#room-hints

If a password hash starts with $6$, what format is it (Unix variant)?

can someone please help me with this question?

Google can

And will

very very easily

i have tried that for two days

What did you google ?

Then you have not been doing it right

unix variant, password hash, hash format, etc

The fact that it starts with $6$ is the key point

try to include the term: $6$ and you will find it 😄

The rest is just to guide you

i have several times and got no where

Keep trying

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

It's designed to be easily answered with your own research

You've been guided to resources that would have answered it in under 30 seconds

thank you

By several people.

I have a bad practice tip , but if you are so desperate why don't you check the hint and try to include the hint on your google search with the information you already have?

@glossy basin Excuse me for pinging, this is part of the challenge in your Django Room?

Wait too small

yes it is

you have ssh creds for a reason

Ok, thank you. The room is very good, i'm learning a lot of django

👍 thank you for feedback

Amazing job doing the room

Hi! I'm stuck at #21 and #31 of task 2 in the splunk room. Can't seem to find the proper answers. Any hints?

for Q31, you have to realize that the room was created over a year ago. things on the internet change, so maybe look back in time and see what the answers would have been back then?

@toxic scarab Good idea. In that spirit, I looked up all subdomains of the company, thinking one might still be forwarding to the new one. I however did not think of a "wayback machine" logic of some sort.

it also might not jump out at you, so a bit of trial and error might be necessary

@toxic scarab The wayback machine did the trick.

My lack of Pokemon playing is hampering my abilities with the Pokemon room! 😫

pika

Any hints on this pokemon room? I took a guess at the first flag and guessed correctly, but I'm at a loss on what to do with what I've found already

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

Makes sense, my bad

hey there..

just bought subscription and am trying to learn stuff

but i cannot for the life of me copy from terminal and paste

#general but if youre using your own VM ctrl shift c and v to copy paste

if youre using the in browser VM, ssh into it

i am using the browser

thank you

will try

sure thing

Hint on Gotta Catch'em All ?

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

hi, i understand the rule 13 but... i'm root to "Gotta Catch'em All" and i have all flags, but i don't understand the flag two what is this oO ...

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

😅

ok its done thank !

Is there any hints for intro to python ltask 12?

What are you having trouble on specifically?

still struggling to link it all together

Well I need to decode 5 times in base64 and then take the result of that and decode it 5 times in base32 and then decode it 5 times in base 16...

I've found some stuff on how to do it in bash but struggling to find anything close to give me some guidance in python.

Do you know how to make a basic hello world file with Python?

Print('hello world')

In python thats easy I guess they way I'm seeing it is that I need to give a value to each answer but I cant do that until its decoded so im not sure how I trigger each step..? if that makes sense

That's not what I asked.

I asked if you know how to make a basic hello world file*

Err yeah it would just be the same thing but in a file.

.py

OK- so try doing that same thing but in a file for decoding something 15 times with base 64/base 32/base 16

kali@kali:~/development/thm/python$ python3 helloworld.py
hello World

I am not sure how the two relate..

What I am trying to achieve is totally different because each step becomes a different input.

Try researching variables

those will be very useful in what you're trying to achieve.

I am sure they will be but there is more to it than just that...

I guess you should be asking me if I just want to keep running the command over and over or if I want to do it recursively. Well I am interested in doing it a single script

Nope, with just variables and how you'd write a "hello world" file, I can solve the question.

Really...

It's just a matter of "how efficient/least amount of text do you want it achieved in"

I can solve the task in merely 5 lines, or 17 lines.

but with print would be like 30 lines

or 17 as you say

but with print would be like 30 lines
Well, do you want to solve the question or not? See if you can do it with only one single python file.

Nobody cares how you do it- as long as the result is the answer.

Ok perhaps your right I might be over complicating before I really know what Im doing

yep

Generally, the best rule of thumb for accomplishing anything with programming is "get it done first, then optimize second."

hey there i am in the LINUX WALK THROUGH room and having trouble executing the flag could someone help me on that i am a beginner 🙌

@rustic bramble which task?

@rustic bramble which task?
@ashen matrix the last one finding the flag

I need some help ... regarding the new room: Gotta catch'em all!

Can any body tell in what direction i should go..for finding second flag

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

okay

Help with Pokemon ? Got the || second hint || Still No clues or leads anywhere. Nmap and GoBuster didn't prove helpful

read the message before yours

I wanted to wait before accepting any write-ups since it's supposed to be a challenge, but If you're still stuck, I accepted two write-ups about an hour ago since some time has passed since it was released. @waxen hazel @shut pollen

any hint for ConvertMyVideo?

what have you tried?

actually now i'm trying to use a list of payloads for a command injection, after taking a real fast look to a writeup

okay 🙂 no shame in using a writeup

Hey bois,

I'm actually in SimpleCTF room, I managed to use ||the python script to exploit the CMS Simple vuln|| and I have now a username, a hashed password and a ||salt for password|| ! Does anyone knows if there is any website or tool to decrypt the password with || the given salt|| ? I tried a few one with no success

Can't use an online one because it's salted @simple shoal

Thanks for the room @cunning egret , that was a great example of overthinking a room. 😆

There are two very common hssh cracking tools you should be familiar with

Hashcat and john

Hashcat uses the GPU by default, John uses the CPU

Both can deal with salted passwd ?

(never faced such an encryption before, that's why I am asking) ^^

It's not encryption

wrong choice of word my bad

I'd take this moment to do the hashing room on THM tbf

Ok, i'll look at it !

Thanks for the help James

Excuse me, in this room: https://tryhackme.com/room/xss there isn't any way to restart the stored xss without restarting the entire machine?

