#room-ideas

@native raptor Does the RAM allocated to the virtual box machine submitted as ova affect the speed of same machine when deployed on tryhackme

No

I wonder why my room is slow

They get 512MB for non subs, and a gig for subs

Unless the admins have set it to be higher

Just one more quick question, how many days does it take for a submitted room to go public?

Depends on how long the queue is, and whether the testing goes smoothly

hey, guys!
A few rooms about hacking aws, azure and google cloud would be a good one!
The same to defense side

Would you be able to explain what you mean?

Seems very targeted hahah

Had an idea of a room, but not sure I could make it myself atm as I'm not able to set up VMs as don't have my own PC. Might be a good idea though, who should I send it to?

The idea I had was a misconfigured cloud storage site, and I could work on it at some point in the future?

I'd second anything related to cloud security. The AWS security specialty was pretty underwhelming

yeah! abuse of IAM accounts, manipulation of Guardutty, Cloudtrail, Cloudwatch, Lambdas in an attacker's vision. And how to hunt for threats in cloud environments in a Threat Hunter vision. In this case are 2 different rooms of course

Only problem with that is convincing AWS to play ball

i'm sorry, man! haha

I could see it being an entire path, tbh. Not just a room

(If AWS allowed it)

right

cloud misconfiguration is huge

learning how to do that right would be a big gain

They have their own cyber workshops. I suspect they would be less than happy about us taking an account and letting people go nuts with it

Especially given once they've compromised it, they're free to run up big bills

We would need Amazon actively backing it with at least one (or preferably lots) of practice accounts

perhaps look into how A Cloud Guru does it- they have aws account sandboxes

yeah, they have a cool sandboxes. But, when it comes to teaching ways to compromise aws services, i don't think that would be a problem. Checkpoint has launched a series of tutorials with this theme

https://dev.to/goodidea/how-to-fake-aws-locally-with-localstack-27me

something that can be used for an aws room ^^

I've got a few AWS certs and would be willing to assist with creating some AWS content. I'm not at a point where I could do it solo, though.

https://blog.checkpoint.com/2021/01/13/cloud-threat-hunting-attack-investigation-series-lateral-movement-under-the-radar/
The Checkpoint's series that I told above

some ppl have done that, i forgot the name of the site but its an aws s3 ctf thing

https://flaws.cloud

I have a room idea to develop, whom shd i approach to discuss?

Yes, same here. I have what I think is s good room idea, I need to know where to discuss it.

Given you both access to #creators-lounge @severe scroll @last mirage :)

Thanks @native raptor 😀

Gave +1 Rep to @native raptor

@merry coyote as a general rule, randomly pinging the big guys isn't going to do much other than annoy them 😆
Anirudh has already been added into #creators-lounge where they have already asked about their room idea and been responded to by THM room testers (who are generally best equipped to discuss what kind of thing is likely to get through the submission process) :)

https://giphy.com/gifs/reactiongifs-mrw-season-13CSvyHEOwoUM

I HAVE BEEN SUMMONED

You're welcome to chat with me about room ideas, but some of the other head-honchos might be a much better person to bounce ideas around with.

https://tenor.com/view/simpson-simpsons-the-hi-hello-gif-13204479

WhiteKnife was here

Hi. I want to make a suggestion for future rooms/networks. Some networks use a ring topology with a token to verify which endpoint has the data to transmit it, and it would be cool to have that within a segment of a network, even if so just to learn how to work with not so common topologies. Not sure if this sounds silly, but it's just an idea.

my apologies👍

Np :)

hello, em, id like to make a room, that inside of it, has secretly a code for another room, that can only be accessed with it. is it a good idea? or is it fine if i try making it??

or possible even

Possible yes

okay

@somber crow should i set autologin = true for my vm?

Won't matter

thx

@burnt plume Hiya, if you're the creator of the tshark room please reach out to me

@native raptor i dont think ill be able to make a rpi room

for thm

cuz with 1G of ram, ist been like 15 mins just for the ubuntu to boot.

Did you use Ubuntu desktop?

w minimal installation

yup

Don't.

cuz qemu needs graphics

I don't think it does.

o really?

holly molly

what a fool i am

XDD

thank you @somber crow

Gave +1 Rep to @somber crow

Good luck!

yey

thanks

this tut is saving me

https://linuxconfig.org/how-to-run-the-raspberry-pi-os-in-a-virtual-machine-with-qemu-and-kvm

As a warning, I don't think KVM will work?

Idk

Im gonna follow the tut

If it works

Im fine with it

Else

Investigate more

Just trial and error

¯_(ツ)_/¯

Yea, but with AWS specifically

because nested virtualisation won't work?

idk, i dont know nothing about AWS

:)))

ok, my ubuntu is installed and up-to-date

is moment to run this

well, make qemu installation and setup

and then install rapberry os (no desktop env)

and anyways, if it work on my laptop, i thing it will work on AWS, cuz im running an ubuntu vm, and inside of it the rpi os

and once i saw the tech specs of a vm, and the processor used for it, was a 2Ghz base freq

soo, technically, it should run a little more faster on AWS

i think so

@somber crow

Yeah, but make sure you're not using nested virtualisation

actually, idk much about nested virtualisation. if i see something like that, ill try using another method

ok, downloading lite rpios

@somber crow i got bad and good news, bad one it didnt worked with the last page i sent u. good one is that i found one that actually is making the same as i

https://azeria-labs.com/emulate-raspberry-pi-with-qemu/

Yea, the KVM part won't work

actually it failed with the networks

i think that the vm and the network setup with virsh made conflict

but anyways

the bad thing, is that ill need to use an older raspberry pi os flavour

Won't work with THM, I mean

yup

i hope this 2cond way will work

LOL

the password for the ubu user almost got filtered

XD

yo @somber crow you wont believe me, i think that the raspbian os link was a fake and had virus too, cuz when i was extracting, it took many minutes, and then ended saying that there was no space left on disk, even it said the file to be 1,5 Gb weight

ill try using the latest raspberry pi os lite

idk

i dont think aws supports nested vms, period.

It does -- it's just crazy expensive

proxmox on aws go brr

holey beep

https://holeybeep.ninja/

xD

an exploitation guide can be found here: https://www.youtube.com/watch?v=CZlfbep2LdU (not a rickroll i promise)

hy

can anyone givea hint about Year of the Jellyfish where is id i dont get it

I would suggest taking a look at #835202386455953438

warum geht der server nicht ?

Website*

english plz 👀

The site is under maintenance, this should be fixed soon!

ok, thx

Hi, would anyone be intrested in a box about prototype pollution

i was planning on making one but i wanna see if people would be intrested

prototype pollution?

exactlyy

not many people know about it

I would absolutely be interested in this

is it JS only?

