swagger page and finding a interesting API endpoints which you can use to get credentials or whatever...
@radiant imp Anyone interested?

You, uh, know you can make them yourself, right?

yeah, but i first want to know if people find them interesting

And i really dont have any clue how

I dont think if this is a good idea for a room or not but I think it would be interesting a room that explains how DNS works

Since it is used in AD and also there are some rooms with virutal hosts (i dont even know if virtual hosts use DNS or not)

There's a little bit in Web Fundamentals

@native raptor Can i DM you with some questions?

Regarding?

Room creation

Have you checked the Docs?

Ow damn, i read right over it xD

im sorry

There's a little bit in Web Fundamentals
I know but i can't understand much how DNS works so i thought a room would be nice

But maybe it's just me and i need to do more research

If we have a Learn Linux 2, I think a good topic to include would be a topic on Daemons

Demons?? 😱

No, Daemons

We call them services on Windows

I think Chev has a followup in the release queue

Whether it covers systemd is another matter

Demons are scary

That's because you have the mental age of your average six year old

Muir

You are a meanie

And I’m sticking my tongue out at you right now

There's an emoji for that

:P

No

Cuz that’d make it fake-ish

I’m doing it irl

The Learn Linux room is good enough to get you going. If you use Kali Linux for long enough you’ll gain the confidence to move onto arch.

I myself learned Linux through the learn Linux room and I’m slowly transferring over to arch. It something you should do on your own in my opinion ;p
@icy trellis There is a room soon on linux from me as a followup to Learn Linux

I think Chev has a followup in the release queue
@native raptor i should've scrolled down before replying...

No, Daemons
@valid loom What exactly do you want to see?

i am planning to build a follow up to it anyway, i covered very basic topics for now

also the above is post 11th of September, so bare with me ; - ;

It was a thought but Vulnersity covers making a daemon to get a root flag. I feel like an explanation on how we can work with daemons to get what we want would be neat

Systemd hard

Systemd services kinda boring

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/chap-managing_services_with_systemd

I have a better doc somewhere

Yeah I was super lost even with the write up that explained how it worked.

In my head I’m asking for something simple but to get to that point it is probably like trying to straighten up the leaning tower of Pisa

A room about ethics and law for hacking, a hefty course learning what's right and wrong for a substantial amount of points

Wouldn't it be hard do to this since different countries have different legislations?

@vocal pilot Hi, that doesn't appear to be an idea for a room? (image deleted)

?

I just asked about it in chat but the sadmind exploit would be a cool beginner room to have added

That's a 2001 Worm, it depends on someone being able to get the right version of solaris or IIS

@trail cloud Sadmind was a worm that used two different vulns. Do you mean the solaris one, or the IIS one?

The Solaris one

wasnt it found in like 08?

Solaris might be a pain on AWS

Nope it was 2001

https://web.archive.org/web/20011107035310/http://www.cert.org/advisories/CA-2001-11.html

thats a diff one I think, this one affects Sun Solaris 8 and 9

https://www.cvedetails.com/cve/CVE-2008-4556/

That vuln isn't the one that was used in sadmind

The CERT/CC has received reports of a new piece of self-propagating malicious code (referred to here as the sadmind/IIS worm)

@trail cloud Can't do solaris on AWS anyway

thought i was on to somethingf

Language please. This is an educational discord.

Getting Solaris on aws probably wouldn’t be that hard but getting the vulnerable version would be a pain

aws only really allows the current version for AMIs

AWS no longer support solaris

I'm working on a room with another user, how can both users get credit for the room?

Officially right now? You can't.
Your best bet is to credit them in the text.
This is a feature that I believe is coming soon.

fair enough, I hope the option to add a user after the room is live will be there.

I'm working with a well known YouTuber, I'll make sure and credit him in a task

I think it would be awesome if we could get the metasploit unleashed course from offensive security as a room

yeah that’s probably a not going to happen

however there is already a very good metasploit primer room that covers it fairly well

Purple Team Networks, utilizing Atomic Red Team integration of testing security controls https://github.com/redcanaryco/atomic-red-team and integration of their Execution Framework https://github.com/redcanaryco/atomic-red-team/tree/master/execution-frameworks as offensive security, and Blue Team activity as Defense/Detection/Mitigation strategy activities related to it.

So I'm working on my room. Just wondering are answers case sensitive?

There's a small amount of tolerance on answers

Like 15% or something?

Couple characters can be "wrong" on longer answers

So if my answer was Some Thing Here and they enter some thing here it will be fine?

I see that public rooms require a write up. Can this be a video or does it have to be typed?

@sudden yew it can technically be a video, but it's a very good way to seriously annoy the reviewer. Having to go find something in a video if there's something quick we need to check is a lot harder than just searching for it in a nicely written write-up.

@native raptor so my room is more of a "challenege/what do you know" kind of room. There is some very basic teaching and I include 2 videos for the user to watch to get a vast knowledge for the room. Is the write up just for the admins so the can test the room works? This has no VM.

If you DM me a link I'll take a look

to the room?

Ooh, interesting. Right, I would set that to "Walkthrough" rather than Challenge.

And walkthroughs don't need any kind of writeup @sudden yew 🙂

That's just for challenges so we can see if something isn't working as it should be. A walkthrough should be its own writeup.

OK, does a walkthrough still give points? I just want there to be motivation for users to do the room

hey dming you something else

hello, im starting to make a new room, idk if this is the right channel to search help but anyways, i would like to do it with django. can somebody that has room making experience that could give me help to make that the like server auto-runs orauto starts when the machine starts?

Google system services to run a command

Assuming this is Linux

do am i right?

Assuming this is Linux
@prisma hemlock yess, its linux

But also #general

ok ok

thx

it would be systemd

?

Yes #general

yess, i found something

thanks

hello, im starting to make a new room, idk if this is the right channel to search help but anyways, i would like to do it with django. can somebody that has room making experience that could give me help to make that the like server auto-runs orauto starts when the machine starts?
@vestal bear https://www.jake-ruston.com/posts/linux-system-services.php :)

oow

thxx

now that im looking, ill do the room on flask

and not in django

its way better

xDD

(at least for what i am looking for)

and to be my first room it ill be ok

@sudden garnet u saved my life

xDD

thx

🥺

you’re welcome 🥺

who do we contact about potentially creating a room?

Anyone can create a room

So nobody

Create a way and if it meets the specs it’ll hopefully get approved and eventually released 🙂

Me

No you

typo sorry lol

🙂

🧐

@prisma hemlock you're saying we can come up with a rough draft for a room and submit it somewhere?

You can completely finish/create a room and then if you want it publix it will get reviewed by a room tester and if it passes it’ll be made public

If you want to make a private room to just share with friends or a class or something then there is no restriction

ohh ok i see. thank you

No problem

@prisma hemlock are we able to clone other walkthroughs? im making a room that uses the gamezone VM as an example

If you ask whoever made gamezone they might make it clone able

If they say yes then yes. If they say no then no

@naive notch

Oh, wait a second

That's gaming server

Sorry for the ping Suit..

