#room-hints

Henlo

hello, i am very noob. i am poking around in metasploit for the first time. anyone got a hint for me as to what kiwi command will show me the privileges of the current user im logged in as?

Hey polite, have you looked at the help yet ?

oh, true. 😄

Guys i need help in OWASP juice shop Room. I've completed the task but i wanna know how the creator knew that we need to insert True-Client-IP
header only.. ? How'd he got the name(value)?

It worked but I have no clue what the solutions is

Can someone help me?

What worked

You should see a flag once you complete this challenge

Make sure you did it right

Hello I'm stuck in OWASP juice shom room. In Task 6 Question 1. I log with admin@juice-sh.op but I can't navigate to Administration page. I don't know how I'm gonna do.

Wait, wdym by can't navigate?

machineip/administrator and something like that navigate to index page

It's wrong, I think. Brb
Ohh, guess it.

machineip/administrator and something like that navigate to index page
@swift hatch that isn't just <IP>/administrator

But it works aswell
aaaa it updated

I can't get any result with <IP>/score-board/ either just blank

I can't get any result with <IP>/score-board/ either just blank
@swift hatch it contains something in between <IP>/<something here>/score-board

Close the tab, enter the ip.
And only append the subdirectory

Nope can't see score-board

I'll try on web machine

Nope can't see score-board
@swift hatch can't quite remember but i guess it was ||<IP>/#/score-board||

||or with #||

||with #||
@gaunt herald yes It's worked! thx. I'm just gonna ask why we use only that operator?

¯\_(T_T)_/¯

(sad)

cuz if you navigate around, you'll see that it gets slapped on every URL

Where in the URL I have to place A Poison Null byte %00?

I need it to download specific .bak file

mr. robot room, I've found the username, tried to brute force it with fsocity.dic list but after 1+h it didn't found it, I read somewhere if the brute force is taking longer than 10 mins on THM I'm doing something wrong, any hints?

mr. robot room, I've found the username, tried to brute force it with fsocity.dic list but after 1+h it didn't found it, I read somewhere if the brute force is taking longer than 10 mins on THM I'm doing something wrong, any hints?
@pearl ridge You might wanna check the dictionary list for duplicates words

@pearl ridge You might wanna check the dictionary list for duplicates words
@orchid fossil Tx

i need help in Upload Vulnerabilities room in task 11, i think i do everything well and upload the reverse shell but i can't execute it.

Guys any hints on how to leverage JS and HTML injection for gaining a foot hold ?

Room?

hola, I'm stuck on the room steel mountain.. more specifically, i can't get a meterpreter session going. anyone know what i'm missing?

Sometimes the metasploit version doesn’t work. Try it manually

and sometimes you have to tweak the payload

thanks. im reading into how to manually run exploits right now. i managed to get a session running once with the settings (same payload), but i got an error saying "session died"

if you look at manual exploit or a different payload (not meterpreter, but reverse_tcp), it may work

you mean windows/shell/reverse_tcp? thanks for your efforts 🙂 sorry for being a bit thick, its literally my first day on msf

You can’t catch a staged payload with netcat

Use stageless if you’re doing the manual method

Oh you’re talking about the msf payload. Yea try that

in the screenshot i posted, why is the "using URL" field specified as 0.0.0.0:8080 when 8 lines higher ive set rhosts as 10.10.209.215? is that an error?

That's SRVHOST

Not LHOST

OWASP top 10 day 8 remote code execution
Could someone tell me what i did wrong? i edited my IP on the RCE.py and ran it via python 3, i have had netcat listening on all with nc -lvnp 4444, i edited the encoded payload text to the output of the RCE.py and i refreshed and tried navigating to other pages but NC hasnt picked anything up

i referred to the write ups on medium but it only gave me the answer no steps so i wanna be sure i did correct

@white salmon put your vpn ip

i already terminated the VM and just got the answer online, i went back through a few others and i did hte steps correctly it was just being weird, thank you though

Hello, just a general question, i finish john the ripper section on the room CC: Pen Testing, but i was wondering how come in order to crack both hashes [MD5, SHA1] i had to specify --format=raw-MD5 ? i thought MD5 will do but kept getting an error until had to look for other examples online, I didn't see anything about "raw" on the help menu for john, is there a place where i can check all the formats types?

The help dialog for john tells you how to list formats

Too quick James, about to say that

Raw-md5 or raw-sha1 etc just means not salted and no crypt style hashes. Just the algorithm on it's own applies to the input

oh alright, i'll chek that again, thanks

oh i was suppose to do --list=formats , got it, thanks

hello everyone! so im at the OWASP-Juice-Shop room at Task3[q#1]
i seccesfuly looged into the admin accoount , i dont undersand what kind of answer they are excepting , may i get a hint?

"Question #1: Log into the administrator account!" , i did , but i see no flags lol

you should get a flag

I'm doing the "agent sudo" room and I found the name and password for the ssh
the password I found isn't working and I keep getting "Permission denied, please try again."
am I missing something?

If it says permission denied then you're probably using wrong creds

What SSH user are you logging in with?

yes re-read the the letter again

I'm kind of a noob at the subject so not sure wat you mean but I'm using the command line on a linux machine

the letter says XYZ, here is your password, signed ABC... make sure you are signing in with username XYZ (not literally XYZ, check the letter)

Can you send ss of your command

SSH command

the letter says XYZ, here is your password, signed ABC... make sure you are signing in with username XYZ (not literally XYZ, check the letter)
@timid hollow I verified at the username and password at previous so that's why I don't get it

Can you send ss of your command
@eternal brook yea just a sec

does the username start with c or j?

ahh

ok so right user, and what does the password start /end with?

starts with h ends with s

make sure it ends with !

Ok you can delete that as now you have the right user

Ss

You are using wrong pass...

but this is the pass I got from the zip

you are missing a letter

what other pass do I have

at the end

(or character)

oh really?

wait let me check

You found ||message.txt||?

yes I did\

oh now I get it

lol

Well it shouldn't be a problem then to login

I was sure it was just part of the meg not the actual password

thanks!!!

you should get a flag
@white salmon where ? i got nothing over here

what directory are you in? there is no user.txt or root.txt?