Could it also be done with python? If so, I'd absolutely love to see that done

Sounds cool to me 🙂

i think its the most common in JS/node.js

soo it would be easier for me to implement

ayyy then i am on it

I am a JS idiot, so I can't be helpful there. but could maybe help with the python side of. I'm nowhere near a python expert though

i mean would always be nicee to see the python aspect of it as well

but from what i know its mainly JS

but this would also make me research so preety hype

dooo ittttt

are you thinking walkthrough or challenge? or both?

maybe a bit of both would be nicee you knoww

frist a little theory and then a full challenge

me likey 🙂

a room on this would be amazing; if anyone's had any experience with it before: https://github.com/splunk/attack_range

I am stuck in safezone room. I did login as admin and tried to inject a php for RCE but nothing after cmd command runs and can not get a reverse shell. Any help would be appreciated.

#room-hints please
This channel is for suggesting and discussing ideas for creating rooms

hi

I am currently working on my first room, Layer 2 Security Attacks, however I can't seem to find a way to include pictures from my own device but rather it's asking for a URL of the image; is there a way to include them from my own device or not? If not, can anyone name me a server that will keep pictures and not delete them, rather for free?

imgur, GitHub

@somber crow thanks 👍

Gave +1 Rep to @somber crow

I would really like more rooms oriented for different certifications like eJPT, CEH and more.

there are many rooms that cover that, or are you looking at a path like the Pentest+ one

the big issue with that is that a lot of these things are trademarked, CompTIA specifically partnered with THM to make that iirc

like, iirc the Offensive Pentesting path use to be the OSCP path

Oh okay, I was thinking of rooms that are kinda specialized to teach you the skills and help you prepare for certain certifications.

also a thing with CEH is they teach a lot of proprietary windows software that literally no one in the world has ever used for some reason

like what?

not proprietary but this is one off the top of my head:
https://angryip.org/

here's a list that someone put together:
https://diarium.usal.es/pmgallardo/2020/12/13/tools-for-ceh-practical/

Internet Worm Maker Thing was by far the most entertaining

that one is nice

hey

Hi, I uploaded 3 rooms, i got update on 1 but other 2 are still showing "submitted". It's been 15 days

@orchid elm if you want them to be reviewed, switch the slider to "Public"

:)

Already did they are in "sumbitted" stage from past 15 days

ah then you gotta wait until a tester picks it up

@orchid elm I'm only seeing two in the queue (one from 8 days ago, the other from 12). I'll see if we can get someone on them 🙂

it can take a while 🙂

the testers are (almost) all volunteers

One was already rejected as it was tooooo simple and I agree. Thanks, I'll be waiting😀

I don`t if this room for that...but do you can upload the video in the room metasploit again but with subtitles English?

I got inspired by muiri's year of the jellyfish where there was a non intended way of getting foothold by reinstalling the application and wiping the data to create a new user (the intended way was an unauthenticated rce).
Would it be a worthwhile idea for a room to make multiple ways of getting a shell but if you brick the box or do permanent damage, then something happens like the flags get removed or the machine locks itself down? That's because during a pentest you want to avoid those kind of things as much as possible and i can't find a room with that concept in the list

Anyone having idea of creating a room in thm in the topic of "how to create ransomware or botnet"

That would get rejected due to grey hat/black hat

Oops these are common topics and should allow to create room in this

How would it be used ethically though and what will people learn from it?

I don't really seem a way of doing that ethically.
You could approach botnets and Ransomware from a blue team perspective sure, but I don't think you could teach it on any way that resembles ethical.

That's something I'm intending to put into the Hummingbird, albeit slightly differently. It's a very interesting concept

Did you gave CEH practical exam? Can I DM you?

Hey are there any rooms totally focused on APIs and all , like from basics usage to exploitation and all?

No, but I have one half written up

Planning to make it public anytime soon?

I mean you can but we can also just reset the box so it would be a bit hard to enforce imo

Or are there any other resources where I can learn about API vulnerabilities and exploitation?

@shut aurora I think DVWS can help you

Well, somehow you need to be able to complete it

Damm Vulnerable Web Service

Thanks , I'll check it out

Gave +1 Rep to @paper shale

But if the box silently deletes the flags you would need to complete the whole exploitation process before discovering your failure and be forced to reboot

just seems arbitrary to me but

Yea, but then you've discovered the path so you've not lost anything other than needing to reset

I don't want to find a winner, i want to make people learn

And i think that after a box like this the concept of not destroying your client's application will at least be somewhere in their mind

from experience people wont really learn theyll just think its a bug get annoyed, spam the help channels, reset the room, do it again then learn nothing

I could be wrong

but that has been my experience with similar ideas

I already thought about that, i think that the solution ks writing in the room description something on the like of " <name here> is an operation worth millions of dollars, even a minute of downtime would be very bad" and replacing the flags with something that tells you to retry without bricking the box

I think THM should implement of no boot machines system, as it'll be rude of me to say that this idea clicked my mind after what I saw on HTB that usually we don't have to start the machine and wait for to boot up but just click on start instance or something like that and you're provided with IP addr, but i think this will save much time because non-subscribers only have 1 hour after machine is deployed and some machine did take upto 5min or so 🙂

@velvet vigil i believe that in htb, they're shared instances that are running 24/7

That'd require sharing instances

you just join it

oh lul

Unless you get VIP+ on HTB, you share instances.
With VIP+, you need to spin up the machine yourself

^^

on thm, each person gets its own machine

thats why theres boot time

oh, i see

sorry, fool of me, i'm not a VIP+ member of HTB

Yeah, the big advantage of THM is the instances aren't shared 😄

teach me how to hack

lamo there is like 200-300 ppl here and i gst ignored

by 200 ppl lol

is it maybe because you haven't read #start-here and you're asking in the completely wrong channel?

you can extend the 1 hour as well

yes but i can't do that, I'm a non-sub noob :))

You should still be able to extend the room if there is less than an hour less if I remember correctly.

i'll try it 🙂

There is no SQLi room in any of the paths!?

ok got a room idea that i think hasnt been done before,smb and ftp port open, smb access isn't allowed but can be gained: enum4linux scan will bring back 2 users, one of them will be bruteforceable, bruteforce smb and you are greetedby a txt file, saying that tom's credentials are extremely weak, this leads to yet another bruteforce, which gives us ftp access to tom, we are then given the credentials to the web app which is running on port 80, we log in, but now we are stuck as there is no visible way to gain foothold, but in the webapp source, we are left with a note that says that the admin is checking in every 2 minutes, xss????? yes! xss! we use session hijacking to gain access to admin account on the webapp which leads us to an upload page, we'll need to bypass a few upload filters untill we can upload a webshell, now we have foothold, getting root will take a bit of time for everyone since it is a kernel exploit, you are free to use whatever kernel exploit available

A) there are definitely similar things on the platform
B) Might be a little much bruteforcing there :laughing:

ah

Keep at it though! See if you can find another way to disclose creds

Need a room for this one https://blog.qualys.com/vulnerabilities-research/2021/05/04/21nails-multiple-vulnerabilities-in-exim-mail-server

any moderator online

?

cani dm you for my throwback badge

Aye, go for it

done

Here's a weird idea: what about a room where the instructions/questions are encoded in some way, and part of the challenge is figuring out what is being asked

Basically ||Impossible Challenge||

Not impossible. You'd have to provide some hints or something along the way

more of a scavenger hunt

Cry was talking about an existing room with that name

oh. Sorry, I misunderstood

but yeah, if it's been done, then 🤷‍♂️

Hi y'all! I am thinking about developing an "Intro to Pwntools" box. I've been trying to learn Binary Exploit, and a lot of CTF players have told me that pwntools is a big deal. I was wondering if anybody had any input as to what they would like to see from it. I'm thinking checksec, cyclic, the binary packing functions, and networking functions. They have a shellcode generator, but I think msfvenom is better, although maybe that's worth mentioning too. Anyway, any feedback is appreciated. Thanks!