GameZone is a THM owned one, correct?

it just says the default admin account made the room

yeah

What's the tutorial on?

i wanna make a room that introduces concepts of PoC exploit writing using gamezone as an example. basically convert my writeup to a room https://cd6629.gitbook.io/oscp-notes/converting-metasploit-modules-to-python#example-1-gamezone-converting-from-metasploit-to-python

@remote socket would you be Ok with this?

🧐

i wanna make a room that introduces concepts of PoC exploit writing using gamezone as an example. basically convert my writeup to a room https://cd6629.gitbook.io/oscp-notes/converting-metasploit-modules-to-python#example-1-gamezone-converting-from-metasploit-to-python
@compact summit I think this is really cool idea, but the GameZone VM is for subscribers only - I can give you access to the VM, but when you release your room it would have to be for subs only.

If it's just for that one exploit, given it's the privesc in GameZone, you'd probably be as well just installing the software yourself

Save people hacking the thing just to get a chance to use their code 😆

Yeah I agree, making the Vm on your own would be great:)

yeah i dont wanna ||spoil the room with the creds & port forwarding||, maybe i could clone the VM and make a dummy account

@compact summit I think this is really cool idea, but the GameZone VM is for subscribers only - I can give you access to the VM, but when you release your room it would have to be for subs only.
@remote socket alright np

@remote socket @native raptor do i just need the .iso and install the version of webmin on it? i havent done something like this before. to avoid spoilers ill just note that at this point you'd have to have local access

Yes. Just download the Ubuntu 18.04 server ISO, set it up as a VM and install the software -- that's all you need for something like this 🙂

You can just give the credentials in the room

perfect, thanks guys

When a room is submitted for review, how is the room creator notified if it is accepted or rejected? Is it via the email tied to the account?

I believe The tester will let you know if it’s rejected and why. If it’s accepted you’ll be able to see it in the room management console

@sudden yew you will get an email 🙂

If it's rejected, there will be comments in the management console telling you why

@native raptor thanks. Didn't know if it would be under the site Messages feature.

LOL is that your subtle way of telling me something!

Huh? Nope 😆

Just that there won't usually be comments if it's accepted.
That's just where the feedback is shown

It occurs to me that I haven't actually had comments via the system

Muir, next time?

That's because everyone knows who you are...

https://tenor.com/view/who-are-you-huh-offended-what-disgusted-gif-12444006

Haha, you telling me to leave you comments next time I test one of yours?😆

OK, I'll just sit back with scotch and wait, if you take longer, I get drunker... LOL

I wouldn’t hold your breath as you wait

Sometimes room testers get busy with life

I'm not, I'm drinking LOL

So its a win win for me!

My idea ? Advent of cyber 2020

It'll happen @weary basin 🙂

We haven't started working on it yet, but it's confirmed as happening

I’ll set a reminder for December 1st then

How does it work , we submit ideas for the tasks or it’s a complete surprise ?

it’s a complete surprise

Ok !

Yeah, I'd imagine Skidy and Ashu will make a few themselves. Otherwise the content creator's program will get assigned tasks to build

some rooms you have to be a god of guessing to resolve just a msg to box creators or rooms: i want to thank all of you of the effort that you put to help the community rise in security knowledge but to create rooms which the solution depend of the wordlist that you are going to use or an algorithme that you have to use to decode a password for initial access it s just a wast of time if you want to rise the difficulty of your box you have to combine differente techniques, your custom filter to bypass with a logical mindset behind, something that need a deep knowloedge of a certain product or even a vulnerability without public exploit why not for hard rooms? hacking is have a deep knowledge of things and try to find some( design, code....etc) bugs

If you want to talk about actual hacking a ton of it is guesswork. So although I see your point, I don’t think your argument is entirely valid

@keen bone That sounds to me like you don't like the CTF style boxes or techniques. That's fine, but other people do.
Security through obscurity is used concerningly often in the real world too.

If you want to talk about actual hacking a ton of it is guesswork. So although I see your point, I don’t think your argument is entirely valid
@prisma hemlock it's just a point of view good discussion and good critics make things better 🙂

htb have a life like -> ctf scale on their boxes, idk if it'd be copying them too much or whatever but i like that feature

@keen bone That sounds to me like you don't like the CTF style boxes or techniques. That's fine, but other people do.
Security through obscurity is used concerningly often in the real world too.
@somber crow it s not a matter of liking or not it s technical matter we are in face of zero and one try to understand the idea first i m working in the real world of security network,server and web app protection so no one use jsfuck for example 😂 the same time encrypted or encoded password username or some hash in welcome or login page it's a point of view of a security consultant (ctf are a way of making people learn hacking real world app and real scenario)

People do genuinely use obfuscation for their HS

People do genuinely leave accidental comments

But seriously, this seems like you really dislike CTF style boxes because they're not realistic. That's an inherent thing, that's what makes CTF style boxes NOT the same as realworld boxes

A lot of the creators are either security professionals or consult with security professionals and base their boxes off of vulnerabilities found in the wild. There are also quite a few boxes on the site that are designed as fun challenge “ctf” boxes which is what it sounds like you’re only basing it off of

some rooms you have to be a god of guessing to resolve just a msg to box creators or rooms: i want to thank all of you of the effort that you put to help the community rise in security knowledge but to create rooms which the solution depend of the wordlist that you are going to use or an algorithme that you have to use to decode a password for initial access it s just a wast of time if you want to rise the difficulty of your box you have to combine differente techniques, your custom filter to bypass with a logical mindset behind, something that need a deep knowloedge of a certain product or even a vulnerability without public exploit why not for hard rooms? hacking is have a deep knowledge of things and try to find some( design, code....etc) bugs
I agree with you in some things, i'm no security expert or anything, i'm just a guy that heard about cybersecurity some months ago and then started creating interest in it, but here's what i think: Tryhackme is a learning platform, lots of people here are starting in cybersecurity just like me and although many things like comments giving out password, brainfuck, steganography, etc you probably would never find in real world scenarios, they are things interesting to create the kind of thinking that you would have in a real pentest (again, i dont work with this, i may be super wrong). And also tryhackme let the community make some rooms, and for a begginer it's hard to think super interesting things to put in every part of you room.

it s just a point of view maybe some box creators share with me same idea and create box without public exploit for exemple as hard box to encourage exploit dev and want to thank all box creators😃

Someone has submitted a box like that before

Undisclosed vulns being used in boxes isn't very ethical

The vulns should be disclosed and patched

Undisclosed vulns being used in boxes isn't very ethical
@somber crow i don't speak about 0day for sure

Then they're public.

