#room-hints

why not work

and if it udp

it looks like that

#site-support

https://tryhackme.com/room/rpnmap

what room, what task are you doing @elder cliff, you have to help us help you

Well have you done any research? @elder cliff

yes but not finding

I would try harder because it's easy enough

have you tried google? it's literally in the first result when I try it

uh i am just start today

google "how many well known ports are there"

a LOT of learning this stuff requires you to be able to search for answers, that's how you learn

I'm having difficulties because of my insufficient english

thank you

well, keep trying, you'll get there

❤️

Hey all I’m wondering if anyone can give me a hint to the LookingGlass Room I’m in but stuck with the ||(root) NOPASS /sbin/reboot|| any tips?

Have you checked the cronjobs?

I have indeed

Let me Just check If im remembering right

yeah, the cronjob is where the cake is at

I noticed it’s called at reboot , tried doing a imitation reboot file and changed the PATH but that did not work and naturally If I do it wrong I’m back to square one

well, you dont need to imitate anything, you can just reboot the machine

Yes but then the port and passwords change again hence back to square one lol

they do, but when rebooted something happens doesn't it?

Yeah that was my next cue to try , so I was looking in the right place lol thank you buddy !

np

The box is designed to punish you if you make a mistake.

I noticed haha I quite like it though

Hey Everyone!

Henlo

Hi all I got stuck again on the LookingGlass room this time on poetry all I managed to find is it’s from the book ||chapter 6 pages 55-56|| Could someone point me in the right direction here please?

I tried a few things but been stuck here a little while now

What user are you?

||hunptydumpty||

ls -l /home

Something is wrong (intentionally).

Let me check. I see the 6 users and notice execute on 1 in particular is that the right direction?

I want to say linpeas should catch it, but I'm not sure there

Abnormal permissions are normally worth investigating

Awesome okay thank you buddy I’ll do some more digging. I also didn’t use linpeas I try to do it myself manually ideally

Ok but it's a good tool to have

Of course for sure I do have it so I might put it over and have a check , thank you again!

Hi. I'm doing the box "Steel Mountain" and when I try to start the service after replacing .exe from msfvenom, I keep getting this error: The service did not respond to the start or control request in a timely fashion. Can someone please help me with this? Thank you.

Generate an exe-service payload

change the format you're generating to exe-service

Thank you @stuck fractal

@stuck fractal I generated new exe after modifying exe to exe-service and the service won't start:

Why won't it start?

Hello everyone! It would be great if someone could help me.
I'm going thru OWASP TOP 10 [DAY 3]. It's said that there is another bonus flag/challenge. I believe that I found a potential steganography based part, but the problem is that I spent 2+ hours looking for a passphrase. As for now, I'm stuck.
Any hints/ideas?

Thanks in advance.
P.S. sorry if it's the wrong channel.

For the voucher code?

It's no longer available, you would have to have emailed the address on the page to get it

lol :)
Thanks. Anyway, it was great practice with various tools.

such an easy way it was to get the voucher

@stuck fractal I don't know. Sorry for being dumb. Is there a way I can check the logs through shell?

I mean you should be told when you use sc to start it?

It doesn't say anything:

It's starting

yeah, that's what I thought, but after a while sc query returns that the service is stopped. Let me try again.

Do you have a listener etc?

yes

have you tried redeploying?

no. Doing it now

Redeployed and tried again. No success 😦

are you using the correct IP address? thats the only thing I could think of that could stop it

Yes. I'm using the correct IP

Have you followed what the writeups have done

honestly not sure where it would stop working other than somewhere in your payload or listener

any write ups on this room? i played so much with the first crackme1 and just got it by guessing a little

i am missing such a small thing and i wanna know what it is

https://tryhackme.com/room/introtox8664

No write ups sadly

is the answer correct?

like i feel it might be wrong

What do you think it is

i got it correct but

Oh okay

some random 0 is in there

Well now that you have got it correct it should be easier to understand

If you look closely

no i dont get it LOL, thats why i need write ups, my actual answer is missing just 1 character

There are 2 0’s

yeah this 0 is confusing me

Do you know how to identify loops?