Hey guys,in the Dogcat room in the last challenge I figured out I'm in a docker container but when I call the docker command to exit It says 'docker: not found'. Help plz

I have a question on Network Services 2? On Task 9 Question #2: "What is the name of the monitor we're welcomed to?" When i login as root (mysql client), the shown message ist only 5 characters long. The anwser indicates a answer with 7 characters. What am I doing wrong?

what directory are you in? there is no user.txt or root.txt?
@timid hollow after entring as administrator of owasp , (on the web app) there is no flag i can notice ,
may i pm you with a screen shot?

you can post a screen shot here, don't pm me

@white salmon it should be a name of a db?

alright in 2 m im loading the machine back

omg

now its there

it wasnt there b4

im good thanks man

@white salmon weird! mine was ||MariaDB||

ok, thx :)

strange

hello

english isnt my first language

what do they mean by this How do you specify which shell is used when you login?

Specifically for su

ive done most of the other stuff but i cant understand this one

maybe im just being stupid

su <user>?

well you could just do ls and see what shell you are in

ls shows the files in the current directory

ye

it's asking specifically

for su, how do you specify what shell to use

idk man im tired

Do you know what a shell is?

ye

Ok, so read the manual

sorry man im just tired and drunk

lol

thanks tho

we are not allowed to post answers 🙂 (not enforcing anything)

alright

i am stuck with opening ghidra

pls can help me someone

#general

ok

What is the value of the home environment variable

what does this mean

?

Do you know what an environment variable is?

nope

the stuff set by the computer?

nope
@white salmon Ok, so now you know what you need to find out

type into google something like linux what is an environment variable

Or read back to the $ task

Preferably both

so im allowed to use google for answers?

it wont be considered cheating?

It's roughly 90% of IT and infosec

You need to do your own research

Don't google for answers to the room specifically, but do google the topics

There is no cheating in this arena. Use whatever helps you learn and understand the concepts.

I dont get this. Can someone give me a hint?

In terms of rust

Ok got it

So i'm at talk 14, which is
How would you output twenty to a file called test

NVM

im dumb

i made the wrong file

thanks still

@nocturne bane you should delete the answer if it worked :)

done

need help with priv esc in Koth Food CTF, i got all user creds, and now am trying to get root, from Linpeas i know its ||Screenroot exploit|| which i transferred in the system, when i run it gives ||/bin/bash^M: bad interpreter:|| error, anyone know whatsup with this

am running it as user ||pasta||

If you're on Kali, you can use dos2linux to fix the script file

but i dont see anything wrong with it

lmao

^M is the carriage return

well i got root using other method but i still cant find all the flags, i got 6

guess i gotta enumerate a bit more

Hey friends, has enough time passed to discuss 'For Business Reasons'?

Can we discuss one piece?

@rapid flower DM me

hello

any write-up for Scripting - [Task 3] [Hard] Encrypted Server Chit Chat

Hello , on room cc: pentesting, on the final exam, did anyone else experience the dir /secret/ completely blank?

is that on purpose?

oh nvm, had to adjust my scan 🙂

is anybody have a problem with Network Services 2 room in task 8 Q4 ??

can i dm you? @open storm

Be my guest @atomic shuttle

hydra is going to take up to 60 hours to go through a password list Is this normal?

How big is the password list?

800.000

is for mr robot room

Yeah i thought it would be

Did you look at the contents of the list?

nope

Look at the list. See if it could be shortened a little. Look into grep for more info

okay thanks for the tip

Damo, can you help me in #room-help ? 😛

grep will just help to see content that is. then you need to work out from there how to modify it accordingly lol

okay thanks

Cant help you sorry unreal. I havent started internal yet

It's more with the hydra command @ashen matrix

Anyone discuss about one piece ?

Im open to DM @sick sun

oke Bro @open storm

Ihave a problem with the Room ZTH obsure web vulns task 6

i used tplmap to cat the flag but get no output

can't do any commands in the shell either stays in the /root

Hi. In the Learn Linux room, how do you determine what value MACHINE_IP holds?

what section and question

Task 4: Putty and ssh. It doesn't indicate a dotted octet to use for the IP Address.

the ip address of your machine

which you deployes in the beginning

My machine? I'm going to ssh into my own machine?

OK. I'll try that. Thanks, RickyD!

Who wants to give me a small nudge on internal.

literally a tiny one, I've got SSH, and I can see another service.. but I'm not sure how to go about accessing it

SSH port forwarding?

See, that's what I was trying to do, I'm gonna read more into it

My notes are poor for that room but I'm sure I was able to forward that port back to Kali and access the service that way

yeah, that's what I'm thinking of doing.

Good luck! I've also used Chisel a few times for Windows or where SSH isn't available. That could work too

Thanks!

I'm doing a room where I need to find a hidden file in a folder. I'm going to use Gobuster to find this file using -x (extension) But this hidden file can have like millions of different extension. Are there any txt file-list I can use to guess what extension the hidden file has ?

Spookie would you be able to explain better? Including rooms and what you think you're looking for.

Spookie would you be able to explain better? Including rooms and what you think you're looking for.
@trim haven It is in room "CC Pentesting" Task 24. I need to find the hidden file, but don't know what extension it has. I found it in my first guess (txt) but it could also have the extension php, html, bat...anything.

Just do them all

at the same time

Yes 🙂 But it would be nice if there was at ftxt file with all the extensions a file could have. Like there is txt files with names of folders. I tried to search for a list of extensions but could not find one.

I believe one comes with gobuster?

But you can also google them

https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/raft-large-extensions.txt

Boom

Thanks 🙂

Can someone help me with task 18 in the zth obscure web vulns room?
Don't get how he changed the jwt token so i'm stuck

my token disappears when i change him on jwt.io

i have to do this last one Find all files in the /usr/bin directory (recursive) that are owned by root and have at least the SUID permission (use symbolic format)

but i cant figure it out

whats suid

Google it :D

https://linuxhandbook.com/suid-sgid-sticky-bit/

found this

but its useless

wait

this is wrong link

and this is useful

nvm

ty

@trim haven Can someone help me with task 18 in the zth obscure web vulns room?
Don't get how he changed the jwt token so i'm stuck(edited)
[3:27 PM]
my token disappears when i change him on jwt.io

Sorry I didn't do the room 🤷‍♂️

https://www.youtube.com/watch?v=DF1-XRUo6OE @white salmon

okay jabbahood

@white salmon Sorry for pinnging you again but if you're still stuck after the video I can try and explain :3

find / usr/bin -type f -perm root -wrxr -rxr

?