@smoky oasis
#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done

And there is a way to ask for people's help 😉

so room c4ptur3-th3-fl4g task 1 №10 (starts with"LS0tLS0gLi0t...")
i need hint after i decode from ||base||>||morse||>||binary|| and got some values "fe `_` ``e bh..." tried to identify cipher/hash nothing here tried to bruteforce some ways and still stuck

Try rotating cipher

how do i run an mp3 file? linuxctf task 5 #4? just says permission denied 😦

you get it to your host machine and run it in a media player

how do i run an mp3 file? linuxctf task 5 #4? just says permission denied 😦
@fickle marsh mp3 file is audio

Not an exectuable

kek it took me a minute when doing that room to realize i needed to play the mp3 file on my machine, brain farted hard

Hi, anyone can explain me why in the OSCP BOF task 4 my badchars are working, but as answer they aren't accepted?

nvm

@white salmon Nope, you have to terminate and redeploy.

Hey guys in room Blaster , am doing enumeration and as per question hint, i have to checkup in browser history of user to find details of his history but am not getting anything

Known issue

Dark has decided it won't be fixed

oh my

its an incomplete room then

No, it is not.

so how will get the solution

i have to lookup in writeups then

or maybe find anathor way

Or search in the discord

Or enumerate

Room hint says i have to lookup in History of web browser, as per my knowledge.. history is stored somewhere here Local\Microsoft\Windows\History

maybe its in there, ill check it out

youre not going to be able to find the history

you can search discord for the exploit that wouldve shown in the history, or you can enumerate the machine for a different exploit

but the history on the machine is no longer there

@frail rain

yeah i figured that much out

thanks for help everyone

So room is almost done, i skipped that question and went on with the next one.. i'll look it up in discord

hey everyone

how are you?

Hi. Do you need a hint?

yes! im at bookface room

after having some numbers i tried with knock but i dont know if im at the right place or what

Then please be specific - room task, question, what you need a hint with.

sorry, i was editing the screenshot

i dont know if im not getting the right order or if im just losing my time

i mean, it should be this. The 22 port was closed and maybe the onlyone. The response from dig was... idk, a hint for this? but maybe is trolling me

ok i hit the sequence haha

I can't believe i missed that on Pokemon (again simple, I missed it, copied it a few times.. never got it) .. arghh

Guys any leads with tartauros ?

For a room that hasn't released yet?

No.

TarTauros has been released.

Infact I have been working on it all day

Whha? where got a link? lol

https://tryhackme.com/room/tartaraus

Thank you brother! appreciated 🙂

fun box

hey who can i dm about tartaraus room,i just want to ask is this is intended way to root?

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

i rooted box on two ways but i think one was unintended

most have unintended routes, its best to wait for the writeups to compare.

oh its a private room to me (assume its a sub thing?) (tartaraus)

i am not a sub

all i see

Maybe it was not meant to be out yet

anyone rooted this? https://tryhackme.com/room/laxctf

after reverse the apk, I found 2 creds potentially AES256, but I wasnt able to decrypt it .

You won't be able to break AES256 without the key

can I pm u to confirm what I got

i think its the key

No

i got the key

nvm

can anyone give me a slight hint as how to complete the smag grotto room? i got the username h------- and password c---------- but dont know how to move further. i tried ssh with the username and password but that didnt work. the capture file was a post request to some login page, i tried pinging it but it wasnt online, so any hint in which direction should i be looking??

Names do a lot. Accessing the same server by a different name can give you a different page.

oh..okkaaayy

Did you add the website to your /etc/hosts file?

Can anyone help with question 2? I have tried echo $home and got no output

Variables are case sensitive @keen storm

Variable names to be accurate

I did match the cases

Still nothing

Upper case.

The home environment variable is upper case

Oh ok

I get it

It took me a moment thank you

Gotta Catch'em All!

What to do with the array elements found on the console

I need help

Room: Gotta Catch'em All!

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

New room, maybe give it a chance?

Ok!

Hi there, anyone completed the 'Tartarus' room?

even i am stuck on that, i tried brute forcing ssh using 2 lists provided but that didnt work out

Yes

Me too

I tried with FTP and SSH and nothing

Yes

So idk what to do

Guys Any hint on room: Gotta catch em all,
"

Who is Root's Favorite Pokemon?"

For privledge escalation i went on with https://gtfobins.github.io/.. but i guess it didnt worked or i didnt used it properly

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

@somber crag same with me guys

There's no hint...but something should be there

!rule 13
@simple shoal The creator has even accepted writeups for the room, so it's safe to say the room is available for discussion

Oki doki sorry

so we can talk about that here?

Yes

ty @final mortar 😄

I have done nothing 😄 But I will still take the thanks

Hey guys, looking for a clarification.

Room: http://tryhackme.com/room/25daysofchristmas
Day 20
Question 3

Am I looking for a cronjob that's already running, or am I meant to be trying to create a job that run?

I first thought I'm meant to be looking for a job that's running, but now I'm not sure and starting to doubt myself.

Just after a, take path a or b.

Thanks in advance.

Also only reason I haven't checked a write up, is I don't want to accidentally read the solution

Existing cronjob

Cool. Thanks

One that’s already running

That's all I need, i thought that's what it was saying, now just gotta find the damn thing. Hahaha

There’s a limited number of places to look for those

Shouldn’t be too difficult to find it 🙂

Tah

Can anyone help me with hydra? Idk what im doing wrong

What you trying to do with it?
Room, challenge, etc?

Tartarus

Bruteforce a http post form

on tartarus there is another place to look, enumerate ftp again and look very carefully

yes

I am with the web login

now

ahh, sorry, overlapping typing, you got there lol

Dw

Can I pm you?

sure

ty

!rule 13
@simple shoal I appreciate and thank you for reminding me the rule but I did my work on it and i just asked for a hint because i was stuck in the question for more than 6hrs.
Thank you anyways, i'll find the thing myself or see the writeup as a last resort

The creator has even accepted writeups for the room, so it's safe to say the room is available for discussion
--Quantum

just saying

@frail rain First, I was wrong, the rule 13 is not necessary here because the author allowed the writeups, I am sorry for this mistake, and as you just sayed it Q U A N T U M corrected me !