yeah the jumps

is it easier to try and write it as code?

i just put a break point on string call

It’s much easier and there are tools out there that will turn it into code iirc

and see what it might be trying to compare

@warm hatch there are actually writeups you just gotta do a bit of osint to find them

there are so many crackme1s

usually different

if u found one that would be great

unofficial write ups

writeups none the less that can help when stuck

ill just go to cc radare2 now, maybe it will get better, i feel this crackme was a bit above beginner but maybe it's just me

I agree those crackmes where decently hard but with a little persistence and additional research they should be easy enough

i mean i feel i learned a lot so that's cool

i am gonna give crackme2 a quick try

i finished it but lol, i didnt understand it fully

hello, I need some advice for flag26 of the linux challenges, at the moment I'm not finding anything trying:

find / | grep 4bceb

I saw the actual answer in the forum but 1 - I don't understand a good part of it and 2- I can't imagine that the search can't be done with a simpler command

That command looks through filenames for that string

You're not looking for that string in the filenames. You need to look at the contents

i thought so... I have something lie that in mind but can't find a way to make it work:

find / | strings | grep 4bceb

find / | strings will pipe output of the find command to strings, that is not what you want here

https://www.digitalocean.com/community/tutorials/using-grep-regular-expressions-to-search-for-text-patterns-in-linux

Try researching for extended regex grep

yeah I don't know much about regex so maybe that's why the actual answer looks complaicated for nothing... thanks for the read I'm sure it'll be very useful

Try using https://explainshell.com if you are having trouble digesting any command @simple phoenix

yes I used it to understand the answer, but I thnk taking the opportunity of this problem to finally learn about regex is likely my best option

I like regex101.com for learning, building & testing regex @simple phoenix

Hi guys,
Can I have some hints for investigatingwindows room? ( for #4, #11, #13)

@nimble badge those should all be able to be found in the logs but not entirely sure as I haven’t yet completed the room

Hey all! Anyone able to help a Linux n00b here pretty please?

Is it room related?

Yeah its Task 21 Linux walkthrough

Hey all! Anyone able to help a Linux n00b here pretty please?
@white salmon It's always best to ask your question directly, if someone can help then they will

Ok sorry, I am a linux n00b. I was wondering if anyone can reword the question in a different way? "This challenge is pretty simple. The binary is checking to see if the environment variable "test1234" exists, and if it's set equal to the current $USER environment variable."

Well

When you run the binary

It will check If the env variable test1234 exists

Sorry run what binary?

If It exists It Will check if its value is equal to $USER

It's in the title of the task

oh shiba2

hmm Ok I think I may have missed a step so I have gone back. But shouldn't I be allowed to do this?

You're in /

/ is the root directory

Go home

shiba2@nootnoot:/home$ echo hello > file
bash: file: Permission denied

Still the same

I went cd /home/

Home directory of user. Which will be /home/shiba2.

Your home, not /home

Ah sorry. Again, pure n00b

thank you

Fun fact

That's the room they're doing

lmao

hahaha doh

I remembered wrong :p

I know

Thank you all for your help though

I am guessing "test1234" already exists?

No

It's a variable that you need to create and assign

Then run the binary, and you will be given the password

my machine run out of time

Guess its easier to just make a vm and ssh into the attack box

SSH into the target machine?

As a free user your limited to one deploy per day of the attackbox

You're not limited like that on room VMs

Oh I lost connection to my attackbox and now I can't launch it being a free user. Have to wait till tomorrow

what is this discord all about

@white salmon Yeah so you can SSH in to the Learn Linux VM from your own machine if you connect to the VPN

@twilit wasp #general

thank you @stuck fractal

hello peeps!

im on Root Me Room
Trying to have a shell by using file uploads
I've already done the reverse shell php upload, i've changed the extension to phtml and php5 and
I've also changed the ip and port on the payload
But I'm having this error when I try to execute the thing on the website

"WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)"

Anyone knows what it could be?

@hollow holly the port that you've told the reverse shell to connect to is not open

Do you have a listener running?

yup using nc

I've used 1234

and 9999

What IP address did you use?