I believe it is find / -perm -4000 2>/dev/null

or find / -perm /4000 2>/dev/null

i just dont know the last stuff

i got find / usr/bin -type f -perm u=rw

then theres more stuff tho

Trying the "Simple CTF" room and am trying to do the attack below - Why am i getting that error message? 😧
python 46635.py -u http://10.10.33.81/simple/ --crack -w rockyou.txt
File "46635.py", line 25
print "[+] Specify an url target"
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?

youre calling it with python3

you need to call it with python2

First time trying this, so am going to read up on python2 vs. python3 (clueless atm). Thank for pointing me in the right direction! 🙂

np

If anyone is stuck in One Piece room (mostly Task2 Q2), feel free to DM

find /usr/bin -type -f -user root -perm

find /usr/bin -type f -user root -perm -rswr

@trim haven help me with the last letters

what will go there

Are you looking for suid?

yes

find /usr/bin -type f -user root -perm -4000

it has to be in symbolic format

Does it?

yes

What room is this

find

#7

this is my last question ive completed everything ahead and before

find /usr/bin -type f -user root -perm rwsr?

Room link?

I'm lazy lmfao

https://tryhackme.com/room/thefindcommand

thanks ahah

Oh for that one there isn't "symbols"

And I'd love to just give you the answer but I can't

So i'll help you get it

got it

thanks

🙂

Oh you got it lmao

Awesome sauce

did it just in time for 16:00

like my goal was

damn

that one was hard

that one question

I'm proud

spend 60 mins

everything else took 3 mins

or 1 min

Yeah we all get stuck on those super annoying questions

curl -b flagpls=flagpls 10.10.98.115:8081 should set the flag so I can retrieve it, right?

Need hint on finding backup dir on joker ❤️

This is HTTP essentials room

which task?

curl -b flagpls=flagpls 10.10.98.115:8081 should set the flag so I can retrieve it, right?
@stone oyster have you tried putting It between quotes?

single quote

I tried the double quote and it gave me a readout of the site with no mention of cookies.

Wrong path

I've tried to look up the error message: Your cookies wasn't named correctly or an error occurred.

Read the task again

I'm reading.

hi im doing 'network services 2' and ive completed the room, bar one of the preliminary questions...#4 in Understanding mysql, there's no hint, and it doesn't say to consult further resources, but nothing i enter seems to work....is there someone out there who i can dm to tell them what ive tried?

I've tried to look up the error message: Your cookies wasn't named correctly or an error occurred.
@stone oyster That means your command is different to what you showed us.

Ok. I reread and I thought I had found the answer so I tried and still...

Am I correct in understanding that I have to go to the 10.10. page and set a cookie in the devtools?

Or use curl

right curl -b "flagpls=flagpls" 10.10.98.115:8081

That just displays the page contents with no mention of a cookie.

So either that's wrong or it's not working.

That's wrong

You're performing a GET request on / on 10.10.98.115:8081

Which is not what you're told to do

and that's not what I as the user am trying to do. So my syntax is messed up.

Remember, it does exactly as you tell it

Do you know how to speak Hindi?

No

But you're telling it to request the page on /

You'd have to learn the syntax. I'm trying.

So it's requesting the page on /

how is the -b running GET?

because GET is the default?

-b doesn't do anything other than specify a cookie.

So I need to -X with a differnt verb

like -X POST ?

The task tells you the type of request

And where you need to make that request to

because it's not /

yeah. Gotcha

You don't need to learn the syntax here

You just need to send the right stuff to the right place

yeh

Just to be sure....i need the /ctf/sendcookie at the end of the ip, right?

THat's what the lesson says to use

Can anyone help me out on Tartarus's privilege escalation ?

what have you tried?

I have escalated to d4rckh through thirytwo user from git but can't seem to do anything with d4rchk user because it asks for his password when I do sudo -l

I have tried gdb with d4rchk but it was meant for thritytwo to escalate to d4rchk xD

Maybe look around for some files?

there are many ways of escalating privileges aside from sudo, try to look for SUID files or cron jobs

these are the most common in tryhackme rooms

Yeah got root with clean.py it was ruuning as cron job

hi how do i crack a bcrypt hash?

i dont even think its possible to crack a bcrypt hash man

hashcat has an option to do it

it's much slower but possible

where is rockyou hidden?

?

nvm

sorry

lol

What is a common application of MySQL? from Network Services 2

any hint guys ?

Google what you think the answer is to find another way to say it

Google says nothing

You googled what you think the answer is?

Sometimes in tech, there are multiple ways to say something. The room shows one version, the answer is another

I have tried almost everything..its 16 charactor

So what do you think the answer is based on the paragraph in the question?

answer format is weird ...i cant get any application name that uses MYSQL

Ok but what do think the answer is?

i thought Microsoft SQL Server

but my answer format is not liking it

Read the paragraph is, it’s asking what application commonly uses MySQL

(And MS SQL server and MySQL are not the same)

hmm i dont know..may be I cant frame this question well

Read above the text where it says What Runs MySQL

The exact text is not there but you can google what you think the answer based on that paragraph

sure let me see what can i find it

opps couldn't find anything @timid hollow

So based on that paragraph, what do you think the answer might be?

MySQL can run on various platforms, whether it's Linux or windows. It is commonly used as a backend database for many prominent websites and forms an essential component of the LAMP stack, which includes: Linux, Apache, MySQL, and PHP.

It should be somewhre there

Ok so what is a common use of MySQL?

database management

or storing database

Well it is a database

But what is it commonly used as?

backend database

Ok try to google that and see if there is another way to type it

yeah

And try that as an answer

plz give me some more hint . @timid hollow

i have almost completed the room except this question

What did you google?

mysql common use , backend database mysql, mysql application use

But based on the format of the answer, is it 2 words or 3?

2 word

8 charctor each

Ok so what 2 words might make sense as the answer (ignore 8 characters for the moment)

i think 1 is database i need to find the other one

You said it earlier

What type of database?

backend

Ok so what 2 words might you google?

backend datbase type?