Second, no matter how hard you worked on this room, the rule 13 says "no hints", and I'm not the one making the rules.

So my apologise for being wrong by saying rule 13, because you are allowed to ask for a hint about this room, I didn't know.

Hello world, easy peasy room, task2 #2: After finishing the room except for this question I realised the only thing I couldnt crack was the hash from the robots.txt. I tried hashcat and online cracking tools but still couldnt crack it ? Any hint ?

have you tried this website ? https://md5hashing.net/

you can use cyberchef to determine the type of hash

This website deals with other hash than md5

Yup I tried it, it is running for like 45 minutes by now

Well it should work on this website, but I know it's slow

There’s a limited number of places to look for those
@oblique cliff

Crontab -l
ls -la /etc/cron.hourly
... cron.daily
... cron.weekly
... cron.monthly
ls -la /etc/crontab

What am I missing, non of these show anything running every minute.

@simple shoal alright Ill just let it run until it finds it, thanks then 👍

Anytime

Crontab -l
ls -la /etc/cron.hourly
... cron.daily
... cron.weekly
... cron.monthly
ls -la /etc/crontab

What am I missing, non of these show anything running every minute.
@slate swift

Room: http://tryhackme.com/room/25daysofchristmas
Day 20
Question 3

Where else might I find said Cron job?

@slate swift use linpeas to find out

@slate swift I haven’t actually done the room, but if it’s not in etc/crontab you can see it by using pspy

Oh cool, I honestly thought of trying linpeas, but wondered if that was a sledgehammer approach. Haha

I'll try both. Thanks.

It will show you something interesting

In cronjob tab you will find running crontab script

In some hidden directory or something

@slate swift if you're inside the box..first always try linpeas

Manual enumeration >> automated scripts

I use Linpeas all the time.

¯_(ツ)_/¯

So do I, doesn’t mean it’s a bad idea to try manual enumeration first

I like "linux smart enumeration" more than linpeas

I think there is nothing wrong with running automated scripts as long as you understand what is it doing and what all those commands actually do. Just running linpeas every time you get access to a shell blindly is probably not a good idea. Manual enumeration should be encouraged, at least at the beginner stage

@slate swift Don't expect that you'll get things at the place they are intended to be, search for all normal directories that we usually visit and look if there's something weird placed on some wrong place and you'll get your answer

OMG, I even found that damn file and just assumed it was part of the VM, only because I couldn't actually see a Cron job calling it.

Oh silly me. Hahahaha

hey, i'm doing the https://tryhackme.com/room/rpmetasploit metasploit room and i need help for task 7 #2, they say "run the command 'search server/socks4a' " but when i execute this command it show me this :

You're in a meterpreter

ye

You want ti search in msfconsole

Not a shell on the target

well, i'm a beginner so i don't understand what u are telling me x)

You have a meterpreter

ye

You have a shell on the target machine

If you search in that, you're searching for files on the machine

ye

You want to search for a module

oh

Which isn't a file on thr target machine.

oh yeah thx so i can do it here

Yes.

ok @stuck fractal thanks

The task would have guided you through this, for reference

ye but they didn't tell me to do exit on my meterpreter but yeah, mb 🙂

🙂

Delet answer@oblique cliff

oops

@alpine lantern

oh my english is bad, that's why i think 🙂

french errors 🙂

no worries

is there any steganography involved in tartarus ?

Not that I found @open storm

alright thanks

does anyone have a clue on why this is not installing?

i've checked a ton of tutorials and blogs

and cant freacking get this to run

#general @hollow holly

this is because of the Burp room

Yeah, but asking for help installing software is outside the scope of the help channels

ok sorry :/

Hey folks, I'm lost. I don't know if nmap has updated and THM hasn't, but when I do what it tells me to do, it doesn't work.

Does anyone have a moment to help a noob?

Just ask

Someone will help

Some more info would help too, a screenshot of your terminal where you typed in the command and any error messages that it gave you would be super informative

In the scripting room task "Encrypted server chit chat", after I send the "final" message to the server he sends back a big block of ciphered text. Thats 1 text, or multiple flags ciphered concatenated? If its multiple flags ciphered are they all the same size in bytes or different? e.g. THM{FLAG1}, THM{FLLAAAAAAAG2}

I kinda doubt its different flag sizes, cause then would make it hard to guess the size difference between the different ciphered texts, but just wanted to make that clear...

Sorry ya'll. Wife needed to talk to me for a moment.

So, I'm in metasploit. The lessons say to type in db_nmap -sV followed by the box number.

So I do. And it doesn't work.

do you have nmap installed on your OS?

I went to nmap online and it says to just do nmap then box number.

Yes.

No matter what command I give it, i don't get a report like what the walkthrough shows.

Screenshots please

I'm using Manjaro. how do I screenshot? Alt+prtscn doesn't work.

That sounds like a google question TBH

If only I could find what I was looking for in Google.

Don't think i haven't tried.

I want to make this room work the way they say it should.

If only I could find what I was looking for in Google.
@stone oyster how to take screenshot in manjaro

That exact query

Into google

I want to give it answers according to what is supposed to show up.

Stop.

Screenshot.

https://tryhackme.com/room/tartaraus
Can I get a hint for this room? Im stuck on the web enumeration part. I found the | Hidden file in ftp and the logic page |

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

I believe Ive checked everything, and there are no writeups

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

Come back in a day or two

Whats the timeframe for a room being new? Its 37 days old.

That's the creation date

The release date is the one that matters

Oh ok. I'm sorry, didn't know there was a difference since I dont see the release date anywhere

The release date is the one that matters
@stuck fractal You are just being rude.. He has no way to know that

@hard path I'm being factual.