Are you attacking from a VM? Your own?

oh shoot ... maybe I entered the vuln machine Ip instead of my attack machine Ip

yes I'm using my own kali vm

Make sure you're using the correct IP and that the VPN is running directly in Kali. Not on the host.

Thank you so much @stuck fractal !

Got it working?

already got the shell! 🙂

and the user flag

now lets go to the privilege escalation!

Great, good luck!

what three letter web file extensions are there that end with 'a'?

Its for cc pen testing

Aren't you given the extension to use?

Ohh hold up

yeah makes sense

My bad

hey all, im working on wgel and this should be easy so i must be really missing something here. the attack surface is obv on the webserver and i found the site on || /sitemap. ||ive been dirbusting ||/sitemap|| and i ended up letting the entire wordlist run through finding || /js /css /fonts /sass|| ive viewed a lot of the files in these directories and havent turned up anything. am i being stupid or did i overlook something?

Yes

Get a bigger list

yes you’re missing something there what wordlist are you using

im using directory-list-2.3-big.txt

i suspected it wasnt big enough so i got that off of github

but what i mentioned above are the results from the list i used so i must have done something wrong

thanks guys, no need for a hint then, if big dosent work ill find a different wordlist

you need a different one, not necessarily bigger

one with common directories

anyone on nerdherd

that's a new box @graceful sun no hints available in the first 72 hours after release

ahhhh! ty!

@rose cape, you should try seclists, the raft lists are good, my go-to lists these days

@median compass gracias

de nada @rose cape

Ingles Por favor señores

Me encanta los todos

Soy blob

that is about 35% of my Spanish so it wasn't ever going to last long elBlob

Hey Hey everyone

what is the 1005:1006 stand for?

noot:x1005:1006:,,,:/home/noot:/bin/bash

the user and group?

https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/

https://en.wikipedia.org/wiki/Passwd

I'm doing Anthem on the Final stage, and in the previous step I gained access to the admin panel and I'm sort of just lost as to which direction I'm supposed to go in. There is an upload section on the panel, to which I uploaded a payload without sucess but also the first step in the Final stage says 'the box is not on a domain' which implies I need to look at rdp port, which I did but was not able to gain access with the same user/pass I used to login to the admin panel

Which task and question exactly are you looking for help with ?

Technically I'm on Final Stage, question 1 but its more of a direction question than that question specifically

well I guess question 2 not 1

Can u send the picture of ur rdp option 👀

Then, have you tried adding the IP to /etc/hosts for logging into RDP

@white salmon

no

and the rdp I did: rdesktop -u sg@anthem.com -p UmbracoIsTheBest! 10.10.x.x:3389

even when I change /etc/hosts it just says user/pass incorrect

Try with another rdp client ? I'm not very much familiar with rdesktop syntax

any other suggestion?

I dont think I know of any others

Try the remmina

Remmina works fine

I got remmina but its still saying incorrect user/pass

send the picture of ur options

that would be helpful 😄

... its 'sg' not sg@anthem.com :<

||SG|| is user

||anthem.com|| belongs to the server part

not in rdesktop

or in remmina?

Ill find out

in remmina

if it is so in remmina idk how because I just tries and it doesn't even say bad user/pass it just starts up and terminates

should use remmina i think

can anybody give me a hint on the room nerdherd?

Hints/help for new rooms are allowed after 72 hours of release.

Can i get a hint for undiscovered room?

hey hi , guys , ROOM nax i cant do the image decode --> || https://www.bertnase.de/npiet/npiet-execute.php ||

Yeah, i remember that tool is a little bugged

You need to make a small modification in that file, let me check what It is

Export It to ppm format with any image editing software

Is there a way to view/download files via FTP without using get?

Without downloading it, or without using get?

Without using get, because I don't have permission.

200 PORT command successful. Consider using PASV.
550 Failed to open file.```

Yeah you're probably not going to get around that. What room?

NerdHerd, I know we aren't allowed hints or anything so I thought I'd just ask it as a general question.

#infosec-general for general questions

Ah, thanks.