And may find a version which has 2 8 character words

2 words

Basically there is another way you can express one of those words

yeah i m trying and thank you for bearing with me @timid hollow

Still negative @timid hollow

So what 2 words did you google?

i ll probably have to try some other time

I tried for backend MYSQL

MSSQL type but i dont see any 8 charctor word

Ok, just remember to just glance the google search results for other ways to say something

And MySQL should not be in your search, it should be what makes sense as the answer

i dont give up easily but will try this question soon

yeah I am not very good at it

Just remember what is MySQL commonly used as 🙂

i m beginner so will take time..

sure i m tricked with the way its framed 😄

but thank you so much @timid hollow

i really appreciate you time and patience

i ll start another room now lol

How do I find the Shiba4 file on the Linux Walk Through room?

I tried find / shiba4 as shiba3 but no files.

That won't work

Any hints please 🙂

You need to specify a user

You might want to look at the find manual

But i thought i was looking for a binary file not a user file?

Oh are you looking for a file called shiba4?

Yes I think so.

In that case you need to specify the name of the file

To run the binary and get their pass

I also tried find / shiba4.bin

Still nothing

currently the find command is just doing find / because it doesn't know what shiba4 is

You need to tell it shiba4 is the file you're looking for

It's looking for all files in / and in /shiba4

I knew that I was testing you James 😄

Well technically in / and ./shiba4

so find <directory> <what im searching for>

Including flags

for example -exec will allow you to execute commands but you need to specify it before executing said commands.

-exec is a flag

Using the manual you can find out which flags does what

Ahh okay, so do I use the .name flag? But then I get permission denied.

-name*

So in order to filter out the permission denied errors you use 2>/dev/null at the end of your command

Now come flag and options I can follow but what did I just run.... can you explain that?

Thanks btw

2>/dev/null

2 - errors

> - you will learn about in the room

/dev/null - "special" file

Jabba

Jabbaaaaaa

Not a directory

OH

Sorry Ninja Skills has literally drained me

So your just outputting the perms denied to a file rather than displaying them?

/dev/null is a special place to write to

Basically throws it away

Okay thanks for that 🙂

Automatic recycling bin

Trying the "Simple CTF" room and am trying to do the attack below - Why am i getting that error message?
python 46635.py -u http://10.10.33.81/simple/ --crack -w rockyou.txt
File "46635.py", line 25
print "[+] Specify an url target"
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?

Tried calling it with python2 instead but no dice. Any chance of a small push in the right direction here? 😬

How are you calling it with python2?

Because it’s still calling with python3

haha damn, i just read that you could call it by changing the "python 46635.py" to "python2 46635.py"

if a box is vulnerable to Unquoted Service Path but you dont have permission to delete the .exe or start the service, you arent able to use it right?

Deleting the exe is not exploiting the unquoted service path

i mean delete and replace with a shell .exe and restart the service

Yes, that's not exploiting an unquoted service path

ok lemme rephrase, if you dont have permission to start/stop the service you cant use it to privesc?

No you can’t. That’s very different than not being able to overwrite the exe

I think you can reboot and do it that way? @oblique cliff

i was going based on what i learned in windows privesc arena. ty

Reboot what, the box?

If mayor's reading, I'm sure Mayor can solve that

Reboot what, the box?
@oblique cliff yee

Uh yea I guess that’d work I’m not completely sure tbh

If mayor's reading, I'm sure Mayor can solve that
@stuck fractal how did u know i was talking about ||relevant|| lol

No I'm just saying Mayor knows what he's doing a lot better than we do

Especially when it comes to Windows

I'm in Simple CTF Room. How long does the python exploit run?

I'm pretty sure I run the write command but it's still running for 20 mins

What who what?

Ok. Caught up.

As Ninja said, binary hijacking is not exploiting unquoted service paths. The Steel Mountain room (I presume this is what it's about since I'm not aware of any other USP's on the platform), has an unquoted service path, but also a misconfigured file directory that allows you to modify/delete/replace the binary.

"SomeExecutable.exe" should typically not be modifiable in these challenges as it negates the purpose of teaching and executing USP's.

Ninja is also correct that a reboot can remedy the inability to stop/start the process.

❤️ Thanks for clearing that up Mayor!

Ninja is also correct that a reboot can remedy the inability to stop/start the process.
@patent token thank you, ill try this. it was actually about relevant, ||Invoke-AllChecks returned that AWSLiteAgent was vulnerable to USP||

Most lab machines will return that based on how AWS is installed on the clients. It likely isn’t exploitable.

Anybody in here have any experience with Linux Challanges CTF Flag32?

@patent token Your boxes are great. ❤️

Thank you! 🙂

I really enjoyed internal.

I'm so glad to hear that.

There was another box, but I don't remember which, I think it was also part of the offensive pentest.

Relevant and Gatekeeper are my other two.

Relevant was it!

I haven't done gatekeeper yet.

If you liked Relevant and Internal you'll like it too.

That's exciting!

anyone?

Yes sure go on post your question

Along with what you tried to do, what error you got and some screenshots maybe too...

Hey, check your language. Its not appropriate. Stay calm, if someone know answer to your question they'll answer you.

thanks for nothing

If anyone struggles with the One Piece room, feel free to DM

Hello

for the crackthehash room question4 will i have to use a password list with the bcrypt thing

You did for all the others

but do you have to ?

Have to? No. But the alternative is pure brute force which is horrifically slow.

how would i run the command in hashcat

What

hashcat -m 1800 hashfile.txt /home/wherethefileis

is that correct ?

Time for you to do some research

it works

when i do it

just asking if its correct

because i get a error for my nvidia gpu

Are you working in a virtual machine?

no

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
CUDA API (CUDA 11.0)
====================
* Device #1: GeForce GTX 1660 SUPER, 5603/5942 MB, 22MCU

OpenCL API (OpenCL 1.2 CUDA 11.0.228) - Platform #1 [NVIDIA Corporation]
========================================================================
* Device #2: GeForce GTX 1660 SUPER, skipped

Then you need to jnstall drivers.

i did

any others you recommend to install?

I recommend you follow hashcat's guide. And that's a very incomplete message because it doesn't show why it's skipped which you would have been told.

i did

Hey i stuck in Rick and Morty Room

I'm searching for a private key and I found this

Vm1wR1UxTnRWa2RUV0d4VFlrZFNjRlV3V2t0alJsWnlWbXQwVkUxV1duaFZNakExVkcxS1NHVkliRmhoTVhCb1ZsWmFWMVpWTVVWaGVqQT0==

For me it looks like base64 decoded because of the equal equal ending, but i cannot decode it

Have you tried decoding it other than base64?