@final sun might be able to provide some input ^

Got you, Spooks!

Yep, that would be awesome, there's also ROP functionality but it would be too much for an intro, you can also show some of the easy functionalities of the shellcode generator, like shellcraft.execve/shellcraft.sh/shellcraft.open(read|write) basics and then followed by the asm/disasm, that would be just enough for the introduction, I think.

Hi Friend! Thank you for the suggestion. I think I will add that shellcraft part. I like the ROP stuff, I want to learn more about ROP, so maybe once I am done with this I'll make a sequel box for ROP.

Gave +1 Rep to @final sun

I think I have an idea of room idea, any recommendations for where I can share and improve ideas?

ur idea doesn't matter

defently not here

b

because its not named "room-ideas"

Wut

If you have an idea on a room, you can share it here and people will share their opinion :)

You could probably phrase this in a much politer way.

na, I meant he asks where to share ideas on the channel where he needs to share ideas

everything I said was sarcastcly

oh well true

but, I am used to being rude

because I have never been in a nice community

There’s always time to change, just please keep your comments to yourself if they’re not nice or vaguely sarcastic :)

DO IT!

sarcasm translates SUPER poorly in text. 🙂

what's your idea?

no it doesn't, boink

see, that can be taken the wrong way very easily 🙂

also not everyone here is a native English speaker, so the subtle cues to a sarcastic remark are oft totally lost

Welcome to TryHackMe then 🙂

thanks

neither am I

best avoid it then 🙂

aight sorry!

beginner ROP room?

More Ghidra walkthrough rooms?

A room that showcases all the owasp top 10, without any help

Like you need to apply all of owasp top 10 skills to root

All of the OWASP Top 10 in one room would be slightly ridiculous 😆
That said, that's basically Juice Shop (which there is a room on -- just boot the machine and go nuts on it)

oops my bad, im a noob lol

Not at all 😄

I don't much about the resources required to host a VM in a cloud though I know there are some dangers involved in hosting VMs created by others on your network.
Further, I also don't know whether THM will look up into setting up resources that are different then the 'ROOM environment'.
Having said all of the above, I suggest that THM should have a option of practicing 'all' machines available at VulnHUB, just like on the pattern of offensive security PG-Play and Practice.

I suspect offsec would have a problem with that @crude current, given they own vulnhub and proving grounds.

I didnot know that VulnHub is owned by OFFsec, though machines submitted there are submittted by the community.

Further, I also don't know whether THM will look up into setting up resources that are different then the 'ROOM environment'. Can I ask what you mean by this? The room format is used to collect the tasks and resources dedicated around a specific topic.

Same as here -- many THM machines are community made

Its pretty simple, the format of PG play is differnt than the ROOM here

Ok, please explain how and the value it confers over a room format that we have atm?

Heck, there are a fair few cross-overs, but those are always either uploaded by the creator, or uploaded with the permission of the creator. We don't have the right to take those VMs without the owners' permission

Muir that's not what creative license means I saw that

Also remember that PG and THM are two different companies. No point in stealing each other's formats 🤷‍♂️

Hush, I'm shattered. 😆

Its not always about the value, sometimes it for having a 'differnt value' or taste!

Ok, but there's no point in change for the sake of change. Especially when that change is ripped from another platform.

Well, that's fine. If you like the PG format, use PG. It's a good idea to use lots of different resources anyway

I just thought, the idea is cool... that does not make our room's idea less cool!

What format are you describing? This is something I've asked a few times but you haven't answered.

What?

the list of machines, where users are able to switch on the machine and try to root it.

Ok, you can switch on a machine and try to root it on THM too.

I understand.. but there are lists available for VulnHub machines.. like priviliage esclaation, abusing sudo rights.. web things.. I hope you get an idea..

Are these lists a part of the platform, or from people on other sites?

Because you can already search by tag on tryhackme to find rooms similar to how you're describing

These are just machines mostly submitted by people... I don't know they are part of any platform. Offsec PG play gives you the option of hosting some of the machines.
VulnHub machines have been categorized in various lists, which I think you all are well ware of, for example, https://github.com/Ignitetechnologies/Linux-Privilege-Escalation

I wasn't asking about the machines

The lists are not a part of the platform, so there's nothing stopping you writing your own lists for THM.

the problem is with hosting

like the offsec allows you to host some of them in their PG play

That's because offsec owns vulnhub.

but machines are submitted by community

I dont know the licence under which users submit

but It THM should be allowd to host them

and given the fact that the machines can be downloaded by any one and is free to host at his private network... OFFsec should not have any problem with THM doing it over the internet

Not really.

THM are making money off it

The money charged by offsec for their PG play is, I think, for hosting... not the machines

Commercial use is usually not allowed

money is not being charged for setting up machines.. but the hosting

There's a huge amount of content submitted to THM and a huge amount released. I don't see why you would need to steal vulnhub machines for kt.

How is this related?

I respect the content and I like it as well though I am too little to appreciate it fully but I liked the idea of offsec pg play and I thought It would be a good one if such things existed in THM along with all other room.

https://www.vulnhub.com/submit/vm/

Check out the policy here.

THM taking machines from vulnhub to directly compete with proving grounds is not a good faith effort. It's not very respectful of interlectual property either.

IF xyz is open source whose commerical use is prohibited, though every body can use it... If I set up a virtual lab of linux machines over the internet, where I let users practice that xyz, would It be bad/unethical or not violating the agreeemnt.

if charge people to cover my hosting costs

I'm not a lawyer and I'm not here to answer your legal questions

this was not a question

Especially if they're wholly unrelated to the purpose of this channel.

it was just a food for thought

thanks for your time

Creators are free to submit their vulnhub boxes here.

THM will not accept boxes submitted by people that aren't the creator. I don't think "permission from the creator" is enough anymore either but I may be wrong there.

Idea: All links provided in tasks should open in a new tab

? That’s already a thing ?

Atleast in nmap room task 12 the link opened in the same window...not in a new tab

The only link in task 12 is set to target="_blank", which means it should open in a new tab:

That's something that's wrong with your browser if it's opening in the same tab

It's also an option for room creators, we get a checkbox/dropdown to decide if it opens in a new tab etc

more rooms like CCT2019 please... that was a fun room

Glad to hear you enjoyed it. 🙂

@waxen silo use the scroll wheel click / CTRL + click (i guess) / cmd + click

first task was the most tricky but also the most funny one to solve. really well thought out

Perhaps should go back there and check what's up 😁

to all my room creator friends, please create a python exploit scripting room that just practices exploit scripting using python

There's already an intro to exploit development room?

also worth noting

BoF rooms

bof rooms are great practice for python scripting

but it would be great to have a room that focused on making python scripts that focused on web stuff

I just saw this, which might also be relevant/helpful/interesting https://www.youtube.com/watch?v=tyL3Ouais1c

yess was a preety neaat video

netcat walkthrough

this isn't a netcat walkthrough, but does go over how to use it nicely, along with alternatives: https://tryhackme.com/room/introtoshells

thx!