@keen bone hopefully my next box is more to your liking 🥺

The closest thing you have to exploit dev is like buffer overflows other than that creating custom exploits is def out of scope

Either it's an application developed specifically for the room (Check out some of mine) or it's a public application with public vulns

Then they're public.
@somber crow not all of them their s a lots of vuln without public exploit

Ok, then the room creator has to write an exploit

either way -- an exploit has to be found/created

if its on public software, someone will report it.

if it's custom software, then it wont feel as genuine.

@keen bone hopefully my next box is more to your liking 🥺
@sudden garnet Jake out here making interesting boxes while I'm sitting here teaching Git

Ra 1 was developed around an exploit found by the creators if I'm not mistaken.

Also, any basic buffer overflow room (thinking Brainpan, Gatekeeper, etc) likely do not have public exploits available, and require exploit development, albeit incredibly basic.

@sudden garnet Jake out here making interesting boxes while I'm sitting here teaching Git
@light lynx but git is very useful for people to learn so i have no doubt it will be amazing 🥺

just curious, what's the usual eta for a room to be evaluated and published?

depends on the room tester

Testing doesn't take long.

Release takes longer

just curious, what's the usual eta for a room to be evaluated and published?
@compact summit if you give us the room name we may be able to look at the schedule for you

@compact summit yell at @tacit anvil

what did I do this time

@compact summit Why hello there! It is dependent on the tester

depending on who your tester is

You are the tester...

you may be able to contact him

I see

whistles

🤦‍♂️ 🤣

oh

this is the room I wanted to take special time with

don't you worry cd

s

m

h

I can promise you I am avidly working on your room

I can promise you I am avidly working on your room
@tacit anvil oh its np at all, was just curious 🙂 lmk what changes need made. The biggest thing I think I lacked on that room is exploring more common methodologies and giving more abstract instruction about the process of exploit development. i feel like i focused too much on the example.

im really not that well versed in exploitdev tbh. i just wanted to give a complete beginner and those closer to my skill level a jumping off point and something to strive for.

Will there be more rooms that will help someone practice their forensic and IR skills? Room walkthroughs or challenges that help solve a computer incident/crime type of scenarios.

Will there be more rooms that will help someone practice their forensic and IR skills? Room walkthroughs or challenges that help solve a computer incident/crime type of scenarios.
@robust karma I know that cmnatic has one room in the queue on forensics and plans on making more and thm is working on hiring a blue team dev which will probably cover some IR stuff

Sweet thank you for the feedback!

Pivoting Explanation Room and Practical Pivoting

That can only really be done with networks it is covered extensively in throwback

I mean you can do it in docker as well but it’s a bit different

In fairness it's the same practically speaking in Docker, from an attacker's perspective, assuming it's been set up to use that as the only method. Just no Windows

I'm working on something with Docker currently.

Can do it with Windows in Docker, but the restrictions on Windows OS containers matching the the host is a pain.

I've got two docker escapes in the running just now. One approved, one pre-built

There's no escape here. Just multi level, multi docker network pivots through different services, etc.

Awesome

With different OS's so people have to understand not only debian based like Ubuntu, but Alpine nonsense as well. 😆

We'll have to use ash 👀

mmhmm

/#

People gonna be scratching their heads on that one for a bit.

Why can't I run apt

What is this busybox nonsense.

Has anyone thought about a room for pwncat or is it even worth it?

If anyone would do a room on pwncat it should be John

@johnhammond 👀

I haven’t played with it’s functionality too much but I also don’t think it doesn’t have enough to make a full room

Was looking at it just now and I don't think it does either.

geez I can’t english right now... just don’t worry about my English skills

I've got a room on shells almost finished, but pwncat isn't covered in it I'm afraid

Got plenty of netcat and socat though! 😁

Might be something to add to a room that includes tools.

Yea I mainly asked because I saw John use it for Looking Glass

Looks pretty neat

totally new to this guys

where do I start please ?

You start by reading the channel descriptions

And finding the appropriate channel to ask your question

@robust bear You can suggest that here.
Please bear in mind, I'm not TryHackMe. I'm a discord mod and I make some rooms.

Oh ok. Sorry about that

does the tryhackme have an api hacking room

it will be very good room

not sure what you mean by api hacking, do you mean oauth or the likes?

I'm working on a webapp hacking room that will include a little bit about APIs that drive webapps

I mean it got a whole lotta upvotes

https://tenor.com/view/get-to-work-work-simpsons-smithers-trendizisst-gif-15496843

Perfect amount of upvotes, really

@sudden garnet yes like that

@lunar plank XSS room first, that's commissioned 👀

@sudden garnet yes like that
@gloomy trail if you already know the basics and just want practise, i know htb retired one with oauth type hacking recently

but as james said he's making one and his rooms are all good quality so be on the lookout :)

@sudden garnet cool tell me the machine name

@sudden garnet cool tell me the machine name
@gloomy trail it's called 'oouch' :)

That Zerologon its perfect for a windows privesc

Exploit*

its already vulnerable to basically all the windows servers on thm

tested and true

just wondering how far down my room introexploitdevelopment is on the testing schedule?

@compact summit we had a little bug a week ago -- some of 'em disappeared. Mind setting it to private then resubmitting it for me?
I'll do it tomorrow 🙂

@compact summit we had a little bug a week ago -- some of 'em disappeared. Mind setting it to private then resubmitting it for me?
I'll do it tomorrow 🙂
@native raptor its been stuck on Evaluating for awhile

Interesting. Lemme double check and see if it's in that pile

@remote socket when you get back, any chance of tracking down another that's still missing? Stuck on evaluating: introexploitdevelopment 🙂

@compact summit I suspect one of the other testers likely has it in their notes to work on it, but without it in the list we can't set it to readied or otherwise. Skidy should sort it when he gets back 🙂

@native raptor ok np, thanks for lmk 👍🏽

Anytime. Apologies for that

!help

#####	HELP	#####
{required args} | [optional args]

> Verifying/Role Assigning Commands
verify {token} | Verify yourself to get your roles.

> Room
writeup {room_code} | Get the writeups for a room.
randomroom | Select a random room.

> Announcements
notifyme | Toggle the role to get notified on announcements.

> Leaderboard Commands
leaderboard [page] | Prints the leaderboard.
monthly [page] | Prints this month's leaderboard.

> Rank Commands
rank [@mention/username] | Get a THM member's rank.

> FAQ
vpn | Learn how to use OpenVPN to connect to our network!
multivpn | Learn how to look for duplicate instance of your OpenVPN connection.
vpnscript | Use our VPN troubleshooting script to diagnose common issues!

> Rules Commands
rules | Sends the rules.
rule {rule} | Sends the requested rule.

> Social
github | Get the bot's Github link.
twitter | Get the Twitter link.
reddit | Get the Reddit link.
website | Get the Website link.
discord | Get the Discord invite.
social | Get links to all our socials.
tweet | Get THM's last tweet.