No, I was in the writeup and I think my try is a dead end

there is a video attached to the room which can help you

or this walkthrough helped me https://github.com/ComputerCrash0/PickleRick/blob/master/PickleRick.md

I finished the room now with a reverse shell i get into the host

but i ll have a look at the video

thank you 🙂

I know it's a long shot, but can anyone help me out with "For business reasons" foothold? I want to confirm if I'm headed for a rabbit hole.

I'm not too sure if MsMouse wants hints yet when writeups come out then you may be able to ask

Oh.. my bad

I'm not a mod so don't take what I say as law, but in this room I dont think sharing walkthroughs and telling other people the answers is what hints are about. Could all that convo be moved to room-help so I dont accidentally get spoiled when I want to post or search in here for other people asking for hints?

If in wrong please do let me know

This channel us meant before to be usef before you consult writeups, for hints.

Neither channel should be used to provide answers.

@ashen matrix I was just stating that they need to wait until the writeups are published or until the room creator says that hints are allowed as James said we don’t give answers and I never said they should follow the writeups are said they should wait for them to be out so they know when they can ask fir hints

@astral smelt That wasnt in any relation to your comments

Kinda felt like it

I don't believe this is the room for this line of talk but for clarity you actually supplied a hint about the base64 and then suggested they wait for write ups before assistance, which i think it right.

This is in relation to someone posting links to writeups as well as over the past few days just reading people giving the answers out in here. I don't see anyone stopping them either as they aren't hints, they are answers.

I won't be saying anymore over this topic, I was just asking in future if people could refrain from just giving out answers and links to writeups as I do like to use this room for assistance when I need it

Maybe I am just selfish tho

I was saying that when writeups come out they are allowed to ask for hints I never said they had to check the writeups as rule 13 no help is allowed on new rooms until the creator says so or until writeups are uploaded and if people give links to writeups for others and you don’t want to see it then don’t click on it

And I said my comment was in no relation to what you said, so please stop taking it personally when it wasn't directed at you

It felt like it I was just stating that it felt that way because to me it seemed like you was

And I said I wasn't.

Ok maybe it might be better to rephrase the way you say things so it doesn’t look like you’re relating to someone’s comment because that caused me confusion and mislead me to think that is what you were talking about

I have nothing further to add. I told you that it wasn't directed at you. You can accept it or not.

Yea i know I was just stating it felt that way and I said ok

did anyone used the base64 prize in "year of the fox room" or the some information in the other files?

Any assistance on Snowball... initial foothold? I have enumerated my but off and tried searched for service exploits to no avail .

Use a bigger wordlists

@oblique cliff TY

Np

Hi there, in the room Attacktive Directory I have a problem while using Impacket script

kali@kali:~/Downloads$ python3 GetUserSPNs.py -dc-ip 10.10.235.50  spookysec.local/svc-admin -no-pass
Impacket v0.9.22.dev1+20200921.175010.84c8d6a7 - Copyright 2020 SecureAuth Corporation

[-] Error in bindRequest -> invalidCredentials: 8009030C: LdapErr: DSID-0C090690, comment: AcceptSecurityContext error, data 52e, v4563

My syntax is wrong or the installation of impacket is incorrect ?

Hallo guys, i just wanna ask, why this exploit cannot run? Blue Challenge, i set my lhost = tun0 and rhosts is machine.

You're using msf6

It's unstable you'll have to downgrade

oh okey

how to downgrade this msf?

I'm not exactly sure you'll have to search it up

https://github.com/rapid7/metasploit-framework/releases/tag/5.0.101

why msf6 cant exploit this machine?

msf6 is kinda broken so it is recommended to use msf5.

Is there more to the Network Services room? I found atleast one other flag hidden in a secret spot.

Hi Guys I'm doing the room blaster. I'm just wondering if there's an issue. The browser history (pertinent to Task 3) appears to be missing. If this is part of the room challenge apologies, but i have a feeling its a mistake?

Yea they're is if you check the pins in #room-help it will tell you what you need to do

Ok Thanks @astral smelt

I'm not exactly sure you'll have to search it up
@astral smelt have you tried to change reverse_tcp payload to bind shell? msf6 can solve this for sure

Msf6 doesn’t work

If you want to troubleshoot

Then take it somewhere else lmfao

I dont have access to cat and more

To get a file content

Room : pickle rick

Okay so

The way I did it was using bash scripting. I created a very small line of code which would echo out all the lines of code.

Okey ty i will try

Hey guys, any help with this? I need to move meterpreter to another proccess but I'm getting following errors ```meterpreter > migrate 1260
[-] Error running command migrate: NoMethodError undefined method `pid' for nil:NilClass
meterpreter > migrate -N spoolsv.exe
[-] Error running command migrate: Rex::TimeoutError Operation timed out.

After some time it just kills my session, sometimes it works when I open a new one

Did you elevate privileges?

Where abouts on the room are you?

Did you elevate privileges?
@trim haven I did, and I succesfully moved to another process, to continue I need to use kiwi, but sometimes that fails also and it again terminates my session. The room is Ice

Right now I got this

[*] Migrating from 2308 to 1260...
[*] Migration completed successfully.
meterpreter > use kiwi
Loading extension kiwi...
  .#####.   mimikatz 2.2.0 20191125 (x64/windows)
 .## ^ ##.  "A La Vie, A L'Amour" - (oe.eo)
 ## / \ ##  /*** Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com )
 ## \ / ##       > http://blog.gentilkiwi.com/mimikatz
 '## v ##'        Vincent LE TOUX            ( vincent.letoux@gmail.com )
  '#####'         > http://pingcastle.com / http://mysmartlogon.com  ***/

Success.
meterpreter > kiwi_cmd 
[-] Error running command kiwi_cmd: Rex::TimeoutError Operation timed out.
meterpreter > kiwi_cmd 

[*] 10.10.25.124 - Meterpreter session 5 closed.  Reason: Died
[-] Error running command kiwi_cmd: Rex::TimeoutError Operation timed out.

Anyone knows the reason for this, is it maybe because of me or?

Probably AV?

Oh, ice.

Probably VPN issues then

I'm connected, I also rebooted my laptop and connected again

and redeployed the room

Also, while using windows/local/bypassuac_eventvwr as descibed in the room, it opens 2 sessions for me( sorry for this much questions, I'm a begginer 😄 ), is this something that should happen?

Show us?