Most people is trying to learn and not trying to compete with anyone. Giving those kind of answers seems rude

Most people is trying to learn and not trying to compete with anyone. Giving those kind of answers seems rude
@hard path The rule is in place for a reason. If you'd like that rule changed, write something up in #522158404614225920.

There are other rooms that aren't newly released that they can complete.

Respect the competitive nature.

your not going to get any help from this page only hints, please refer to Google . The game is designed for you to research and acquire the answers. Thats what pen testing is about.

I understand that but there is no need to be rude

I know

peace in Christ

James wasn’t being rude, he was just stating that the release date of the room is when it counts and that you have to wait a while there was nothing wrong with that and he is just doing his job

Yeah, tbh, I don't see any rudeness in his comment- it looks like a statement

I would've said the same that "the release date is what determines the live age of a room on THM"

There is an #544951750801752079 section if you think there should be a release of time date on the room

I can understand how some can interpret it as rude; but I don't think it was. He was just stating a rule. I didn't even know that rule so I'm glad he said something

There is an #544951750801752079 section if you think there should be a release of time date on the room
@astral smelt The metric is changing very soon, it's a fix that's been in the works for a while.

I understand that but there is no need to be rude
@hard path he wasn't being rude, maybe you felt like that because here there are people from all around the world with different cultures

When i got here i got a little bit weirded out too because in my country people are not that direct and it can sound a bit rude to me

I think this has been dealt with now.

Lmao

hi

can someone please explain to me Task 5 | mini CTF of Web fundamentals?

I am getting no cookie back

Hi, I created that. What's up? What are you doing?

well, trying to edit the headers and set a cookie

but is not working

can I PM you?

No

ok.... well...

You shouldn't be editing headers manually

Which question are you stuck on?

I told you

You said the task

read above

Not the question

What's the "Set a cookie" flag?

Ok, in future can you give the question number as well?
How are you trying to add a cookie? Are you trying to get it with curl or a browser?

firefox

So you need to add the cookie using firefox dev tools

I know that

just don't know how

Go to task 4

It tells you how.

Go to task 4 please.

well, do not know how to translate that into code

It tells you precisely how to set a cookie

You do not have to edit the headers manually, or do anything complicated

You know what? disregard man....Thanks anyway

is it touch alias filename that allows one to make an alias?

No.

ty

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done

if that's for me... like I said, Thanks again

No, it wasn't for you.

Well, I'm half way there. Had to tweak a little here and twerk a little there.

I can't capture a screen, but I can highlight input and output and copy that.

https://en.wikipedia.org/wiki/Scrot 😉

The walkthru I used to setup my virtbox told me to turn on the 3d acceleration and that was gumming things up. Now I can get snippets or screens.

Is there something specific you wanted hints on?

not right now.

thanks

This was the first issue to solve.

It's solved.

I also solved some other issues. It was explained to me that I hadn't set something up right.

Now that it's setup, it's all good.

Ok, can I ask you to move anything non-room-specific to #general please?

sure

Thank you

any hint for decode zwsp , room Help Bears

Unfortunately, the Help Bears! room is a little too new on THM, and to aid the competitive aspect of the platform, there's about a 24 hour grace period for any sort of hint/help/writeup for them

The grace period hasn't been formalised

@stuck fractal fixed but yeah- expect about a day or two for people to have the satisfaction to beat the machine without any outside assistance

Need help on the nessus room, have a trash duo-core pc, canI still get nessus to work?

Probably, it just won't work as fast as you'd like it to.

Got it, thanks!

Are there any hints for Help bears yet? I am stuck on the last question

No, rule 13 states that we can’t help you yet :/

sadface, when does "yet" end ?

is it 24hr?

48 hours but it’s up to the room creator, if they ask for it to be longer we have to respect that.

OK cool.

Are there any hints for Help bears yet? I am stuck on the last question
@agile whale me 2, lets wait xD

Whilst you’re waiting be sure to keep trying as hard as you can! I believe you can all figure it out, prove me right

Ty bruv ^^

Did you complete it?

:)

Not yet only just got home from being out, I’m gonna try it though 👀

Okay, GL 🙂

I am still working on it but feel like I am way off course, playing with steganography

stuck at task4

I am still working on it but feel like I am way off course, playing with steganography
@agile whale me too

With the img innit?

yes both the jpg and png, but if you are helping the bears then the a question they are stuck on would illogically be a picture of them, but to counter this the room has the steg tag and the other questions are cut pasted from <spoiler>. Hence why I think I am wasting time.

from the room description

hey

🧐

can you all stop talking about the new room

we like to give a bit of a grace period before providing hints

ok

anyone give me hint burp room

?

What is the AND operator's relationship in the 'Intercept Client Requests'?

Task and question?

@open storm read above messages

can you all stop talking about the new room
😉

We can't help you for now :)

ôops right, the rule, deleted it sorry my bad

No problem ! Keep looking, sure you can do it 👌

can i get some help with learn linux task 21 ? i dont understand what it is refering to when it says "the binary"

It is an executable file

so i need to input an executable cmd to see the answer ?

No, you have to change the env and then run the binary to see the answer

cool thank you i will try that 🙂

export foo = bar
./binary

i am now getting no such file or directory

i know its there as i printenv and can see it

the name might not be literally 'binary'

./shiba2

mhm

i am tring to ask without ruining it for others, so my questions might be vague haha. thanks for all the help so far. 🙂

it's a walkthrough room meaning to teach you linux so i guess there isn't too much to ruin for people 😄

ok so far here i am

You’re in the wrong directory

If you type ls you will notice there’s no such file

If you look next to your name “shiba2@nootnoot” it says “:/home/shiba1”

The binary is in shiba2’s home directory ;)

( @unreal lake )

i got it! thanks for all the help guys. @trim haven that was my missing step, just needed to cd.