> Fun Commands
skidy | Sends Skidy's emote.
ashu | Send Ashu's emote.
dark | Send a random Darkstar quote.
honk | HOOONK!
boop {@user} | Boop someone!
noot | NOOT NOOT!
cooctus | COOCTUS!
shibe | Sends a shibe picture.
spaniel | Sends a spaniel picture.
xkcd | Send a random XKCD comic.

> Help
staff | Displays all staff commands.
help | Displays all commands.

> Provide Feedback
feedback | Let us know what you think of TryHackMe!

> Utility
exploit [-Title][-CVE][-Type][-Platform][-Port][-Content][-Author][-Tag][-Help] {Query} | Searches exploit-db for exploits.

> Docs
docs [topic] | List our documented topics.

writeup xss

!writeup xss

How do i change the xss keylogger script in xss room to send the keylogs to logs page

Help please

What

This isn’t the right chat

@nocturne pendant #bot-commands

can we get a room on BeEF, the XSS exploitation framework

There was one in development -- not sure if Dan scrapped it or not

uh, dan?

SherlockSec

Left at the same time optional was banned

oh sherlock

why did he leave anyways?

Disagreed with what happened regarding optional

oh

well i hope he is still active on other thm communities

because we really need a BeEF room

You are very welcome to make one

i wouldnt be asking for a BeEF room if i knew how to use it lol

There was one in development -- not sure if Dan scrapped it or not
@native raptor He deleted all of his site content, so pretty sure it's scrapped now. 🤔

Yeah, that was my memory too

In the css room the last challenge where most of the words are filtered, I'm using <img src="blah" onclick="confirm ('HHelloello')"/>
To print Hello,
It works but I'm not getting the flag
Help

xss room

Sorry posted the question in thw wrong chat

He deleted all of his site content, so pretty sure it's scrapped now. 🤔
what a waste

Make a room of freeBSD with vulnerabilities

There's one already but it's a pain because creators can't upload freebsd

https://tryhackme.com/room/bebop

😅

they’re possible and creators have access to them we just have to jump through a couple more hoops with aws and the admins

@remote socket when you get back, any chance of tracking down another that's still missing? Stuck on evaluating: introexploitdevelopment
@native raptor were you able to find the room? 🙂

Its there:) Just seen it on the submission list

can i get some tips for creating rooms based on some vulneranilities

Is there a room on port knocking walkthrough? I'm thinking of making one.

No I don’t think there is

Be interested to see what you do with the room

Okay, thanks. I'll try to make one then. 🙂

There is not much to port knocking, is it 🤔

Interested to see how you make a whole room out of it

Yeah, there is not much so I'll try add some more to it to make it fun.

Maybe add different ways they can port knock and have multiple deployed machines

Yeah, that's a good idea. I'm also thinking of adding bonus challenge like okay you got access to the machine now go root it on your own.

That sounds wicked to me imho

Throw in a bit of "this is how port knocking works, x,y,z"

That'll be very welcome I'm sure! If you have any questions about it all I can give you a role into #creators-lounge (:

No no, its not like that. Its like I'll first explain what port knocking is then will give more practicals to perform it like that. Also, I'll try to add more to it than just port knocking.

What is creators-lounge?

That sounds great!

Creators lounge is a place where you can discuss everything THM box development (:

Sure, I'd love to discuss there.

optional is banned ? 🤔

He got banned a while ago

why tho

Something probably not to be discussed but he did some pretty bad things I heard

oh i see

Indeed (in the sense that we don't discuss reasons for banning, etc here), they've been given the appropriate channels to appeal the ban as does everyone else (:

Hello people, i'm thinking of making a room teaching how to setup a simple web site using html,php,apache and mysql. I think it would be nice since a good way to understand something in my eyes is making it work. I want to see what people here think of this idea so upvote or downvote this message to give your opinion (feel free to elaborate more your opinion on why you find this idea good or bad in a message).

i think its a great idea @somber fractal

although there are a lot of tutorials for these sorts of things, nothing beats the interactive way of teaching that THM has

so yes, it's a great idea

I'm learning html right now in college so it would be good to see a room on it and get extra knowledge

Hello people, i'm thinking of making a room teaching how to setup a simple web site using html,php,apache and mysql. I think it would be nice since a good way to understand something in my eyes is making it work. I want to see what people here think of this idea so upvote or downvote this message to give your opinion (feel free to elaborate more your opinion on why you find this idea good or bad in a message).
@somber fractal Tailwind CSS + Tailwind Blocks = Fully interactive UI in 5 minutes

Hello people, i'm thinking of making a room teaching how to setup a simple web site using html,php,apache and mysql. I think it would be nice since a good way to understand something in my eyes is making it work. I want to see what people here think of this idea so upvote or downvote this message to give your opinion (feel free to elaborate more your opinion on why you find this idea good or bad in a message).
@somber fractal Personally I think this could be great in say a blog post however tryhackme is a hacking website. Ive seen other scenarios of things similar being shot down because they are just more programming or general thats not to say it coudnt work though. If you could apply it to hacking somehow then I could see it doing well. For example Im making a room on Honeypots and Deception so I may cover setting a web server a tiny bit.

I'm making a webapps walkthrough room that discusses the theory behind webapps. Because you need to know how they work to hack them properly

@somber fractal Personally I think this could be great in say a blog post however tryhackme is a hacking website. Ive seen other scenarios of things similar being shot down because they are just more programming or general thats not to say it coudnt work though. If you could apply it to hacking somehow then I could see it doing well. For example Im making a room on Honeypots and Deception so I may cover setting a web server a tiny bit.
@karmic raven yeah i thought about this, this is the main reason i asked here for opinions :p

I mean I guess bee did just come out with the rust room however rust can be applied to hacking more than html,css, etc

I honestly dont know

Webapp content is good

People want more webapp for bug bounty

Understanding how stuff works is good.

but also, the way that i learned the most in tryhackme was creating rooms, and thats why i thought about this idea at first, to help someone that dont have any idea about how a web app works, setting one up maybe would help them hack it

so things like apache, mysql etc that can be vulnerable I can see it being good to show what makes them vulnerable however html and css.... youre not going to get alot out of

i'm not planning on teaching css on the room

sorry I misread

I think everything except for html could be good

html just the basics to make the user be able to interact with the backend

and showing exactly what makes it so that the code is vulnerable and how to make the code not vulnerable

thanks for your feedback 🙂

thats just my opinion others may have their own

A room on scapy.

@gaunt cosmos make it yourself

A room on scapy made by @gaunt cosmos

I dont code python

jB stands for JavaBeans.

Love the iOS Forensics room. More DFIR rooms!!!!

@lunar plank ^ ❤️

Thanks @somber crow @vague rampart I’m glad you enjoyed it!

Once this hefty malware room is done, much more DFIR to come

Appreciate the feedback

yer

@lunar plank got that DFIR I got that threat hunting

we’re going to make y’all blue teamers some day

Could there be a room that teaches ICS security?