Show us?
@stuck fractal What exactly?

it opens 2 sessions for me

Does it say session 2 opened?

Or what?

msf5 exploit(windows/local/bypassuac_eventvwr) > run

[*] Started reverse TCP handler on 10.9.154.22:4444 
[*] Sending stage (176195 bytes) to 10.10.25.124
[*] Meterpreter session 6 opened (10.9.154.22:4444 -> 10.10.25.124:49190) at 2020-09-23 11:43:24 -0400
[*] Sending stage (176195 bytes) to 10.10.25.124
[*] Meterpreter session 7 opened (10.9.154.22:4444 -> 10.10.25.124:49195) at 2020-09-23 11:43:27 -0400
[-] Exploit failed [user-interrupt]: Rex::TimeoutError Operation timed out.
[-] run: Interrupted
msf5 exploit(windows/local/bypassuac_eventvwr) > sessions -i 6
[*] Starting interaction with 6...

The timeouts are a problem

They're going to cause issues

Maybe it is some vpn issue, right now I see that I cannot ping the mashcine

!vpnscript

It seems that this could be the issue, I had open VPN connection on my other maschine, maybe it's some kind of a conflict, I shut down the other maschine and reconnected on the one I'm using right now, the ping to the room machine works fine now, I will try to continue. Tx for help. Edit: everything works fine 🙂

hey guys can anybody help me with the jacob the boss room?

i got a shell but it is not responding...

Hey @mighty quail

Can you elaborate

hey

can i dm u?

Sure ?

thank you @final mortar

No Problem 🙂

What is a common application of MySQL?

I am stuck with this question sombody plz help

Have you googled it?

Yes but didn't find anything

I don't believe you.

i have almost completed this room just stuck on this question..so you can imagine how many times i have googled it

the way this question is framed..it seems weird to me

You've probably seen the answer many times then.

And you're just missing a hyphen in your answer.

ohh seriously GOD help me

IDK what i m missing

I can't give you answers. And that seems to be what you're asking for at this point. I've given you a fairly glaring hint.

the answer has 2 words 8 characters ech

i have spent 2 days on it..

i have been on this room hits section a day before but got nothing but hint

You're not going to get anything but hints or help. People are not allowed to give out answers.

is it a common question that people stuck on ..or i m that stupid

lolz

i m left with no options

I ll wait for the walk through or write up may b thanks for your time @stuck fractal

They won't have answers in @lapis granite

Writeups are not allowed to contain answers, flags, or passwords

Yeah but they do sometime..people are helpful that they try pretend to be

Writeups are still not allowed to contain answers, flags, or passwords.

mysql is a ____ ____

fits the 8-char

last one is database I believe

I m missing the first one

And you're just missing a hyphen in your answer.
@stuck fractal

now answer format has changes

it was 16 char before

now 4 3 and 8

this room is playing with me 😛

@stuck fractal

Why ping me?

jus wanted to check if answer is 15 char long or as per the SS

16**

Why not just ask that generically rather than tagging me specifically without actually asking a question?

never mind

Hiya. kinda nooby here 😅 ...Im currently doing the Intro to Django room and Im on the last question of finding the hidden key. The hint asks if ive seen any identical files. Im not too sure where else to look...Ive looked in every directory inside of the target machine that i am currently ssh'd into. any hints?

Hiya. kinda nooby here 😅 ...Im currently doing the Intro to Django room and Im on the last question of finding the hidden key. The hint asks if ive seen any identical files. Im not too sure where else to look...Ive looked in every directory inside of the target machine that i am currently ssh'd into. any hints?
@inner matrix you can use grep recursevely through the children of your directory to look for some text

@woven mirage I'm stuck on the same thing currently.

Which thing? And why ping me? Lol

Finding the last hidden key on the django. I saw you were stuck on this and I'm currently stuck on it.

It's in the text for the task @deep crypt

@inner matrix you can use grep recursevely through the children of your directory to look for some text
@weary oxide

I found it shortly after I asked. What’s funny is I looked at the file manually earlier and just missed it

@stuck fractal are you awake?

Hi guys Please help me in ra room

How to install spark in Kali linux

https://www.tutorialspoint.com/apache_spark/apache_spark_installation.htm

This is spark ????? or other software....

I mean

I’d be able to tell you if I could see the image

Try taking a screenshot

@trim haven

That’s not correct I don’t think

this is a walkthrough for ra room

in that this software is using..... i don't know what is that....

Well that seems to be an instant messenger

?????

help, shouldn't it just be prefix + : ?

@woven token simply check the writeups buddy

no man, i got it)

The room For Business Reasons

Is it intentional that 3 of the other IPs on the network

Are literal clones of the original machine?

Am I supposed to hop on those boxes too to bypass a firewall?

@green phoenix some of the IPs are the internal docker IPs with their respective services and one has both of them forwarded. Look at the IPs that look like they are the only ones on their subnet

One Piece writeup got released. You can still contact me if you got questions after giving it a look 🙂

I don't really want hint/help but did anyone find the HackPark exploit a bit 'finicky' ? 🙂 I'm going to try again tomorrow, double check everything

Which part?

The hydra?

The ||CVE|| after hydra

I couldn’t ||get a reverse shell,|| I probably screwed something up

Ah yeah I think iy's kinda weird

You have to follow the instructions in the exploit perfectly

Yeah I’ll try again tomorrow and hope it behaves

Can you please mark that as a spoiler?

||spoiler part here|| other parts like this

Anyone do iOS Forensics yet?

Just ask directly

Stuck on one last question; task 9, question 6

Have you checked inside the Folder that may me related to email/mail @oak minnow ?

As the hint says, there may be a database file in there, even though it doesn't have the extension you are looking for

There is a folder called Mail in mobile...two files and neither have the info

Are you sure about that

Uhhh...no...lol

¯_(ツ)_/¯

Have you found it yet @oak minnow

Negative...there are 2 files...and one cannot be opened by DB browser so that narrows it down

Just need to find the data required

Are you sure that you are changing the file type to All FIles

Because the file may have not have a valid extension that DB Browser identifies, but my still be a DB File

I can tell you that what you are looking for is in Mail all right

I know it’s in his envelop index...I see references...maybe I’m not looking at this file correctly

Use the Browse Data tab to look through different tables in the ||Envelope Index||

I’ve been using that tab...the only thing it contains is column headers

Oh yeah...figured it out!