For the defensive path, I'm missing one big thing that is abused allot lately. M365 forwarding rules and mail forms (like ruler does). And I would like a small introduction to protect.office.com

The same is applicable to an exchange server as lots of high impact exploits lately have to do with Exchange Web Access.

So I think it would help if some of those things are highlighted in the defensive path as it's a good attack vector that is widely being abused. Same with and explanation of dkim dmarc and spf. For exchange and perhaps also exim mailservers.

Those are very hard to emulate

Hope some of the room builders are up for a challenge... No one told me the ideas had to be easy to implement btw.

But they are very popular attack vectors lately and also very much in the news and spotlights.

I think that even an European government body got hacked because they where 2 months late with patching Exchange server last month.

Well, for reference, they need to be possible on AWS with no DNS, no physical access, and changing IPs 🙂

It’s not the fact of a challenge or not lol there a number of factors including what muiri mentioned you also have to worry about licensing and we have already attempted an exchange server @sleek elbow what was the final number like 4 cores and 8 gb ram?

It’s just not feasible

Exchange requires allot of memory to start indeed. The exchange database is like 2 gb out of the box already.

For dns you can use something obscure like 127.254.254.1

But an explanation about spf dkim and dmarc doesn't hurt in a room with examples of phishing it would prevent as the initial attack vector is somewhat mitigated.

Although I do think most of the people here would rather test out the poc codes for the exchange server owa vulnerability 🤣

If you think it’s possible why don’t you make a room on it? Muiri, Spooks, and myself all specialize in creating network infrastructure in AWS and believe it to not be feasible

I don't specialise in aws. 🤣 but do you want a room where you have to execute the poc code against exchange or rather some spf dkim and dmarc? I can take a look in a few minutes if it's doable for me.

it's not feasible.

with the amount of resources required for a single box, it only will work for networks... and even then, it'll barely work for networks

the exchange server will need more than 8gb of ram and 4 cores

I'll give it a shot though, what networking is required for a VMWare Workstation image for a room upload?

Not used to aws or anything so I have to ask XD

Microsoft recommends 128GB minimum

all networking is stripped out by aws

Cool 🙂

Lawd

For exchange?

Exchange is MASSIVE...

Something something upselling azure instances

tl:dr not happening

Depends if you're an NGO or something you can buy Exchange for just like 100 dollars.

And each seat costs like 5 dollars XD

But believe me you don't want to know the retail price...

The funny thing is. I'm not worried about getting it slimmed down to an acceptable level of resources all that much if the installer isn't limiting me. I'm more afraid of failing to exploit it myself 🤣

the highest running resources machine is Osiris iirc with 1.5GB of ram lol

Here I was expecting 2 gb to be acceptable. I'll lower it down to 1 gb 🤣

Keep forgetting that memory is among the most precious resource in the cloud 😩

Nah, 2Gb is fairly common

Osiris is on 4Gb, which is nuts

Well I said I would get it to 1 GB now, so I will try it... 😛

If it fails I'll make it a bit bigger. But at least I'll try

It's not like they'll try to login via RDP or something, at most they will just use the Hafnium attack to get a flag.

Must admit that I thought Exchange 2013 was a pain in the ass to install, but compared to 2016 and 2019 it was actually pretty easy DX

Small update got it running at 1.5gm memory and 2 cpu. Could drop the amount of. CPU down but would need to higher the amount of memory a little to make IIS stable 🤣

a wfuzz room would be rly good since thm only really focuses on gobuster which is quite limited

wfuzz is really useful for a lot of things

There are already a few rooms that cover Wfuzz to some extent. Obscure Web Vulns 2, from memory, does it

Although I agree -- more on fuzzers would be good

Do ya know off the top of your head if there's a ffuf room?

Not to the best of my knowledge. I'm literally in the middle of asking Ashu if it would be a good idea to make one

Didn't Pars make one?

I can't view the room but I remember Varg asking me questions about wfuzz or somet https://tryhackme.com/room/zthweb2

A room about LXD. So that'd cover:

• What is LXD, and how is it used
• How to recognise that you're in an LXD container
• Exploiting privileged containers, or the lxd group on the default user in Ubuntu

That's the obscure web vulns one I was talking about

Got the wrong room code

Ah shoot I completely missed your message, sorry 😅

Hi guys, are there any rooms for CVE-2015-0235 Ghost Vulnerability

I'm very interested in that one

Or any idea where can I exploit it

can't see anything with a quick google, so if there's one on TryHackMe/other places, there's not a public writeup for it, it seems @whole isle

but, you could always try make a room for it ;)

There should be a security+ learning path

Since we made a deal with CompTIA for PenTest+ it is reasonable

Right?

can someone create a walkthrough room for ROP ?

as in ROP binary exploitation?

yep @tough pasture

I don't know what the admin's views on binary exploitation are, as there's not been any done before focused on different types e.g. ret2libc or ROP like you said I don't think

if you want to pursue ROP in your own time take a look at https://ropemporium.com/

Thanks @tough pasture

Gave +1 Rep to @tough pasture

Wouldn’t a Python hacking room be good?

he he

What do you mean?

Hacking with python, or having a python application?

Hacking with Python

I think using it for web hacking or for general penetration testing

I also think there should be more WiFi and network hacking rooms

I just plow through CCNA for hours on end

Sorry wrong channel

there are a lot of rooms where you could use python to script things

but as python is a general purpose language, said scripts can be feasibly written in any language

Right but there should be rooms for the purpose to practice apply programming to hacking

Like writing attack scripts

It would be a good next step after getting basics

Or writing scripts to assist with regular kali tools to enhance skills

https://tryhackme.com/room/scripting

Have a look into that :)

hello everyone

i had a wordlist of 15gb

tried to crack a wpa

with hashcat

riiight

Is that a statement or are you looking for help

yeah our belgian's department of internal affairs was hacked by allegedly Chinese hackers nearly 2 years ago 😮

:o

Exchange server 0day go brrrrrrr

It was discussed here a lil bit ago, basically Exchange has such insane hardware requirements that it wouldn't be feasible to run outside of a Network environment

Hi can I be added to creators lounge, wanted to check up on my submitted rooms...😬

Understandable

It's a pity

For real its a pretty important vuln to say the least up there with the recent sudo vuln and comparable to Eternal SMB vulns

@somber crow

Hi I'm not really here rn

@icy trellis you're up

-arole 655956944929947656 creators-lounge

➕ Gave the role Creators-Lounge to cirius#4450

Thanks

How about a room that shows you how to clean up your tracks, so you leave less IOC's? This may already be out there, but thought I would ask.