I answered your question when you first asked it.

Should be under 5 minutes

Should really be under a minute unless you're doing it wrong

You should be using POST @white salmon

Nope

Capture a genuine request

dont use ", use ' instead

Also, take the time to unzip rockyou now

dont use ", use ' instead
@white salmon That's not the issue here but it is good advice

Hydra can deal with compressed rockyou but most other tools don't

Burp, browser dev tools, ZAP

You just need a few bits of information

Where does the request go? The PATH
What verb does it use? POST/GET
What is the request parameter structure?
What's the failure message?

@white salmon DM me the IP and password please

Nmap Task-1 question 3 help

Did you google it? That question is designed to be googled

I searched but unfortunately couldn't find the answer

It's a google question

Keep looking

ok

hi, room = hackpark i dont understand this question "Using winPeas, what was the Original Install time? (This is date and time)"

It's stated in the output of winpeas

thanks

Res:
I have a shell as www-data, and I have file read as root. Can't find the user password for q6, have the root flag already.

Tried linpeas, nothing stood out

I have a root shell

you talking to me @stuck fractal ?

Nope, asking for help on Res

oohh

Or at least a hint, I'm root FFS so I should be able to answer this q

gl 🙂

Either that or I'm about to boot my desktop just to try crack a password and it probably won't work

Have you checked any files for SUID?

Who's that addressed at?

I've solved my issue now

id assume you

Oh ok

But I said I already had a root shell

So looking for SUID is kinda pointless

do it for bants 😄

I already did.

lol

So I rooted it in a slightly unintended way

Might be worth writing it up I guess

For reference, I didn't try harder or smarter. I tried dumber.

What ever works I guess works

#743859653343182930

@astral smelt thanks

NerdHerd any one?

Hasn't been 72 hours has it?

Oh, looks like it might have

@stuck fractal i got some candy , but its not a common package

I had to crack it @stuck fractal, just checked my notes, cracked with john though so you can probably do it fast in the VM

Yea

I solved it

I had to try less hard

lol 🙂

I'm working on writing it up now

you didn't root with ||xxd||?

I did

But not quite the intended way

||arbitrary file write|| gives you some nice fun things

cool, i'll look out for the writeup so

Hello good peeps of the internet. Just poking around old "Advent of Cyber" room, and kind of got stuck in the encryption room(day 12). I know I could potentially run john to crack the password, but kind of using old machine... So I did look at write up and they've provided a password over there without any explanation so I'm just curious was there anything obvious that I've missed or just run the john and patiently wait?

Check the hints on the room

You're given the passwords

Sooo obvious! Cheers...

I'm doing Revenge and I have defaced the website according to the mission objectives. How do I get the flag now?

I got all the flags except the last one.

ur not supposed to get a shell on the box?

@sand glen, is that in response to me?

@white salmon yeah 😄

I was saying that maybe u should exploit something to get a shell
and then privesc to get the 3rd flag

from what I saw (from ur stream), I think maybe it's something has to do with SSTI (Server-Side Template Injection)

I can already gain root privileges but I can't see it still.

The root privileges is how I defaced the website according to the mission objectives.

Cool, never mind. I had to just get rid of the index.html page in order to "deface" it.

Not very intuitive though.

Hi uhh, on this room, https://tryhackme.com/room/owaspjuiceshop Task 3 Q1, whenever i put in a username and password, my post request goes to http history and a get is in the intercept tab

would it be ok if i had some help

when is the 72 hours up for Nerd herd? is it tonight? ive been so stuck

At 8pm UK time

9 hours left

ah ok - people were discussing last night a little so thought it was done

How can I go about priv esc?

I'm on the Vulnerability room, final Task and it's asking me to do it.

Any hints?

If you mean vulnversity room for Priv esc look at || SUID|| @white salmon

oh, is that something I should use then?

Research what that is and how to use it for Priv esc...

You need to find the right ||SUID|| and then use it for Priv esc

https://gtfobins.github.io/
This can be helpful for many Priv esc methods you might find some help here:)

can i get some hints on nerdherd ?