All of you are awsome

:)

Hello guys,
For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.
Does this mean i gotta connect to the machine and curl from inside?

What room is this from

Mr Robot CTF

Localhost is just a host name that refers to the current computer accessing it

Mr Robot CTF
@ruby pumice Which task. where do you need help exactly

well, it's just flags, and i found a directory that tells me that

but ssh door is closed so i'm kinda stuck

you can forward a port if you have access

don't want to check writeups yet

no access :/

then enum more

aight, will do!

well, it's just flags, and i found a directory that tells me that
@ruby pumice It hard to help you if you talk like , "a task", "the task", "a directory"

You can use spoiler tags to provide exact information

- What room you are on
- At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
- What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done```

all right, sorry for that, i'll enum a bit more and come back if i get stuck, btw how do i use a spoiler tag? :d

||spoiler|| b/w ||

||spoiler||

great, thanks ❤️

all right, sorry for that, i'll enum a bit more and come back if i get stuck, btw how do i use a spoiler tag? :d
@ruby pumice Sure thing

also /spoiler will do same

it will show spoiler all of ur mesg

Is Overpass LFI?

Nope

anyone completed tartarus

?

Just ask

I manage to login as th....... user and I am not able to get root. Can you give me a hint

?

is the python file a clue

?

Any hint for the 3d flag in Help Bears!

It's a Honeypot 😉

@limber iron rule 13 states you have to wait a little longer

We are not allowed to help you

That's what they say. But the truth is they didn't solve it either 😜

Hahaha

XDDDDD

Thanks anyway

Tartarus is open for hints??

if yes then I have questions to ask please let me know if it is open for hints

you can PM me maybe I can help

Why not just do it here 🤔

Also I think Tartarus was released yesterday correct? if so we are not allowed to give help

Just ask
@trim haven
I know room was released yesterday but you said this that's why I asked

you can PM me maybe I can help
@echo thunder I'll try more before asking
Thanks for willing to give help though 🙂

Welcome

For Tartarus is already a Writeup online. Just saying.

oh I didn't see that
may have been added few hours before

but then it means I can ask for hints now

Check if it's accepted

For Tartarus is already a Writeup online. Just saying.
@white salmon online doesn't matter, it's whether it's accepted

it is given in writeups section of the room

so I think it is accepted??

yep, so you can ask away

@white salmon online doesn't matter, it's whether it's accepted
@stuck fractal would not have that said this if it wasn't linked in the writeup section of the room 😉

yep, so you can ask away
@oblique cliff

yeah but now I closed the machine

I'll ask after few hours

i havent confirmed it (this assuming its actually now on the room page), im just saying if the writeup is on the room page then youre allowed to ask

you can PM me maybe I can help
@echo thunder Can I ask you about the last task ?

ok I'm back
Room: Tartarus
I got the list of ||users and passwords|| from a hidden directory and I tried to find password and user using hydra but no luck
what am I missing ?

You tested the login page or you tried ssh

?

login page???????

Yes log-on page

I did enumeration using big,medium txt files none of them gave me login page

Enumerate harder the ftp

I got a test file on ftp

The page cannot be found on any dictionary

but don't know what to do with it

When you login on the ftp

It gives you a hint

Try to use passive mode

And try to change directory

ok I'll try that
thanks

Welcome

how old should the room be before someone can ask a question on it? Been stuck on a room for like 4 hours need just a little push? I can wait but it's just annyoing knowing that I cant find it :D

What room?

help bears, quite new one

Please wait a day or so

ye figured

how did someone get 240 points in that room? and everyone else is maxing out at 90

Blood points

The first person to answer a question on a challenge room gets extra points

oh cool

ty

i know it's one of the latest releases but i'm stuck on the last flag of "Help bears!" ||already got something from somewhere with a pass ||

If you're aware that it goes against rule 13, why ask?

i mean a day passed so i guess it's ok?

It was never formalised

If it’s ok then szy give hint

i can feel the end :@@@@

my hint would be ||look closer at the output||

it's prolly something simple @gilded pasture stuck there as well

🤔

Noted

omg

i was doing that @wooden mist

got it?

i was counting stuff, you know

no, but maybe yes

gonna try now

||it's related to another room||

ftw

maybe send output to clipboard directly ?

not needed lol

i'm not getting it..

BTW for the one who did that, you stole the code from somewhere.

The creator of the room?

yep

@glossy basin

it's from a challenge i did like 2 years ago

?

not to be "evil", i mean, i've enjoyed the room and i think that using other people stuff for good reasons is good

i can send the link of the challenge if you want

not to be "evil", i mean, i've enjoyed the room and i think that using other people stuff for good reasons is good
@gilded pasture It needs to be credited

We don't accept plagiarism

omg i didn't mean to create problems 😦

you didn't create them

the creator did

Considering it's one of the most downvoted rooms on the platform, I don't think you should be worrying here

it's actually from root.me?

got that?

that's it

i've done that on root.me

i really think that room shouldn't have been released

third question is getting me so pissed

It was remade multiple times too

i'm making a room

it will revenge all the players of bears

@wooden mist can you actually give me some more infos? i'm totally stuck...

uuhhh

I detected what I needed to detect

I just don't know what to do with that

||check for stuff you don't see in a normal editor||

wdym james

DM?

sure

@wooden mist already checked with vim

he thinks vim is not a normal editor oh no no no no

me saying this while being stuck on the same step haha

https://tenor.com/view/cat-no-nonono-gif-10782424

i hate cats

and now bears too, actually

Stuck on PS Empire room on Task 3 Q7 I'm pretty sure its not on my help menu pictured below

Options were renamed in the new version of empire

ah okay

ill do some research on that, thanks

There, it'd be Headers

Look for some tools for that @toxic scarab

yeah thats what i tried entering initially but the char length is too short so cant be that, will see what the equivalent is on the newer version.

yeah thats what i tried entering initially but the char length is too short so cant be that, will see what the equivalent is on the newer version.
@junior latch On the older version.

oh i have the newer version

thank you

hey, anybody know what to do with the 4 hex when finishing year of the fox room ?