I know there's one being tested at the moment (:

I want to say someone made one 👀

yeeee

^ gotcha this time james

NICE!!! Thank you guys! That will hopefully help me out with a senior project that I am working on

That's like SCADA stuff? 🤔

Yahuh @quaint brook

THM attackbox but with i3 👉 👈 I miss my keybindings

booo

Write your own script for doing it, i3 is niche

tmux is niche

tmux?

tmux and i3 is trash

do you mean are

Also, yes

tmux and i3 is trash
Nuclearpro wants to know your location

more scripting rooms pls, and one covering pwntools for python would be pretty cool

Would be great if we could have tutorials on tips and tricks with Nuclei from Project Discovery (https://nuclei.projectdiscovery.io/)

Hi folks! Sorry for the silly question but what is the advantages to create a room non-free (like when you have to have the subscription to deploy the machine/room"?

@tardy hollow most non-free rooms are commissioned. As in, they're set to subscriber only because the site has paid for them to be made.

Ooh I see, got it. So for an "CTF Developer" (lol) there is no payment. Did I get this right?

Like for a casual one

That depends on whether you're part of the content creators programme. Some of the commissioned developers do challenges, some do walkthroughs, some build KoTH boxes. Most do a combination.

If you're a part of the programme then you get given assignments -- those are paid for, yes.

But otherwise, it's just community development.

Oh okay, got it! Thank you a lot for the infos!

Np! 🙂

Please I need help on how to escalate privilege with run-part SUID

Output

I sent you to #room-help

Pls go there Q.Q

Just provesc with gdb. It’s on gtfobins

Idk where else to put this since it’s not a room idea but whatever: a discord channel for non THM help but still serious questions. Cuz real questions often get lost in general and if it’s not directly room related then they’re directed away from the help channels

#feedback-and-ideas

That’s a read only channel

And it’s not site related

Oh is that site only?

@prisma hemlock +1 on this

Didn't we talk about this the other day too? Though I'm starting to see a point to this

Is there like a standard VM we use for room creation?

Nope you're fairly free as long as you follow the AWS conversion requirements @pine olive

Most of us tend to use ubuntu server 1804

Centos is favoured by a couple creators

Cool cool, thanks.

i really dont mean to sound annoying but im wondering when i can expect my room introexploitdevelopment to be tested? 🙂 just anxious about the feedback

Good question. Go yell at @tacit anvil, @compact summit -- it's on his list.
Hopefully not too long, because that's a while you've been waiting now. Sorry about that; it's not usually quite so bad. Just the ones around that glitch that kinda threw a spanner in the works

Hello, i saw the mensage above and i'm also wondering when will my Room "You're in a cave" be tested, i submitted a month ago, but 2 weeks ago muir told me to resubmit It, Sorry If i'm being annoying, but i'm hyped to receive some feedback for the Room.

Idk where else to put this since it’s not a room idea but whatever: a discord channel for non THM help but still serious questions. Cuz real questions often get lost in general and if it’s not directly room related then they’re directed away from the help channels
@rocky gazelle Thoughts?

Um

Regarding that, I try to avoid things like that as they're typically dramatically unrelated to TryHackMe

And that might encourage questions which are not acceptable for this discord

I'll consider it though

And that might encourage questions which are not acceptable for this discord
Even just a #serious-discussions channel? With the same PG13 no illegal stuff rules and whatnot?

Regarding that, I try to avoid things like that as they're typically dramatically unrelated to TryHackMe
You could argue general doesn’t really have much to do with THM as people just hang out. The serious discussions channel would be the same idea just no trolling basically

Honestly @rocky gazelle, that might not be a bad idea. Several people recently have expressed a desire to have a quieter version of general that isn't flooded with the same level of... uh... weirdness, that general can exhibit at times

A "quiet-discussion" channel, as it were

bring back #offtopic

If it helps I can clear up the idea: basically, a second #general just with the explicit rule of no trolling (which I am guilty of using general for)

before we had #offtopic (it was renamed to general) and #general for infosec discussions and stuff

i don't remember the reason why both were merged 🤔

I can only imagine off-topic quickly turned into a sess pool

off-topic is basically general

well, offtopic was roughly the same as general

Now, anyway

General was for "hacking only" discussions

@native raptor a lot of that comes from people that are new to the discord. I'll see about adding a hacking-discussion chat

@native raptor a lot of that comes from people that are new to the discord. I'll see about adding a hacking-discussion chat
The newer people come and look for a channel where they can discuss stuff without trolling mixed in. I can definitely see how it’s intimidating if they go to #general to ask something and they’re bombarded with a bunch of trolls, best girls, and feet pics when they don’t know the community already

That strikes me as being similar to going back to the old style, no? We basically just ended up redirecting people all the time with that 😆
Might be better to see about another version of #general (i.e. loose discussion regarding hacking) that's exempt from the more frivolous nature in the current general. Means that the part of the community who still want to hang out and discuss stuff have a place to do it without being yelled over by, well, that ^^ @rocky gazelle

Sundae is case in point for that, although Bob's right in saying that it would be helpful for new members too

I would argue it’s more helpful for new members

If the new members want to have fun with the hacking community then there's general. If they want guaranteed serious answers then it would be good to have somewhere for that

People who know the community like sundae know who to ignore in general (like me when I’m feeling troll-y) and can direct their questions and people who will actually answer

If someone new comes and they encounter me as their first experience in general I can see if that comes off with a bad vibe seeing that I’m just having fun in there 95% of the time

Done

Thanks Dark ♥️

Thank you dark!

hello there guys , i am wandering about what is the best platform where anyone could make writeups on it ?? medium ? wordpress ? what u guys prefer because i want to write one 😄

@topaz bramble Medium is good if you don't want to deal with infrastructure, but otherwise avoid it like the plague.
Ideally use something like Digital Ocean to set up a VPS with Wordpress or Ghost or something on it.
If you want the free option, Netlify or Github Pages will give you free hosting which you could use Jekyll, Hugo or an equivalent to generate static pages for

Okay got it , Thanks

I don't mind Medium. My articles pay for my $5 a month subscription there.

@mayor Can you link a sanitized SS of your visitors metrics?

Any Blue Team learning path?

Any Blue Team learning path?
@tacit anvil That's a good idea. Partially covering that, there is a Forensics section on the Hacktivities page https://tryhackme.com/hacktivities

Any Blue Team learning path?
@tacit anvil we’re all working very hard to bring out blue team content, cmnatic is going crazy making forensics content and malware analysis content, I’m currently working on taking a threat hunting course and making threat hunting content and tryhackme is working on or have hired on a full time blue team dev so we’re all working on getting out blue team content as quickly as possible

@tacit anvil we’re all working very hard to bring out blue team content, cmnatic is going crazy making forensics content and malware analysis content, I’m currently working on taking a threat hunting course and making threat hunting content and tryhackme is working on or have hired on a full time blue team dev so we’re all working on getting out blue team content as quickly as possible
@karmic raven sounds great man. Waiting for that

A button to easily delete room progress. And another button to go up to the first task without having going one by one.