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

this is not tech support

nerdherd is a room

Still 7 hours til hints are available

i am so close but i dont know what to do

@kind bear have you actually read the rule, there’s a reason he gave it to you

Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.
Although we are a a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release, unless specifically allowed by the content creator.

straight from that rule if you read it

Hi I'm a little stuck in the Task 2 of the Gotta Catch em All Scripting room, I see that my connection is (I think), but somehow I'm not receiving any data from the server even if I set it in a continuous loop because it says the ports only live for 4 seconds:

from socket import *

ip = '10.10.243.223'
port = 3010
num = 0

s = socket(AF_INET, SOCK_STREAM)
s.connect((ip, port))
while True:
print(s)
data = s.recv(1024)
print(data.decoce('utf-8'))

kali@kali:~/Documents$ python3 sockTHM.py
<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 56128), raddr=('10.10.243.223', 3010)>
^CTraceback (most recent call last):
File "sockTHM.py", line 12, in <module>
data = s.recv(1024)
KeyboardInterrupt

basically I'm trying to figure out first what kind of message the server will send me in order to finalize the script to make the operation on the number and connect to the next port...

is my logic completely out of wack?

I doesn't look like you have sent any data whatsoever

so I have to send the number to the server for it to reply?

You need to send data for it to reply or else you're just listening for something that won't come

I'm sure the room describes that

@white salmon yep

Hello, I just started learning about this stuff and started NMAP room.. I cant solve question 3 " [Research] How many of these are considered "well-known"? (These are the "standard" numbers mentioned in the task)" can someone help me?

Have you googled it?

yea

just gotta be sure lmao

@woven mirage Go ahead I know you're eager to type

I am not good with english.. I think it's 1023 but nope..

I don't know what to say lol

well

the ports go from 0 to 1023 doesn't them?

yea

so how many are there?

1023? 😂

almost

there's 10 integers between 0 and 9

-_-

I'm so dumb

Ty 😂

No you’re not

Brain fart 🤷🏿‍♂️

Finnaly I get it

Hello, i'm looking for a hint for the task 8, question #3 for the room: https://tryhackme.com/room/wireshark

Am i just looking the wrong element ? Thanks.

is the embargo up on nerdherd?

Should be now

It’s been 72 hours

I am completely stuck, not sure if the web login is a rabbit hole, I have a username (decoded) but the form requires an email. I can't decode what appears to be a password, base 64 fails. SMB share is password protected, and ssh fares no better.

So im doing the wireshark room Task 7 # 3 and the packets i put are correct but its saying theyre not

also I know nothing of the show Chuck

they are the only ARP reply packets in the pcap

Yes, but look at some opcodes

There are 4 different than all others

Find one, then you'll find the other 3 very easily

i already found all 4

its saying theyre not correct

is your format correct **, *** ,..

With the spaces

yeah

got it... lol

hey guys, I'm stuck with this cipher aGVoZWdvdTwdasddHlvdQ==

me too

it's not base64 and I tried a lot of cipher combinations but nothing helps .. any hints ?

So im doing the wireshark room Task 7 # 3 and the packets i put are correct but its saying theyre not
@white salmon I'm not sure what to look for, any hints?

@rugged fossil Opcodes 🙂

^ yep

read the task carefully and try to memorize what u learned

hi i stuck https://tryhackme.com/room/uploadvulns room task 9 #1 I need help. I upload shell but i cant find uploaded directory. (sorry for my english.)

Did you tried some more gobuster (more in depth) ?

Did you tried some more gobuster (more in depth) ?
@white salmon room: The website in the last task implemented an altered naming scheme, prepending the date and time of upload to the file name. This task will not do so to keep it relatively easy; however, directory indexing has been turned off, so you will not be able to navigate to the directory containing the uploads. I dont know what i write before the file name. I do not know how the date format is, as I am from another country.

read the task carefully and try to memorize what u learned
@white salmon @white salmon Found it! Thanks. I really should have read the notes. 😩

dont get ahead yourself 😉

Hi

@white salmon I'm sorry, i answered without check your room 😒 i did not done it yet.. my bad

@vapid magnet same

I'm still looking for some hint for task #8 question #3 of the wireshark room 🙂

same im 99.99% sure i have it correct its just not accepting it

🤔

yep its correct just not accepting it whaaat

its a bug

the correct answer is the 30th even tho the packet shows 31th so yep its a bug fix plez

the correct answer is the 30th even tho the packet shows 31th so yep its a bug fix plez
@white salmon maybe i got a different file, but mine has been 30th all along

then its timezones

Yeah I need to make a note for it

I’m out for the night though

@inland onyx could you add a note about the time zone difference for me?