@wooden mist what do i do with this nonsense now

?

bears

which nonsense

because there are multiple

||check for stuff you don't see in a normal editor||
@wooden mist

this nonsense

the initial nonsense, i guess...?

did you do 0day's room?

dont think so

:)

blargh

thanks

"vim"

uhhhh have i been bamboozled here.... i has flag but it says its wrong

@gilded pasture the room he told me to do is the best hint he could give you

which one?

did you do 0day's room?

which one?

Hello

I'm on Room Google Dorking, Task 3, Question 3. it won't take the answer I find on the site. Is it possible that the website's SEO page score has been updated ?

@oblique cliff if you get Flag: then keep going. Cyberchef.

@gilded pasture if you search hacktivities on THM theres only 1 room by 0day 🙂

why can't i downvote this room more than once? 😆

@oblique cliff if you get Flag: then keep going. Cyberchef.
yikes i have no clue what this is encoded as time to try literally every single option

oh that was quicker than i expected

@rose moat Nope, it's the same score.

@stuck fractal thanks yous

Are you using https://neilpatel.com/seo-analyzer/ ?

And is your answer format in ###/100?

@white salmon Nice got it... sorry i didnt use the format correctly. thank you so much 🙂

okay so ive been researching for the past hour+ on how to get my launcher.bat file from my kali machine to the Blue machine in regards to PS Empire room Task 4 Q5. Can someone point me in the right direction as to what will work? I dont mind researching but i just need the hint as to the method of transport please. And ive got a nt authority shell so i assume i dont need to privesc at htis point in time right?

Correct. Research certutil to download

And I assume you know how to set up a server on your kali machine?

i dont but ill find out

ive not come across certutil yet so that makes sense

how to set up python server

Yep hard to google something you don’t know exists 🙂

the one thing that frustrates me is knowing what to google

thanks for your help

Any time

@junior latch also, just since you mentioned not knowing what to google. You could’ve googled something along the lines of windows download from cmd

And the first link here https://superuser.com/questions/25538/how-to-download-files-from-command-line-in-windows-like-wget-or-curl
Gives a power shell option if you can get one, wget if it has it. Curl and certutil

yeah i remember using wget for the http server i setup in another room but ofcourse i couldnt apply that here. Ive been googling transfer from linux to windows basically

Webservers are normally a good bet

Bolt p0wned 🙂

yeah i love it, super nice, super simple

Yea from cmd the top 2 I like to use is a power shell wget and certutil

You can also set up an ftp server which I think is super nifty but idk how to access said ftp server from a Windows cmd line

ftp or smb are good options too

hello everyone

im at /jokerctf room and there is a question (#4) who tells me that there is a secret file

i tried with dirb using common+common_extensions

but i didnt have any luck

am i doing something wrong?

send a screenshot

yeah i remember using wget for the http server i setup in another room but ofcourse i couldnt apply that here. Ive been googling transfer from linux to windows basically
@junior latch For the record, if you have a powershell shell (or the machine has powershell installed), you can use Invoke-WebRequest or a network object to make a network request. Interestingly, Invoke-WebRequest is actually aliased to wget/curl, so you do need slightly different syntax, but both will work, if we're being technical 🙂

i reset the mv and now im trying with small.txt. I never finish to scan with common.txt but 1:30hs is a lot

well, i can ensure you that you can get it with common.txt

I'd use gobuster as it's multithreaded

with that many extensions it will take more time, try to think 3 or 5 of the most common extensions

okok, i will try both things. Thank you

I'd use Dirsearch as it's pretty and threaded.

Try em out, see what you like

^

Hey lads

I was wondering how long is a burp suite intruder attack meant to take?

I've been running it for like 40 minutes now and it's only like 50% done

is this normal?

It depends on how large the payload/wordlist is, and the network speed and specs of the server

Burpsuite free edition is speed throttled on purpose as well.

burpsuite pro edition is much faster, but is $$$

Or ZAP

ah, I'm trying to complete the burp suite room and the wordlist isn't that long

A alternative to bruteforcing is to try using ZAP or Hydra

is 40 minutes normal or did I do something wrong?

that sounds like you did something wrong

yikes

that sounds very possible

Double check your bruteforce request page

alright, I'll try again, hopefully it works this time

it's a common mistake to put in the tokens wrong, or possibly you have url encoding enabled and it's messing with the payload

tokens?

what are those?

Show me a screenshot of your intruder request page

the fields that you want the words to be entered in?

yea

ah

the § symbols

which is my request page? 😰

The page that you "copied" to be re-sent.

and put in the §payload§

ah, I just cleared it

though let me do it again and I can send you the screenshot then

Hey guys. I am currently working on Task 43 of the "Learn Linux" room. The task is to find a flag in /root/root.txt. I have used the command "find /root/root.txt 2>>/dev/null" And then I realized i need to actually see the contents in the file so I tried to rewrite the permissions of the file with the command "chmod 777 /root/root.txt

Can anyone give me a hint ?