Thanks for poking me...was about to shut er down but I’m super stubborn

Nice

That's the spirit

Thanks

And thanks for making me figure it out!

No Worries

Hey guys. Anyone to help with room "django", last challenge. I don't know where to start to fix those errors.

Can we access machines via ssh?

Can we access machines via ssh?
@silk prairie Yes, you can access the machine via SSH. Credentials are already provided.

@gusty turtle thanks. Where can I get mine?

@gusty turtle thanks. Where can I get mine?
@silk prairie For the "Introduction to Django" room it is given right above Task 5 #1

Because the creds given for that exercise don't seem to work. ssh get closed before I'm prompted to enter the password. Is ssh on different port port?

Because the creds given for that exercise don't seem to work. ssh get closed before I'm prompted to enter the password. Is ssh on different port port?
@silk prairie Are you able to ping the machine? is your VPN connected?

@gusty turtle yes. I can view the django at port 8000 on my browser

Or is it because my subscription has expired?

Django room doesn't require subscription.

But can you use ssh with the free subscription?

Wait I think it's working now...

I was just able to enter the password.... it's taking long

Bingo! I'm in

Thanks @gusty turtle

I think it's was just not being stable. I can't really complain since it's for free

I think it's was just not being stable. I can't really complain since it's for free
@silk prairie I don't think the quality of room is even a bit compromised, might be some kind of network issue.

I'm in Hackpark and it says this "Tip: You can generate the reverse-shell payload using msfvenom, upload it using your current netcat session and execute it manually!"
But I was googling and couldn't see anything that shows me how to upload file via current session, anyone know direction to point me?

I think poweshell might help

I forgot how I did the room but I remember using that

This question depends on the OS

So in my case it's Command + Control + R

What is it on linux?

I think they are assuming you are using it within a kali vm because most people will be

The shortcuts are the same I’m pretty sure

Really ?:D

I would google for burpsuite shortcuts, you might find a google link

Also in the hint it says use the - instead of the +

Also that ^ means ctrl

and for mine, I'm sure I can find another way but curious how to specifically send a file via current netcat

hi, I have just finished the Learn Linux room, I just need to complete the Bonus challenge that ask me to write a flag that is hidden in /root/root.txt

however, I cant access the root directory

"everything you need to get there is in this room"

Have you tried looking at who owns what files

where should I start looking for to get the privileges to access root

Have you tried looking at who owns what files
@trim haven

the root.txt file?

No

You need to use one of the commands you learned about in the room to find all files for each user

Then look at who owns which files

oh, okay

thanks

Hey, what does a private room mean?

https://tryhackme.com/room/learnburp

It means the room owner has made the room private

ty for nothing

who can access this?

Please don't be rude.

Only people he likes or what

no one only the maker of the room

no one only the maker of the room
@white salmon Anybody who has the room code can access via join link

okay

ty for nothing
@sleek garden There's no need for that is there really

@sleek garden There's no need for that is there really
@steady stratus Actually there is no need for his answer

How so? Jabba later states that

Anybody who has the room code can access via join link

Look at the first one

AlexanderHessToday at 12:59 PM
Hey, what does a private room mean?
https://tryhackme.com/room/learnburp
TryHackMe
TryHackMe | Hacking Training
An online platform for learning and teaching cyber security, all through your browser.

The Jabbahood Watch™Today at 12:59 PM
It means the room owner has made the room private

Right. But you will receive an answer according to how you ask

Ask the question that you need, not what you want to ask

Please keep it civil (rule 4), especially when the answer given is from a community mentor.

It's okay, i understood what you mean.

Thanks 👍 Jabba later went on to explain what the effects of a private room were, after they dismissed by your response. So, a combative attitude gets no-one anywhere. But hopefully after all you've got the answers that you need (:

@trim haven thanks, you helped me a lot, I managed to get the flag (:

Awesome sauce!

I ve a question according to burp room.
I did this stuff, I ve searched for a header where set-cooki is set and sent it to the Sequencer.

My problem is that the analyze now button is greyed out

Is this a premium feature?

No

I couldn't get it to work at first either, it's someone that needs to be played with in order to get it to work.

okay, i will try another response, ty

I'm kinda stuck on Ice room

Say whats your problem and what you have tried

Screenshots always welcome

I had to do some googling but I just figured it out nm

Can anyone spare a nudge on The Cod Caper

`#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done` @karmic sky

I'm in https://tryhackme.com/room/thecodcaper
Part 5/11, Question 3; What is my SSH Password?
I've tried using the find to enum the files owned by user and have failed to use said findings to attain another shell or hints as to what it may be
I've attempted nc reverse shells, php and python reverse shells also to no avail

I don't understand why you're trying reverse shells

You currently have a shell on the machine, correct?

I can run commands

Ok, well get a reverse shell

Then enumerate the machine

I can't

You can.

Other than the fact you have a kinda weird version of netcat, that doesn't tell me much

I'm using the examples on highoncoffee and pentestmonkey and get a connection received but nothing else

If you're convinced something should be working and it isn't, check the writeup. Then ask in #room-help

There is none XD

Then ask in #room-help and provide a lot more detail like what payloads you're trying and things like that

Alright, thank you @stuck fractal

There are definitely writeups out there

Paradox may not have accepted them, but they're out there

Anyone free to answer a noobie question?

@hearty coyote Please just ask, otherwise we don't know if we can help before we commit to helping

I am doing the Linux basics tutorial, though I know some Linux. It says to ssh to the host as shiba1 and put into the password(shiba1) and it says permission denied.

You need to deploy the VM in the Learn Linux room

And use the 10.10 IP address that you get in that room

You are currently trying to SSH into your attackbox most likely

Aaaa ok, that makes more sense. Thanks.

Does TryHackMe take suggestions on guides?

What do you mean?

Like I am doing the Linux guide and there are things that are missing that have to be in there for people to accurately follow along.

#room-bugs

But please bear in mind you're expected to do your own research too.

Googling is not cheating. It's approximately 90% of infosec.

Also, they're not guides. They're called rooms. You're doing the Learn Linux room, or zthlinux. Using the correct, standardised terms and the correct room names makes it easier for everyone to understand you.

Oh I know. I am in the field. As for the terms, I will work on it.

Hi everybody. Anyone give me a hint on django ctf?

@weary oxide can I dm you?