You can directly go to the first task

By clicking on the Title Bar @tacit anvil

damn sorry, HAHAHAHAHAH

The deleting your own room progress is either already submitted or already in the works I believe

Not really a room idea but maybe a more robust leaderboard system (e.g., average time to complete a room, average monthly placing, weekly leaderboard, some other fun stat I'm sure y'all compile), ik most people don't remotely care about their rank but the competition motivates me a bit

The deleting your own room progress is either already submitted or already in the works I believe
@prisma hemlock It would be nice. Sometimes when you want to refresh concepts it is not good to have all the questions solved.

Not really a room idea but maybe a more robust leaderboard system (e.g., average time to complete a room, average monthly placing, weekly leaderboard, some other fun stat I'm sure y'all compile), ik most people don't remotely care about their rank but the competition motivates me a bit
@nocturne ingot all these but the average time to complete a room can be nice in my opinion, you can submit ideas for the site in this form https://discordapp.com/channels/521382216299839518/757261859270426745/757262012949463202

hydra

There's already a Hydra room

Not really a room idea, but CornCon got me thinking, is there anything stopping more CTFs from being hosted on THM (besides resources)? Either way would be really nice if THM expanded their capabilities as a platform for CTFs, love being able to participate in a CTF and get points for it on my THM account.

You won't get points unless it's a public room

oo okay got it, so those points earned in CornCon just going towards that specific leaderboard

Yep

Make a room for Se* privileges. Like all of them maybe. The most common one is covered I think the Impersonate one.

maybe a walkthrough

or maybe it's in Networks.

So just a thought if it isnt already a room... I was thinking a room detailing the mentality and thought process of a social engineer/ethical hacker/etc might be nice. Since a lot of people are drawn to the allure of '1337'ness of hacking, but get overwhelmed when they discover the amount of work involved, not just with the actual 'hack' but with recon, research, personal education, and more. Kind of a 'get you up to speed' room. Just an idea, and not sure if this is where this post goes

A simulated attack that you have to track and recover from

A simulated attack that you have to track and recover from
@fervent sparrow THM has hired a Blue Team Content Dev. So this could be a possibility in the near future. And it sounds rather fun

A simulated attack that you have to track and recover from
@fervent sparrow Recovery does this

Oh nice

This is a fun feild to be in

Excited for a blue team path sounds like apt of fun

a hacking email room

pretty sure blob has one coming up

they’re just annoying to setup and the attack vector are eh ish

its nice that everything i want is comeing up

pretty sure blob has one coming up
@karmic raven I haven’t completed it yet 😅

Soon ™️

its nice that everything i want is comeing up
@fervent sparrow we have so much crap in the works, I mean I know a lot of what is happening behind the scenes but even I as one of the major devs don’t know every thing these crazy people have going on

sounds like ill be staying subsrcribed for a while

More room for real beginners, explaining by example how to use post exploitation tools of metasploit properly, how to start reverse engineering, really basic stuff that needs to be known in order to be able to continue learning even more

That pretty much all already exists in one form or another

There is a Intro to x86-64 for basic assembly, and there are rooms on r2 and Ghidra for basic RE as walkthroughs. You can also find ctf's based on RE's and other walkthroughs too. There is also a Metasploit room for basic Metasploit , you can refer to Metasploit Unleashed for more

https://tryhackme.com/hacktivities, try using the filters in combination with the search feature to find what you are looking for

Thank you for your answers, will keep looking into that ! Have a nice evening both of you

And here is the link for Metasploit Unleashed

https://www.offensive-security.com/metasploit-unleashed/

More of a discord idea than a THM/room idea but it would be nice to have an open-source channel or programming channel where people can share projects/one-liners/scripts and other little tidbits of code and discuss

#resources does most of that

yeah ig but maybe we could have a community-resources where the content must be your own? I would feel a little awkward throwing my crappy blog and ramshackle scripts in there alongside the professional content in there

#infosec-general

🤷‍♂️

it would be amazing to have a notes section in the rooms
users could add the notes in there about how did they enum the machine
how they find bugs and vulns, how did they pwn the machine and what they've learned from it.
it also would be really helpfull for further studies
it'll be helpful after a while when the users came back to the rooms and also in cases that users learn new things, they can simply add it there like
"i've learned how to use cron-tabs for privileges escalation in this machine"
"this is how i have to use php reverse shell script for RCE"
"this room was very good to remmeber how do i have to use hydra"
and many many more
this will helpful for future CTF and real world pen. projects

Uh, who's paying for the storage there @foggy chasm? 😆

It is a really good idea to take notes though. Like, you're doing something wrong if you aren't taking them

I suggest CherryTree

I know other people prefer Notion

i have a very good, big and well organized document for myself
i keep it on the cloud for fast and reliable access
but it's very good to learn newbies that how important is a well organized self document
and about the storage it could be limited to 5 lines for each room.

Uh, who's paying for the storage there @foggy chasm? 😆
@native raptor 😆

Really not sure what you can do in 5 lines, but maybe throw it into the feedback form anyway? 🙂

There's a link in #feedback-and-ideas

@native raptor are u agree that this is one the best self documented bulletins ever? https://book.hacktricks.xyz/pentesting-web/web-tool-wfuzz

do u know any others, good like this
if yes please introduce that to me
tnx a million

Try #resources 🙂

hey guys

Calculus3 and Cyper Security , which one is harder ?

Cal 2 is the hardest

You suggesting a Calc 2 room?

kk

I mean it would be useful

ssh pivoting box would be awsome

There will be something like that coming relatively soon @proven gate 🙂

thanks you @native raptor is it machine or learning box ?

Better 😁

🧐

can confirm something is in the works

Wassup ya

@native raptor 😅

Um

@devout pumice ??

What happened

What are you doing?...

concern

There not even verified

I love you THM but Muri broke my soul today.

Goodnight

@native raptor and pure evil? Name a more iconic duo.

Bad Muri

@native raptor and alcohol

🩸

🍺

Just finished the tartaraus

All those horizontal escalations are somewhat redundant since not only d4rckh can edit the exploit.py

it'll be much more fun if hackers have to go through sudo -u thirtytwo /var/www/gdb -nx -ex '!sh' -ex quit

PAGER='sh -c "exec sh 0<&1"' sudo -u d4rckh /usr/bin/git -p help
!/bin/sh

I’m sure this is known but it doesn’t belong in this chat

You can try posting it in #room-bugs but I’m sure it won’t be fixed

how long is it for a room to be evaluated/accepted ?