And if you're bruteforcing a username/password, make sure to disable url encoding in the options for intruder as well

Can anyone give me a hint ?
@bronze solstice You can't change the permissions as you don't own it

You won't be able to read it unless you get root permissions

You'll have to figure out some way to escalate your privileges

Ok I think I know what to do now

whether it means becoming root, or possibly using some form of sudo

Alright, I'm now trying to do the sequencer part of the room but the Analyze button is greyed out

any idea why?

restart the sequencer

it does that sometimes

And/or choose the request again and send it

so just try again?

you should be able to click on the Analyze button as early as 100 requests

yeah re-do the request and restart it

nope

still not working 😫

Did you start a new live capture, and not just restart the current one?

i restarted Burp Suite

would that have started a new one?

yea

welp, no clue

imma go try google this

maybe I'll find something

sure

if not, take a screenshot of your request tab and we can work from there

Hey, I am still on Task 43 of the "Learn Linux" room where I am trying to find a way to escalate my privileges in order to find the flag within /root/root.txt. I have tried to use the command "sudoedit /root/root.txt" along with other sudo commands but it gives me the error message saying that shiba4 is not in the sudoers file

So shiba4 can't use sudo

There's more users than that on the box

Okay I tried the other users but I must of missed something

There's not just the shibas on the box

oh

Paradox's other love also features, as you may be able to tell from the pingu references

Okay thanks I will let you know what happens

im sorry. I cant figure it out why but is the second time im getting this. The image just vanish from the list and im just getting errors. I restarted the machine before to getting this

the room is still joker

idk if is normal behavior

That is a known issue with the room

It's a bug, but the creator is long gone so it's not likely to get fixed

I believe you can still complete it

oooh i didnt know

i hate not complete rooms haha

i need to do it

well i just guess the last answer

at least i get the room completed, the bug was dissapointing, it was a fun room

/room/scripting - task 2
i'm trying to just do some basic commands for now. I'm supposed to go to http://ip:3010 with my browser or with the script? I'm not getting a proper response, just a random number like .72 appears.
What do I do to get a proper response like add 900 3212 ?

I think it tells you to start on 1337?

You might have to wait until port 1337 becomes live again...
Hmm I guess wasn't really explicit tho, I'll try

There's not just the shibas on the box
@stuck fractal Hey I am still on "Task 43" in the "Learn Linux" room. I feel really dumb for not knowing what to do. Here is my progress: I googled how to find all users in linux and found/used the command " cd /etc/passwd" and found a list of a bunch of usernames. I have been trying to log into some but cannot figure out the passwords. Can you point me in the right direction again?

/etc/passwd isn't a directory so you couldn't cd into it

Look for out of place files

Is there any user in particular that seems fishy to you?

like one that you can't access? Maybe that's a clue

/etc/passwd isn't a directory so you couldn't cd into it
@stuck fractal sorry i meant "cat /etc/passwd" and Ok thanks again.

import socket, sys

if len(sys.argv) != 2:
    print("Usage: python3 socket.py [ip_address]")
    sys.exit()

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

s.connect((sys.argv[1], 1337))

try:
    message = '1'
    print('sending ' + message)
    sock.sendall(message)

    amount_received = 0

    while amount_received <= 1:
        data = sock.recv(32)
        amount_received += len(data)
        print(': ' + data)

finally:
    print("Closing...")
    s.close()

what's wrong with this code

oh

i see one thing brb

erm, can someone please help

I'm on the Burp Suite room atm

Task 11

Question 3

@wind fog Google can

Really quickly

yeah, but I wanted a hint

not the answer

The hint is use google

bruh

cool

let me try

@stuck fractal could you check that code above please? i still don't get any response

No, i can't

Is there any user in particular that seems fishy to you?
@white salmon When I use the "cat /etc/passwd, I see a long list of usernames but some have "/nologin" and the usernames shiba1-4 have a "/bin/bash" at the end. I am assuming now it is either the user noot or nootnoot Can you tell me what /bin/bash does/is?

alright

Isn't it HTTP?

You're doing socket IO, not HTTP

@bronze solstice You're on the right track. That /bin/bash part is only just to set the "default shell" for that user on startup

Okay sweet!

https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/

Ill take a look thank you!

@grand pivot I just ran through Joker with no issues.

Trying to figure out what the exact problem is, or what the bug is.

It's just the image disappearing from the list, at least that's the symptom

It didn't disappear

weird

Yeah, but it does sometimes

That's interesting.

regularly for many people

I wonder if it's an issue machine side, or because of the instructions. They left a bit to be desired on this part.

I just cruised through it quick with the only writeup I could find.

Considering the fix is "Re-deploy until it's there" I don't think it's an issue with the instructions

I think it genuinely vanishes

Is that in the room somewhere?

Nope

I'm more or less genuinely interested in troubleshooting it a bit. I like lxd privesc, and that's not something I've seen occur before (the disappearing image thing).

I bet you if I deploy one and exploit it, it won't be missing

Demonstration effect

But I can give it a go. Is it www-data? Might have to open a shell or something if I get one with the image missing

Yea, the user is www-data. I just ran it and the only issue I saw was I forgot to name the container when I started it. Went back and redid it and it worked fine.

But that spit out an error, not a disappearing image.

Ok, I'll give it a go and report back?

Sure

I can pop a terrible SSH backdoor on there for you to save you adding a revshell, if it vanishes

Sounds good

It showed up this time, nice

Vanished the second time

lame

Want to check it out?

I recommend using the SSH shell to get a rev shell or something because it doesn't resize very well

Sure, I can look quick

Just as easy to just dump a shell on the joomla service too

ssh -p 2222 10.10.104.55

Username doesn't matter, password is password

okie doke

¯_(ツ)_/¯

Yea, but did it list the image for you?

yes

That's super super weird

So it's still there

I just built them

After listing, it vanished for me

I didn't use yours.

It doesn't stop you completing the box

I ran list when I landed and didn't see anything.

But it does vanish

Spamming and nothing lost.

I'm curious to know what the difference is.

Different alpine version I guess, but I doubt that makes much difference.

It's really weird that it just vanishes IMO

Where is that image you shared from?

My terminal

As soon as I got a shell

From last year?