Hi everybody. Anyone give me a hint on django ctf?
@silk prairie There are write-ups for Django

@gusty turtle hi buddy. Where can I get them?

@gusty turtle hi buddy. Where can I get them?
@silk prairie

Thanks uou@gusty turtle

Though I kinda wished I did it on my own

Is there anything such as "respect" like on htb? Cause it's for the second time you're helping me out @gusty turtle

@gusty turtle you’re not meant to tell people to look at writeups in room hints

If you can’t help don’t help

Room hints are for when you want an extra nudge

i found date ||2018-05-01 17:32:32|| in dumping router firmware in task 2 question 7 but it popup that its incorrect

i need help for last task in the room of X86-64

#room-hints i need help for last task in the room of X86-64

#room-hints who have completed intro to X86_64 room

@gusty turtle you’re not meant to tell people to look at writeups in room hints
@trim haven Oh Ok, this was his second time asking about the same Task that is why I suggested him to take a look in the write up.

i found date ||2018-05-01 17:32:32|| in dumping router firmware in task 2 question 7 but it popup that its incorrect
@lucid crescent who can give me a hint that what i should do

Hey guys, i need a hint, i don't get this question

It's a question from network services 2

about Network File System

Try and google it

I did

Probably my problem is that I don't know what I'm looking for
What does "represent files and directories on the server" mean?

What I'm looking for?

What task is this?

Task 2#3

Look under the subheading of How does nfs work? And you’ll find your answer within there

Never heared about a "handle"

Thank you Blackout

Helped me alot

Can someone give me a hint on the following question

What is a common application of MySQL?

it's in the room network services 2 task 8 question 4

@astral smelt do you have a hint

What type of database is mysql?

rdbms @astral smelt

Hey can anyone say where is the first flag is located in the room WWBuddy

@white salmon Sorry I meant to say what runs mysql

Underneath that sub heading the answer is there

okay

found it

thanks

Probably it's a problem with my Visual Studio code encoding.

I would like to bypass Server-Side Filter with magic number, but when I add this "ÿØÿî" in my php script it will not shown in my hex editor

..

Its not shown in the hex editor

But when I Add AAAA then the first 4 bytes will be 41 41 41 41

Add it in the hex editor...

It's a hex editor

xxd php-reverse-shell.php | less

used this

Ok, use a hex editor then

Can you recommend an Hex editor?

Not for macos

KK

It worked ty

need hint || aster Privs||

@sick sun brand new room, no hints yet

guys if anyone tried the upload vulnerabilities room, then I want help with task 8

That's not usually how you ask 😄

@trim haven can you help me?

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done

ok, So I am taking the room Upload vulnerabilities, and I am stuck in task 8, Server side filtering, I tried things like shell.jpg.PhP, means I am able to bypass the server side filter but, in directory when I am executing it, it shows me some error and I am not able to get a reverse-shell.

Need hints for "Android Hacking 101" room

pls

Tasks 5 and 6

Check Pins

In the Linux Challenges I am asked to find the flag 7 in the system processes, I am looking at them with "top"

but what should I be looking for here

The flag

a process called flag?

You need to look at all the processes

and use grep to find what you are looking for

Don't use top

Use a different program, with a two letter name

okay

Got it, thanks

I'm stuck in this flag

in the Linux Challenges

I can't find where it is, I have searched in internet and its supposed to be in /etc/motd

There's more places

Keep looking, don't give up after the first possible place it could be

okay

finally got it, thought somehow that the directory was a file xD

and I was just trying nano the directory

hi, where can I find information about the system, such as the kernel version etc. ?

you can search on google command to get kernel version linux

or windows, but i think you probably asking this for linux

You're asking for a specific room

Please state the room when you do that

Otherwise it's a generic question and goes in #general

In Linux Challenges I am asked to find a flag where I can find information about the system, such as the kernel version etc.

I know that I can use uname to see it

but I am searching the directory

sorry, I didnt ask properly

check out other ways of getting info about a linux system

okay

This would be my guess on it. Else im pretty clueless. anyone got a tip for me i can work with?

I struggled on this one, But think about a Router

What does the router provide

uhhh.. internet access?

Think more on a IP routing level

bruv

Don't post answers.

I think I was doing well with hints

alright thanks. that doesnt help me out though

@dusky flint

Don't post answers.
@stuck fractal
It was not the answer... it was just a guess 😄

lol

@simple mountain can we move into dms rlly quick?

Sure 🙂

🙂

Jesus Christ

I said don't

And you do it again.

all deleted... sorry.... but i do not know to cirumscribe this 😄

i just want to help

and give some background info

sorry... i will not do this again

you could look for an article or resource to link them

If you haven't completed the room, I recommend not

You should not be handing out answers either way.

@solemn smelt ah... thats a nice tipp 🙂 thank you

@willow python https://www.lifewire.com/what-is-a-private-ip-address-2625970

Ive never realized just how hard it is to find a resource for the exact name without just giving it away

a site on configuring the network in linux
https://opensource.com/life/16/6/how-configure-networking-linux

riiight?

yea thanks for the help.

Have you tried googling it?

You should get a couple ways

Find the one that isn't -p1-65535

All ports

Not a range

It's in the manual

Screenshot. Show us exactly what you did. With IPs.

We need to see what you did and what happened in order to see what you did wrong

@sleek vine Now less cropped, can you post that here?

I don't think it's finished running

You cropped it too much

You'll get a prompt again once it's done

You cropped it too much

yeah it's still running.

Let it run.

Next time lead with a screenshot please

In the Burp Suite room on Task10 and I'm doing the Live Capture in the Sequencer. Should the Intercept be on or off? DOes it even matter? I ask because I'm up to 3000 token/requests and not an error to be had. How do I analyze something that isn't there?

You capture a request (no intercept needed), send it to sequencer, then runt he thing and let it go

If it doesn't let you once you've hit like 10k, remove the request from sequencer and try another one

Ok. T

ty

It's a little irritating, bit of trial and error needed because burp is weird

THe other night I had gotten up to 10k with nothing.

Ok. Appreciate that.

Yeah it's burp being burp

are this time allowed ask ||Aster Rooms|| ?

Ok. I don't want to get into trouble, so I'm gonna' ask questions first. Still in Burp Suite, working on Decoder. It says that we have been to JavaScript site but I don't remember that. If I go to Javascript am I going to get in trouble trying to do something?

Or...is there something that I really did miss