Hey Noraj! There isn't an exact time scale, it just depends on how many other rooms are due for/in the process of evaluation and the availability of room testers

What's your THM username? I can check to see the status of this for you

There's quite a lot in the queue at the moment, but I can check to see where your room is specifically @pseudo hedge

Or alternatively you can DM me the room code 😄

is there a room that teaches you on tracking

like ip address

why would you want that info? @hoary onyx

i just thought i would part of learning cybersecurity @light lynx

so i thought there would be a room for it

I mean there's just an API for it. Nowhere near complicated enough for a room IMO.

where?

can you please link me to one

No, because it doesn't tend to be used ethically.

what about a room about learning about the binary protections and how to bypass them, like NX enabled, stack canary, ASLR, etc...

@final sun? ^^ 🥺

Without markdown support, believe me writing a top down approach on binary exploitation with code snippets is impossible.

And what if I were to tell you that there's a markdown editor coming @final sun?

Then I'll promise you it's going to be the best creation of mine till date.

But it's soon™, we both know how soon is that soon™ is.

Haha, True

Henlo robin chwan

Blob!

Hi everyone

so whats comeming soon

....

so whats comeming soon
@fervent sparrow within this very week I'll be launching "Learn Bash Scripting" room, wish me luck!

cool ill do that room

@fervent sparrow within this very week I'll be launching "Learn Bash Scripting" room, wish me luck!
@lusty tapir I'll take a lot more than that for the room to be public. It has to go through a review process and it'll be public only if it's accepted

yup I am aware of that ... I'll try my best to make it suitable for THM standards!

A snort or ossec room

@lunar plank I think you were working on a snort room?

I will be exploring other paths after the oscp learning path... in general i just like having multiple instances of the same challenge in the same room, such as Buffer Overflow Prep, for instance....instead of just 1 room, do this/that and its over. Can still learn a lot that way, but i like the reptitive nature of this buffer overflow prep room. Would like to see more rooms like that across the board. Think it would help beginners a lot more.

Do you have a room in mind that we can try to correlate this idea to?

how about a room for new guys who don't know how to hack

You mean, aside from the majority of rooms on the platform?..

i gusse

That's what the Complete Beginner path is for 🙂

And trust me, there are many people in here (myself included) who are living proof that TryHackMe can get you off the ground 😁

nice to know

Do you have a room in mind that we can try to correlate this idea to?
@tight night
Maybe a room on text manipulation utilities, like grep, sed, awk, cut etc... and how they're used together.

Maybe a room on text manipulation utilities, like grep, sed, awk, cut etc... and how they're used together.
@light idol
I am working on a room called - "Learn Bash Scripting" and I am including all of these

@tight night
Maybe a room on text manipulation utilities, like grep, sed, awk, cut etc... and how they're used together.
@light idol Well, if you want to practice that you should definitely try bandit game at overthewire.
It will start at the most basic linux commands and the levels keep on icreasing

increasing*

Thanks ill check that out

@tight night my idea regarding my previous post... when i first started, i did all the free easy rooms.. but even then, certain rooms left me stuck because i didnt know or i had forgot how to do something... so maybe like having simple rooms that cover all the basics... such as a room with 10 different quests relating to the same thing such as running an nmap scan.. doing gobuster/dirbuster scans... all the way to gaining a shell, privesc, etc. Keeping in mind how the Buffer Overflow Prep room is set up. 1 room, 10 completely separate tasks, but all attained by virtually doing the same exact thing. The repetitive nature of that is more along the lines of what i had in mind. I understand there is a "complete beginner path" but again, those are your typical rooms. Once youre done 1 room, youre done and moved on to something else. So thats all i was really saying... having more of a repetitve nature to some of the rooms....just an idea

Please no need to keep @'ing me. Thank you. 🙂

I gather what you're suggesting. Using something like Docker might make some things like this possible. But I would guess that many people aren't going to want to do the same exploit over and over again in a single room.

Something like buffer overflow exploitation makes sense to me as it's a more advanced, multi-step exploitation and reverse engineering process.

Creating a room that has you using the same or similar SUID privesc several times isn't going to go over well in my opinion.

No worries..just ideas

@light idol never been to overthewire but just checked it out due to your previous reply in here... cool site! So far its a lot of fun

Zerologon exploit.

There's a room for that already

oh oops.

F

Epic Bug Bounty prep room that makes use of specific example scenarios and bounty writeups, not just going over the owasp top 10. would be super

@fast nymph

i strongly suspect this is being worked on

😉

yesssssssssssssss

a room with the theme of a bug, and that there are flies or so by the ctf, that is simple type user and root only with the theme of bug, bug bug and insect bug

Um, what?

bug, bug bug and inspect bug

Just submitted by first room on OSINT / geolocation. Excited to see what you think 😁

That's quite difficult, because you can't legally distribute the OS images

Hosting them would be legally iffy, and otherwise you'd be depending on people having the appropriate hardware

Request room : Threat Intelligence Analyst

A room based on vhosting and how we can bruteforce it to discover other web content

@glacial acorn that would be a smaller aspect of another web room. That said, whilst wfuzz is best for it, gobuster will let you do it really easily if you give it a little research

The wfuzz command will be something like this (although bear in mind I'm on my phone and can't test it): wfuzz -w WORDLIST --hc FILTER-STANDARD-CHARACTER-LENGTH -H "Host: FUZZ.domain.tld" IP

i am also on phone but for gobuster: gobuster vhost -u IP -w WORDLIST and if you’re interested in how they’re set up i wrote this short blog post :) https://jake-ruston.com/posts/apache-virtual-hosts.php

Is there a room on honeypot and how to set it up

no

Have you googled that topic?

I would love to see a room turn the Security+ into a CTF

Is there a room on honeypot and how to set it up
@fast sequoia Cryillic has one planned iirc

A room based on vhosting and how we can bruteforce it to discover other web content
@glacial acorn A larger project im working on for THM will feature this

Not exactly a room, but it would be nice if there was a web page of some sort where we could add tools, and their features. Hopefully we could mark what they were good for (red team/pen test/Blue Team) Is a tool for recon/exfil/detecting ...

For noobs who don't know the tools this would be a big help. Not to mention you only need a few people who are used to finding tools sharing to expose the info to many people.

I mean maybe could be a blog but 🤷‍♂️ it’s just one of those things you just pick up

The idea is you can basically make a list of tools that can be used for recon, for priv Esc, or detection. A Blog would be an unorganized list I think. But if it can be organized then it works.

you can always organise a blog post?

No idea, not my thing.

yeah, that's blog post topics

The idea is you can basically make a list of tools that can be used for recon, for priv Esc, or detection. A Blog would be an unorganized list I think. But if it can be organized then it works.
@thorn remnant you can use something like gitbook to do that.