LOL

@outer vapor Please do not post that command.

This seems like a pretty neat idea. Maybe it's in the offensive pen-testing course

can we get more room in the oscp path

like more ad rooms

It's not the OSCP path

And OSCP doesn't cover AD, PWK covers AD but the exam doesn't yet

Two Active Directory rooms are in the Release Queue. 🙂

@icy trellis or @somber crow can added me to creators lounge?

@next spindleDone

Ty

Could the windows privesc room be included in the complete beginner pathway along with the Linux privesc?

this is great, i've been learning so much about linux pentesting that windows is a complete mystery tyo me

agreed!

Thanks guys and I just felt it would go along with the privilege escalation section as well

hi I have a small question.

i submitted a box, how long will it take to make it public :3 , this is my first time submitting a box so i have no experience :/ thats why i am asking.

If it's a challenge room, quite a while after it has been tested.

Walkthrough rooms will be released somewhat quickly at the moment.

oooh yes it is thanks man 😉

Gave +1 Rep to @somber crow

oh

i see

Just the length of the queue just now :)
They should hopefully be tested relatively quickly, although there's a bit of a backlog there too

yeah, I submitted one of my boxes a couple weeks ago and it's been a minute since I've heard anything of it

werk werk

there's quite a few boxes that are ready with no release date set yet, I imagine the current backlog'll be at least a month

exciting times to be a consumer 😄

It would be awesome to get a honeypot room

as someone who works with enterprise grade honeypot software

it's cool!

but the whole point is to ensure you've got a good honeypot

and to have a good honeypot, you can't have an attacker know they're in a honeypot

@somber crow 👀

On the **Cyber Defense **learning path, under Threat Emulation, I think it would be appropriate to make Attacking Kerberos as first in the list then Attacktive Directory second.

I was struggling hard in trying to follow along Attacktive Directory. Often I would Google walkthroughs to figure out what actions were taken to get the answer as it wasn't giving you any tips or hints on what to run. I couldn't even get **Kerbrute **working. I was so frustrated that I rage quit that room and ventured on to the next room (Attacking Kerberos). I felt this room assumed you already had knowledge of the tools laid down for you.

Opening up Attacking Kerberos brought a breeze of fresh air. Not only did it provide you a good introduction to Kerberos, it even highlighted that you needed to edit the** /etc/hosts** file in order for your Kerbrute command to work. All of my questions that I posted in #room-help we're all in this room!!! A few examples are 1) modifying the hosts file and 2) Kerbrute installation.

Figured I'd share my experience as I don't want other people to go through the same hell as me.

@weary bloom #feedback-and-ideas

But also you absolutely need to supplement THM rooms with your own research

I figured since it's a Learning Path I'll have to take each room in order

Now I know it isn't the case. But would probably be best to just switch the order of the two rooms moving forward. Thanks for the link, I've submitted my Feedback.

Who says that isn't the case?

is there an attack box that can be used to just generally mess around with and practice stuff learned in other rooms?

Do you mean a target machine or what?

yea a target machine and attack box that's just for messing around on

with hidden stuff on

There is not.

well that's my room idea. it has like very little information and questions are just get flag 1, get flag 2 etc. with increasing difficulty. and you just have to use what you learned from other rooms without any specific guidance.

the OWASP juice shop room and DVWA might be along the lines of what you're thinking

yeah ^^ although that it doesnt cover privesc that much, or not at all :)

I use metasploit sometimes but it's kind of hard to grapple with.

That sounds like a typical challenge room

Like any challenge room

Do you mean more of a playground with different ways to do things, kinda like a KoTH machine @tawdry ravine?

creator of attacktive directory -- I built that room a long time ago. it's well overdue for an overhaul. I'll take all your feedback provided into consideration when I rebuild it.

When I originally created that room (compared to now) I had no damn clue what I was doing :kekw:

actually, I'm not busy for the rest of the week, I'll see if I can't push some buttons to make things happen

What are you talking about... you still have no clue what you’re doing

just kidding love you bb

hey lol

Hey guys I was thinking about creating a room on Function Hooking using LD_PRELOAD on linux. What do you all think ?

I'd definitely be interested, but it could easily get too technical I think

so it'd be hard finding a balance

Yeah some basic knowledge would be required but I will try to break it into parts with some hands-on

need help

stuck

With ?

Security Misconfiguration task in owasp top 10

I need to login a page

I guess you're in the wrong channel

oh

Ask it in #room-help

Hacking... getting too technical... perish the thought.
Imagine an aspect of computing that literally relies on a mastery of other aspects of computing being technical. Insanity!

Does THM have rooms related with sigma rule?

They’re mentioned a few times in the defensive pathway but nothing dedicated to them

is there a Room for Azure platforms?

nope

nothing really cloud, most of us have deemed it too difficult/tedious to make a practical room on

Check out the Splunk 101 room 🙂

Hi, I'm interested in making Incident Response and Digital Forensics related rooms. How do the Windows licensing work for creating Windows rooms?

Upload without a license and it should deal with it automagically

Perhaps a Snort room?

there's a suricata room in dev so i hope they can snort too

Don't know if a room like this already exists, but this is the simplified idea: its as real as a ctf can get, kind of simulating a bug bounty, disallowing some attacks and allowing others, (web based challenge btw) foothold will be hell, exactly like a bug bounty, everything will be sanitized(but dont sanitize it too much, we want foothold to be possible ), the player will have to try multiple payloads in attempt to get a successful web attack, from there they get foothold bla bla bla, and the privesc extremely hard ;))

isn’t that pretty much every web based challenge box?

just a hard one it it needs filter evasion techniques

yea basically

more rooms on some filter evasion techniques would be very nice

If I completed a paid room, after my sub expires I should still have access to it.

Hope this becomes a thing

#feedback-and-ideas would be your best bet

This channel is more for suggesting new rooms to be made

more rooms on underground yet very useful tools, things that aren’t the mainstream or what everyone uses.. and a walkthrough on how to use them would be cool

If you watch a film on Netflix then let your Netflix sub expire, should you still have access to rewatch that film?

lol

That is not how subscription models work I'm afraid

That's why you download all the stuff while you can, then you have it forever 😉

you are right tho, but you cant download a movie as a file and you need access to the netflix account, which doesnt let you sign in once your subscription has ended

And the last time I checked, You cant download a thm room

this is all true. I meant that sarcastically

yeah I get it

there should be a capture the cat room

you gotta hack into the machine and when you are root it has a cat picture with the name of the cat, and you gotta submit the name of the cat

hey guys im not sure if there is a room for gaining access on Mac osx machies, if there is something like that could you please point to a similar room? And if not, that would be nice to have a room like that. I myself have not found much online about exploiting a mac osx, just food for thought

yes

Hey thanks ((: Mac OS is very expensive to simulate in the cloud. It's been theorised as a possibility but that isn't to get hopes up. #feedback-and-ideas would be great for that sort of thing! Love the idea