It says 2019

The LXC image is meant to be on the box

I took the screenshot on this instance of the box, tonight

The date at the top is the output of uname -a from the php rev shell

So kernel build date or something

I guess I didn't actually pay enough attention to think that the image was supposed to already be on the machine. Most challenges don't do that with lxd stuff from my experience. It's why I just automatically uploaded my own.

In that case, I completely agree. No image appears to exist on the machine.

But from the screenshot, it existed

And vanished in between commands

I'll write it up as ghosts for now

have 0 idea

That's a research question

Look into how to use proxychains

ei lads

can someone please help me with the Burpsuite room.

I'm on this question atm, and have followed all it's asked me to

and yet it is not showing me the answer

as decodes as a ' ', but the answer is a five letter word

oh jesus christ....

the answer was space

😫

The penny drops 😂😂

hehe

i did as said in hint still it says almost there any hints or what i'm doing wrong?

https://tryhackme.com/room/ctfcollectionvol2

flag 20

Parse through the results. What is the effective estimated entropy measured in?

in Burpsuite room

I tried 1000 but not working

I tried to perform the things in sequencer

It's asking "what's it measures in"

as the unit it's measure in @amber grail

and you have already got that I believe

yes i just got it

hahahaha

thanks!

It would be better if you can delete the answer

done 🙂

Awesome thanks

Hey there, @wind fog. Could you please change your status and server nickname, please. It's a public server that does not accept this kind of stuff. I am talking about word ||cum|| in specific. Thank you in advance. (Reason I am drawing attention to it is because you have been active in this channel recently)

Oh sorry mate

Would having the name coom be acceptable?

@glossy basin ?

Alright, If wish so

Noice

I am currently doing c4ptur3-th3-fl4g room and I'm coming for a small hint for Task 1 Question 7 : *@F DA:? >6 C:89E C@F?5 323J C:89E C@F?5 Wcf E:>6DX

I tried a lot of data format with Cyberchef and have no meaningful result. Any clue ? 😢

Maybe rot

Yay thank you james !

I'll take a look at how it works 🙂

When you get stuff like that, tends to be rot or xor

Room: Bolt
I tried doing all ports scan using rust scan but it only gave me two open ports whereas nmap gave 3 any idea why it may have happened like this?

Room: Bolt
I tried doing all ports scan using rust scan but it only gave me two open ports whereas nmap gave 3 any idea why it may have happened like this?
@arctic crystal oooof

Sorry posted in wrong channel by mistake

default settings?

Yes

Just rustscan ip

might be going a bit too hard on your OS :-( we're working on making it stable across all OS'

are you using the Docker version? :3

Not sure about that

I cloned the repo on GitHub

hahah no worries we are also going to add version numbers and stuff so we can figure this out faster xd

when did you last update?

we broke it like 4 days ago

I started using it like a week ago or so

Haven't updated since

I use it daily now thanks for creating it saves a lot of time

very sad it didn't find that 1 port :-( you may want to reduce the batch size and increase timeout while we fix these little issues."-b 2500 -t 2500". the -b will significantly sloe it down but Increase speed, the timeout means it'll wait 3 seconds before deciding a port is closed (which doesn't slow it down that much compared to batch size tbh)

thanks do much for your kind comments!!

you should join the RustScan discord too for better support.:p the link is on the README

Sure 👍

try threader

Mayor i'm looking for your stream where you discussed your rasp kali (someone said so)

Check #thm-community-media

Also I sometimes have so much I want to ask you, but can't, mainly because we are in the wrong chat and you don't like being tagged

It was yesterday. 🙂

Thanks

You can @ me in General if you'd like.

Thanks ❤️

I'm working on the room "Common Linux Privesc", and I'm stuck at the last part of task six where it asks me to add an entry to the file /etc/passwd. I'm using the command "echo new:passwordhash:0:0:root:/root:/bin/bash >> /etc/passwd", which is appending this information to the bottom of the passwd file, but after I do this I can't "su" switch to the "new" user that I created because I keep getting a password authentication error. Can someone help me figure out what I'm doing wrong here?

$ is a special character in bash

Used to denote variables

The hint tells you to escape those characters

Oh, do I have to do that in my echo command with ?

I'd just put the whole thing in single quotes so bash doesn't mess with it

*

• is not used to escape things

Hmm, can't backslash here

• is a wildcard

Wat

Yes you can. But ok.

I wanted to type a backslash

\

oh, what the hell

I'd just put the whole thing in single quotes so bash doesn't mess with it

Alright, I'll go try that. Thank you!

@arctic crystal heya , make sure you wait like 3-4 minutes for all the services to start properly, this might be the reason that rust scan missed it

I tried once 5 min after machine started and again after 15 min

@stuck fractal It worked like a charm. I was trying to "escape $" while trying to 'su' switch, which was obviously wrong now that I think about it. I appreciate your help!

Also you don't use the hash to log in

You use the password

Yeah, I was doing that. I figured the hash was just for the machine and not for me.

There's a room all about hashing

I'm currently working my way through the linux basics rooms. I'm going to take a look at that hash room later after I complete these ones.

hi

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done
  @untold cairn just ask if you have a question 🙂

i did as said in hint still it says almost there any hints or what i'm doing wrong?
@eternal brook anyone? flag21 https://tryhackme.com/room/ctfcollectionvol2

That comment looks interesting to me

that's for flag 17 i think i got that....

stuck at flag 20 it says almost there

dont know what else to try in my request....

Hello, I am having trouble answering question #8 in Task 4 in Network Services room.

I don't understand how I can connect using ssh to the administrator account

I got the RSA key but I don't know how I am supposed to use it to connect to the server

please can you give me a hint on how I could connect to the server having this in hand ?

@eager folio google ssh with rsa key

I already did that but I really don't understand

what have you found and tried?

I found pages explaining how to configurate a server so you have to use a key to login

I just found that you can use -i with ssh command

You don't have to configure one right now. You just have to take advantage of it and login