@thorn remnant check out https://book.hacktricks.xyz/pentesting-methodology, click on the section you wanna learn about and it will give you a boatload of tools :)

Listen I don't care what the room is actually about, but if it's doom eternal themed I'll squeel like a girl

Right then

Hi, this channel is for suggesting rooms rather than asking for hints@pearl nebula

@somber crow ok thx

For the Nessus room (which is part of the primer series), I'd suggest having instructions set up in a way that installation of nessus is complete first before deploying the server... I wasted a lot of time due to some connection troubles. 😩

More rooms utilising or about SSTI and XXE would be great! These are areas I tend to struggle with down to very little practice. Also how to spot these. I think ZTH was a pretty good room on this.

Some rooms explaining about how to exploit .htaccess and .htpasswd files as well as how to ensure they are secure.

Looking to see, I enjoyed the zerologon room, maybe if we could get a blue primer to see and investigate this from a blue team side. Such as going through windows logs and network traffic. And suggested patch for final step.

@vague root funny you mention that. I've given @karmic raven a sample pcap of it for something he's working on

@sleek elbow sweet. I just like seeing both sides as it helps strengthen skills for work place if I do both. Looking forward to it.

It would be interesting to have some Blue Team tools running a few places to show what gets noticed for (Red Teams, and Blue Teams) and obviously a room to talk about that stuff in.

Believe it or not, there's an entire blue team path coming

👀

i dont believe it

Blue team path

SSRF vulnerabilities

https://tryhackme.com/room/ssrf

https://tryhackme.com/room/ironcorp

@jaunty talon I told you they’re already on the site

Oh thanks, sorry

Room : metasploitable 3 for practicing

https://tryhackme.com/room/inoculation too

I dunno if it already exists but a room aiming to learn how to abuse google cloud misconfigurations . It's quite new but it has generated some significant payouts in the bug bounties.

pretty much anything relating to cloud including aws, azure, google cloud is kind of out of scope due to the environments we have to set up. I would suggest just making your own cloud lab

alright

https://tryhackme.com/room/rppsempire

It's due for an update...

Known issue. That's not really an idea for a new room.

We’re working on it

Look forward to the blue team path

I mean that's just a single port forward rule?

Not sure how to stretch that to a whole room

If you’ve configured your own home firewall that blocks thm connections I would expect you to be able to configure it yourself

Their point seemed to be reverse shells where you're not VPN'd onto the target network?

yeah, so that's a single port forward rule and doesn't really extend to a whole room

Perhaps a link to the article might be better?

Hi, i tried to create a public room but it seems I can't access it from public, any idea(?)

I deployed and test-solved it like 12 hrs ago

Hi, this channel is for room ideas.
As stated on the room creation pages, rooms are tested before they're made public.

Sorry, I kinda dontknow where to ask or who to contact

They will be tested by the room testers, and then either have a release date scheduled or will be rejected and remain private.

If you have submitted it for review, you wait.

I see, thanks sir

Hey @safe lava I can see your room in the submission queue here. I just picked it up about 10 minutes ago. We aim to get room reviews done as quick as possible, but there's usually a bit of a queue that can stack up depending on the amount of available room testers (who aren't already doing a couple of boxes) so sometimes they can take a couple of days.

It's getting late for me (well, 5AM is pretty early in the morning now). Whilst I've had a brief look through your room, I'll be beginning my feedback and testing of it full once I've got some shuteye and complete a previous room over the upcoming weekend (:

You will receive emails on the decision of your room - where constructive feedback will be given from the room tester responsible for it, for either outcomes

Thanks for taking the time to submit content onto TryHackMe!

In the meantime, you can have a look through on the various things that room testers look for when testing a submitted room https://help.tryhackme.com/the-room-review-proccess

So it can be a bit of a time consuming procces (:

I see, thanks sir. My first time and its been really nice of you guys, love the community!

Can't get link atm it's through a feed re my last post

Glad you enjoyed it @merry ice!

@vague root from my experience working with the team they like to keep away from 0days for a bit until they’re at least patched and generally safe. This 0day also doesn’t look like the craziest thing ever compared to something zerologon but it could be a cool priv esc in a challenge room

For blue teaming it would be interesting to talk to Splunk, and Solar Winds, to see about getting some discounted licenses so you can have a few rooms that show you the basics on how they work. I personally would like to see some Red Team rooms with SIEM monitoring so you can send alert messages to attackers, saying you were not stealthy enough, and so Blue team can actually look at the logs n such.

we have a room on splunk with more to go

the automation on a room with automated blue team is possible it would just be insanely annoying to script

SIEM is basically just a collector it takes human detections to look over that data

For the memory forensics room which is part of the blue primer series... Seems like the volatility tool required is no longer in existence in their kali repositories. Maybe a new one could be used for training?

The VM attached to the room should have volatility installed on it

Along with the image you need

You can SSH in or use the in-browser functionality 👍

🌐

Python for Crypto, about libraries available in python for crypto, etc!

Room attackingkerberos This will only be an overview of how the pass the ticket attacks work as THM does not currently support networks but I challenge you to configure this on your own network.

iirc THM supports network now?

It does @south pasture

ehm, might be a good thing to update these network-related rooms?

Network Labs are under a separate subscription

https://tryhackme.com/network/throwback

@south pasture I already yelled at @karmic raven for that

Feel free to keep pinging him until he changes it

@native raptor dont ping him, just perma mute him until he networks it 4head

Done 👍

What about a room that teaches you how to bypass anti-viruses

That's been discussed before. AV bypasses constantly change so it's hard to make a room on it.

true

its not impossible to make a room but its also just hard

Its better for us just to tell you to do your own research than make a room

Hi there, since there is a recurrent question (i would say once a day or so) about the module requests used by python2, in a CVE needed for a easy/free room Simple CTF wouldn't that be relevant to make a note in the task indicating that you have to have the module for python2 and not python3 ?

I mean it's a general hacking thing that you can easily solve with research

Sure.

That's been discussed before. AV bypasses constantly change so it's hard to make a room on it.
@somber crow are there new ways being used everyday to change how AV detects viruses? maybe make a room on general ways or even ways that have been used before.

What about a room that teaches you how to bypass anti-viruses
@glacial acorn @tacit anvil I'll be covering the basics of that in something that's due out in a couple of months 👀

Please no Muir.

Not Year of the Anti Virus Evasion

Nah, commissioned stuff 😄

ah, great

im eagar

Assuming it gets approved I’ll be taking a course on some crazy windows advanced things including malware droppers that bypass AV depending I might look into making a room on some more advanced techniques for concealing scripts and payloads

hey

@jagged blade Do you have a room idea? If not, you need to go to #general and make sure you read the topic and room name in future 🙂

What rooms are best for learning? I've completed the tutorial and basic learning path.

This isn’t related to room ideas please ask in one of the general chats

Room idea: Shodan room but not broken

@ CMNatic

Nah, don't chicken out @icy trellis

@lunar plank Job for ya ^^

😁

😁

Hey @heavy moat by "basic learning path" do you mean the "Complete Beginner"?

Request Yara Rule room