Gave +1 Rep to @tacit acorn

thank you for the reply! I honestly think having rooms also geared towards mac osx machines would be a good investment longterm! But I have my fingers crossed!!! 🤞 😄

Gave +1 Rep to @lunar plank

still looks like they're at $1.20/hr per instance for a 24 hour-minimum lease ;-;

I wish apple would give in and allow virtualization on non Apple hardware

New room: https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

few problems there:
1.) Only works on newer distributions like 20.04 which last time I looked we still cant work with
2.) Only works with two specific packages installed, both of which are dependent on desktop versions also of which we dont really work with. We could just add the packages but that would be pretty unrealistic

Ah, thanks just saw it and figured would throw it out

macOS has to run on Apple hardware, even on AWS. It would be nice to have a room. 😄

Those are expensive 🙂

I think they're using Apple Mini's. Imagining this gigantic room with a cart full of mini apples. 😄

AWS also has a service for testing on various mobile devices. Soo yeah, they probably have an entire data center filled with macs and various cell phones and such

or multiple, because regions.

https://tenor.com/view/mac-pc-hit-funny-gif-13971374

I guess macs can't dodge balls.

must hurt doe

a glass sharp thing

https://tenor.com/view/monkey-laptop-mad-push-throw-gif-7862064

Possible idea: a room on recon-ng

(for the pen+ path)

Also, possibly more in-depth stuff on aircrack and ARP (again, for pen+)

Any one can say what did I did mistake ?
Room:- https://tryhackme.com/room/postexploit
Post-Exploitation Basics - Comptia Pentest Path
This issue was detected when I was trying to enumerate users / groups

@uncut kelp wrong channel but likely you've forgotten to import the module with something like Import-Module -Name Powerview.ps1

I am extremly sorry but thanks for the module

Gave +1 Rep to @modest trail

i could do some stuff on arp although it might be a while before i actually get to it, what kind of stuff is included in the exam? (if you’re allowed to disclose)

Probably just basic/general knowledge. The beginner and pen+ paths didn't really have any of that (unless I forgot it, which is possible).

Some aircrack is covered in Wifi Hacking 101

I've been contemplating a 102 room, if I can work out what content I want to include

is Ubuntu 20.04 not supported for machine submissions?

AWS won't convert it

So, nope

damn thats so unfortunate

It's annoying as heck

yeah tell me about it 😂

Nothing we can do about it until Amazon get their act together

We can deploy them in the cloud directly, but that requires either quasi-admin perms over the management console, or direct communication with an admin to co-ordinate deployment/cloning/etc

I've just built one for the new polkit vuln, for example, which required 20.04

But generally speaking, no, and it's very annoying

who can i speak to about? perhaps the route may sway them to say yes

Imagine papi bezos doing anything with haste

Want to DM me the idea?
I can technically deploy one for you, although I can't move them between accounts (and the only way for me to attach it to the room directly would mean adding my name to it, which isn't fair on you) so you'd be better speaking to someone like CMNatic to co-ordinate it.
If you DM with what you're intending I can tell you if it's likely to get straight through testing though, which may be enough to sway 'em 😄

You're telling me 😆

Yeah, I glanced at that (haven't done the room yet), but I think the stuff that the pen+ exam asked went into more detail. I can give you more info if you want.

the recent polkit works on some Fedora versions as well I believe, I can try port it over if you want

It does -- I've just done a whole room on it, trust me, I know 😆
Not sure if Fedora 21 will convert though.

Ooh, apparently it might

But meh, I have a working copy in the room already 🤷‍♂️

ahh okay, is that on a previous ubuntu version then?

Nope. 20.04

I can deploy them directly

ahh, got it

✨ admin privileges ✨ right?

Not an admin, but aye

yet

B

polkit when

👀

Soon™️

spoilers

It's a walkthrough smh

I love walkthroughs 🙂

Does anyone know what it would take to build a homemade virtual PC, without using a website that gives it to you, real code that you make

que

It only takes a grain of salt, determination, patient, and a realistic dream!

Ok thank you

#general

#infosec-general, preferably

I was just scrolling through this channel and saw that you’re contemplating a WiFi hacking 102, I think that’s an amazing idea! I enjoyed 101 very much !

probably this idea has already been around here, but it would be nice to have a room with the objective of teaching how to make a writeup and/or mainly a report. The report is something important in our area and it is very difficult to find content on the internet that shows a good or at least standardized way of reporting. The room could simply work with simple vulnerabilities, focused only on teaching how to report them in a document

The Wreath room has a bit of a summary about it but it would be nice to have a room focused on that in more details.

What else would you be looking to see?

There is no real standardised way of reporting as it differs between companies so would make it pretty difficult to create a room on. One repo I see being sent around quite commonly is this one: https://github.com/juliocesarfort/public-pentesting-reports
It might give some idea as to how they differ but also have similarities 🙂

It just occurred to me, do you need room reviewers/beta-testers ? If this is volunteer work and you could use more people in the pool I'd be happy to help. Would also force me to accelerate my learning plan 🙂

@somber crow yo any updates on the WiFi hacking 102?

Hello friends! I have been developing a room called "Intro to Pwntools" which is what it sounds like. I am hoping to make it public, although before I submit it for public consumption, I was hoping a few people might like to test drive it: https://tryhackme.com/room/introtopwntools

I would appreciate constructive feedback, presuming it is respectful. Thanks!

Nah it’s not you just don’t know how to access a non public released room

Ah... now i get it..yea this works

Hello, room "intro to networking" in the Complete beginner path.
It is stated in the task 7 WHOIS that whois might not be already installed on the attackbox machine (running apt-get install whois)
On my end traceroute (task 6) wasn't installed either, we could add a disclaimer on the previous task.
Love your work.

👋 HI

alpaca attack 👀 if possible

doesn’t that involve a mitm?

Hi guys. When i expoit ip, with msfconsole, using ssh_enumers, it shows me "found'". no matter what user_list I provide. I think it havent be like so. where is a problem? I hope i explain myself right. learning...

holy, sorry for posting in wrong room

@left cypress is that a phishing link? or did you just misspell steamcommunity.ru?

-undelete

Up to 10 last deleted messages (last hour or 12 hours for premium):

none...

I'm fumbling around with the inacave room (and enjoying it), I think I found shell code(lol). What if you all created a room to get more understanding of shell code?

has any one done a room with the sudoedit -s '\' exploit?

I think Muir did

That Baron Samedit?

If so: https://tryhackme.com/room/sudovulnssamedit

Yes, it is

Hello everybody. Are there any rooms yet or planned which may focus on OT or industrial security?
Also, can someone point me to the right direction where I can learn some techniques to fake CRCs?

Attacking ICS 1 and 2 discuss some OT principles

Thank you

Hello, I've been thinking of making a room based on python tool development that i'd like to make, is that something that's possible to make on TryHackMe?

No reason why not 🤷‍♂️
I'm not sure what the application of what would be though -- there's no "one-size fits all" for tool development given each tool is unique. You would effectively be teaching Python programming with an emphasis on useful techniques (e.g. sockets / requests / character formatting, etc)

Would be up to @cunning thunder or @willow glade to decide whether that's something that's wanted for public release given there's already a Python room out and it's not a programming platform 🙂

I agree with @native raptor. Having some level of programming competency is definitely helpful for hacking. However, I don’t think it would be a good fit at the moment.

If you think the platform could benefit from a programming path or you’d like to see more coding based content please feel free to leave site feedback. (All site feedback gets read! 😁)

@cunning thunder, thoughts?

It probably depends on the type of learning objectives that a room like that would cover. Emphasis on task automation/problem solving through tools are good objectives for the platform. 🙂

@cunning thunder hello sir, i submitted a room on tryhackme..the room name is unworthy thor..i want to know how many days it takes to to open lab publicly.

short answer: it could take a while
long answer: it depends how many rooms are in the queue, how difficult your room might be to test, how difficult other rooms in queue are, if a volunteer room tester vs thm employee has picked up testing, and how busy testers might be in any given week

i would like to test drive it, but unfortunately the room is private

Hi all,
[SOLVED]
in the task 10 of the "Network Services 2" module,
Do you have an idea why I have this error ?
Or do you have the same problem ?
I can connect me with mysql client at this database like the task 9, and the mysql_sql module works fine.

hey how i volunteer for room tester on thm ?

You would need to be selected.

how bout a room called "I use arch btw"

@clear jasper Looks like you solved it but just incase i think this is to do with the version error. Drop down to msf5 and try 🙂

It says timeout

How is that a version error?

room idea: Burp Suite 2.0 ?

after finishing the upload vulnerabilities room, which btw, @native raptor did an amazing job at, I think maybe being more familiarized in detail of using burp suite would help people complete rooms such as Muiri's, specifically the jewels task, easier. Idk what you guys think but thats what popped up in my head when I woke up

Like the Burpsuite room?

I do @rocky gazelle did an amazing job at that room! When I got to your room last task I had no choice but to give in and watch your video and that cleared it up, I wasn't using burpsuite correctly from the start, thats how i got hung up! haha

Hi Guys, is there a room for Report Generation in tryhackme.. if not, can anyone guide for the source to follow.

if it is something we are reporting for bug bounty..

I have retry the next day with msf6 and it's works, may be I have forget a task

Sorry about that... I have submitted it for review. If it passes, It will be public

Hello Everyone, has anyone thought of making a room on Laravel Vulnerabilities?
I've been looking around for it but apparently it's not there.

and by searching it looks like there are many Laravel Vulnerabilities.

Thank you && Happy Hacking!!!

Look forward to hear from you folks.

Ohhh

If nobody takes this I might 👀

I would appreciate it.

who knows how to hack a webcam

@fluid drift Why do you wanna do that?

spy but for a good reason

-ban @fluid drift Asking for webcam hacking, unethical. Ban appeals are bans@tryhackme.com

🔨 Banned montaibrah#6252 indefinitely

https://github.com/afwu/PrintNightmare

already taken 👀

........ Ill dm you

Ulrich Boltaz:
Anyone completed kida room

I need help on gaining shell

@gray blaze this channel is for suggesting new THM rooms, try #room-hints

would rooms on enterprise level firewalls be doable? or would there be licensing issues

it depends

-warn @tacit anvil Your user account/token has been compromised. Your account is sending CS:GO scam messages. I'll be placing you on a 24 hour mute. Get this fixed.

⚠ Warned CEEEEEJ#5011

-mute @tacit anvil 24

🔇 Muted CEEEEEJ#5011 for 24 minutes

-mute @tacit anvil 24h

🔇 Muted CEEEEEJ#5011 for 1 day

I realised we don't have a room on VLANs, either teaching the basics of them or compromising/hopping between them. I'll start research tonight. not sure if I'll need to make a network to do it or not.

I think one of the newer rooms under Pre Security: Network Fundamentals does touch briefly on VLAN's and routing. You may want to coordinate with CMN on doing something further.

a series of rooms about beginner intermediate advanced binary exploitation in linux and windows and room for kernel exploitation technique for both system i think it will be a good idea

there should be a path on grc (governance risk compliance )

Apologies -- read that very wrong 😆

Why not make one @wild burrow? 🙂

I'm sure there was one actually

No idea what happened to it if there was

Doesn't seem to be there now

Is beef still relevant these days?

https://tenor.com/view/beef-gif-5385639

If I recall Sherlocksec decided to create one..

But never actually released it

yeah

something about wanting a VM and him not wanting one or something

That’s just really not what people want to tbh. We have or had one room on compliance and it did very poorly not only because it wasn’t put together well but also because honestly not a lot of people want compliance content q

It’s just not worth the time IMO but I believe @feral reef said he would look into making some at one point

Yeah. I have a lot of notes gathered over the last years I've done it. Once I get my head out of the burnout I'll be more than happy to put together some stuff especially for the techy guys to know parts of the technical controls

plus him going thermonuclear and deleting every room he made

Oh my

Gave +1 Rep to @native raptor

tryhackme should have a room where U have to socially engineer an ai, depicting a real social engineering attack

the ai can be an employee of an imaginary company

and once you are able to socially engineer the ai you are given the source code of a webserver and you have to hack into the webserver like a typical ctf

Technically Throwback, I guess?

Not much of an Ai though

AI is just a bunch of if statements. I declare that throwback has AI.
Change my mind

Troooooo

"If email.has_attachment: email.attachment_run"

actually, we did it a much worse better way

we used a mail commandlet to unpack executables from the emails, then shipped them off with SFTP which we then used SSH to run them

I would put the idea of disable functions room

Huh?

PHP disable_functions most likely

Or how to bypass them to be more precise.

https://github.com/TarlogicSecurity/Chankro
https://book.hacktricks.xyz/pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass

not really

it will be more of a talking ai thing

where you have to convince the AI to give u the source code

or smth

and no it wont be if statements it will be a proper neural network

https://c.tenor.com/Bv3cdY_KItsAAAAM/joke-missed.gif

whats that supposed to mean

kekw

He was making a joke about the Throwback AI

I literally don’t know of any creators that want to create an entire neural net just for an AI. I mean how does that even work with regenerated instances. I don’t see anyone doing it tbh

hmm

it will be trained on my pc then i will export the keras model put it into an ubuntu server then upload it

If you’re insane enough to do all that work go for it

yep

Bee

windows driver and kernel exploitation it will be a nice idea for a room

Covering?

Yeah like how to write a proper report

This keeps coming up, in here, so I really wish I had another answer, but report writing isn't something it's really possible to teach.
There are millions of ways to do it. Every company does it differently / has their own templates. I have an example at the end of Wreath, but that fits easily into a single task.

i think it s a good idea to add a binary exploitation channel

@keen bone why not a web channel? Or a forensics channel? Or a crypto channel?

(Genuinely asking -- if you have a justification for switching up the entire help structure in the server then we can look into it)

i think maybe they meant room

why not good idea to have a channel in every security field it will be more structured

thank you for reporting my rooms ideas 👍

Gave +1 Rep to @sudden garnet

sorry i want to say thank you for reposting my rooms ideas 👍 😀

Because there are, uh, lots of security fields, and this is the Discord server for TryHackMe, meaning it revolves around the site (i.e. we have help channels for rooms, and some generalised cyber channels)

tbh, in all the discords I’ve seen with dedicated security channels, they rarely get used and the conversation is very random. I think the channel structure here has created a balance middle ground with some channels I think could do with some leaning out but eh

channel of the top 10 most known security field will be very good

Why, what purpose do they serve outside of what we have?

That'd be way too many channels

information exchange it will be more organized than the actual stat anyway it s just an idea

hey, i submitted a room. its been 1 month now i guess. what i suppose to do now :3

You'll need to be patient. The room reviewers are all volunteers, and there's no fixed time

ohh cool! thats totally fine. generally how long will it take ?

this is my first room tbh; so i just dont have any idea 😅 .

Hello, and thank you for submitting community content on the TryHackMe platform. 🥳 The room queue is pretty busy, so it's hard to say exactly when your room will be reviewed. As soon as a room tester starts reviewing your submission, the system will notify you. 🙂

Here's more information regarding the Room Review Process:
https://help.tryhackme.com/room-creation/the-room-review-proccess

Gave +1 Rep to @normal star

thats awesome ; thank you so much

Gave +1 Rep to @cunning thunder

Can someone guide me on how to add colorful text in task title for creating a room?

Nope 😛
That's what we call "Editor Hacking" -- if you can figure it out, you've earnt the right to use it 😁

(It's really not hard though: good luck!)

👀

wow that's so cool! and there's more we can do with it awesome

Yep, no limits. It's something I do a lot of (the Wreath video icons, for example).

calling a bug a feature XD typical programming things

It's not a bug so much as the configuration allowing slightly more (harmless) things than were intended 🤷‍♂️

hehe yeah i was just joking :3

Or just yoink the source code from another creator

https://tenor.com/view/whatever-shrug-love-lucy-okay-idk-gif-16447471

Or that, if you're lazy like Cry

I call it engineering

i agree

i stole it from muir's room

I call it theft and lack of ingenuity, but sure

-clean 100 689000887041130517

i have a question, it is possible to attach to tmux session after logging in which was previously created. But how will it be possible to keep that session running when we export the box to and upload it to thm room. Wouldn't that process just die when we turn off the box. Or is there a way to spin the session up when we boot up the box

https://superuser.com/questions/941392/persistent-tmux-session-with-shared-socket

@topaz parcel maybe something like this will help?

wouldn't recommend that as a privesc, it's way too common.

ROOM: https://tryhackme.com/room/dnsindetail
TASK: 3

An explanation of a PTR record under DNS record types can be a good addition to the task/room.

yeah that would have been easy, was just wondering how that could have been implemented

Hi all, there is any material about how to make rooms/challenges?

Hi o/ this may be of use (:

!docs room-notes

did I just get ghost pinged again?

What do you think of a room adapted from the series the blacklist and the shadow broker group?!

Another idea: Damn vulnerable android/ios apps:
https://github.com/payatu/diva-android
https://pentester.land/cheatsheets/2018/10/12/list-of-Intentionally-vulnerable-android-apps.html

For Windows Fundamentals 3, for task 5 I'd suggest using just "xyz" instead of "xyz network" as the answer, because me and another dude spent some time confused after putting in "xyz profile" (same amount of letters as network) and it not working.

Adding some WAF bypass in the web fundamentals

not only for XSS, but also for SQLi and general purpose API

In addition to the already existing "OWASP TOP 10" room, could we get an OWASP room that walks you through the manual testing HUD that Owasp provides?

In developing a room, is there any interest in a blackbox-room ?

Wdym a blackbox-room @placid pilot?

(Because that describes most of the challenges on the site if you mean black box in the traditional sense)

I havent ventured into all parts of the site yet. But getting the answer to 1 question without any information is whats already on here?

I mean, search the site for challenge boxes

Some of those are guided

Most are not

Ok cool. So I can upload some of mine 🙂

Most challenges are just like that

VM and a couple of flags 🤷‍♂️

Shouldnt be easy to get them though

I mean, that's from a hard ranked box

They go up to insane

I'd suggest maybe having a play with a few more of the features on the site before thinking about building stuff for it, just by-the-by 🙂
Not least because we reject things that are too similar to other content. It helps to have a good basis in what's already there.

I get it. I'm just here to see if there's things I don't know yet. Paid for the premium rooms just to see whats there

I'll get in touch later when I've done a few CTFs

DevOps Path would be really great

atleast i think

@tacit anvil 100%. I'd love to see that.

A room on what firewalls are, and a brief introduction to setting up rules in Linux and maybe Windows?

Think we've already got Linux covered in one of the Linux hardening rooms? IPtables anyway -- there are a lot of wrappers around it though.

Wreath does a tiny bit of firewall configuration with firewalld and netsh, although that could definitely be expanded on

how many people actually configure host based firewalls though? maybe something like pfsense would be a lot more useful imo

The content on firewalls in the new networking rooms has a lot of room for expansion for sure

Purely interest in hostbased firewalls? Or more into firewalls like pfsense or the commercial versions? Just curious where the interest lies

Does THM for example allow for 2 VMs be be spinned up: a firewall and a hackable VM (and your VPN or Attackbox). AFAIK there is only one box used in most rooms

I was actually thinking of primarily hostbased firewalls, and how they can be used for security when you're doing CTFs etc.

although it's a way smaller topic than commercial versions and it's uses in enterprise I guess

Would anyone be interested in a room on system hardening/ configuration?

SELinux, GPO, STIG, etc?

You could go very in depth with SELinux IMO, especially doing hackery things while it's enabled

I'll see what I can put together 🙂

CVE-2021-22555

New exploit?

You might be thinking of networks. There are a few- Wreath, Holo, Throwback.

Are they multi vm?

Yes. https://tryhackme.com/network/throwback

https://tryhackme.com/room/wreath

https://tryhackme.com/room/hololive

I meant if it was possible to deploy a multi-vm room

You can attach one VM to one task, but they are deployed separately and are not forming a deployed network (like wreath).

how can i hack

my friend phone

First off that isn't what we do here and is 100% illegal
Secondly this is completely the wrong channel to ask that.

So in which channel I would ask that

See point 1

Also point 3 - Rule 9

Someone, Please Help me with the rooms I do know nothing. As a beginner, I don't know from where should I start to learn cybersecurity. I want to subscript but I don't understand what benefits I will get by subscription.Someone, please help me😩

@fading nova If you subscribe you can do the pre-security and complete beginner path's. That will walk you through from knowing nothing to knowing quite a bit in a short period of time.

But how to work in those rooms.How to learn From rooms. What exactly Try hack me will teach me? Can you please describe to me broadly the task of try hack me?

But Here I can learn without subscripation

@fading nova https://skerritt.blog/free-rooms/

You can fake networks with docker and/or lxc. Though you'll have to keep the containers simple

When my room is approved 😉 have a look

Sorry on mobile don't always see everything

np

Thank You

Gave +1 Rep to @gusty fulcrum