Any hints for nerd herd now please ? I have enumerated everything on the web server, ||have the base64 credentials from the hidden page||, have enumerated users with enum4linux, and checked out ||FTP and SMB||. Most importantly I know that ||the bird is the word||. Not sure how to use the hint, or how to piece this together.

@solemn smelt -- sorry, saw that when I was out with the dogs and forgot. Looks like you've got it fixed?

is that out with the dogs as in the dogs or dawgs

Yeah I added a note

Yeah, literal dogs 😆

Excellent 👍

im on the wireshark room and im sure i got all the right arp reply packets but it still says wrong answer lol i even looked in the packet and they all say reply but it says incorrect

any hints on the stupid nerd herd box?

im on the wireshark room and im sure i got all the right arp reply packets but it still says wrong answer lol i even looked in the packet and they all say reply but it says incorrect
@winged token make sure to get the order correct have you look at the format hint to see how they’re ordered

Yeah i've tried like multiple times and they didnt take

Please don't use that word @winged token 🙂

sorry

Can you send us in spoilers what you’re trying @winged token

||76,400,459,520||

That’s correct

Says its wrong tho

Add spaces

ye that workd

Does anyone have a second to explain the outcome of one of the beginner room tasks? I figured out how to do what it was asking however I am not understanding why it got the outcome it did.

It's always best to directly ask your question.
If someone can answer then they will.

Sure, makes sense.

For Learn Linux Walkthrough task 21 it asks to get the password for shiba3. The way to do so is ||export test1234=$USER||. I don't understand where or how this gets the result. Wouldn't doimg this just make the result of test1234 just 'shiba2' as you're making it equal the user?

Yes

Then you run the binary

The binary performs a check

If the check succeeds, you get given the password

It's like an exam. You're demonstrating that you know how to set variables.

Oh my...

Welp, that explains that

Toally went over my head

Thank-you

anyone help in room "year of the dog" is || gitea the path to privesc and is it CVE?||

Help won’t be given until 8pm GMT today

72 hours after release

ok what time is it?

2:50am

cool

Anyone got any hints for nerdherd

@haughty veldt where are you stuck DM me

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done

Hi. I'm stuck in the Complete Beginner track; Linux Challenges section; Task 4; question #7. Any pointers on what to do there would be much appreciated!
I'm guessing I need to use grep or find..

You need to use grep yeah, with extended regex @dense sleet

It's quite a hard one I'd day

You are welcome to take a look at a write-up, and then figuring out what it means if you can't answer it on your own

hello, im having an issue with the metasploit room, despite following the instructions to the letter, when I run the job, it get back a no session was created

Can I see your metasploit options @vocal shard

sure sorry, kids pulled me away

Can you check your connectivity

!vpnscript

ill try

seems okay

i tried killing the room and restarting, didnt change

Are you sure the machine at 10.10.203.195 is up

wow your right i refreshed and now the ip is different

yet its been running over an hour... ok ill try withj the new one thanks

thank you it worked, I had to send the run command a few times but it connected eventually

Remember ladies and gents fully explain your problems with pictures. 50% of the time you will just solve it yourself after explaining the problem. The other 49% of the time more experienced members will be able to very quickly help you out because you explained yourself well. The other 1% of the time... well... then it's time to roll up and cry.

That's some pretty serious looking statistics

They are 120% accurate, trust me. They said so.

ive been trying to use gobuster

but it seems to not want to work

add dir before -u

thanks

let me try

it works 😄

:D

nvm

i shouldn't have used https://

Nope haha

did it froze or i just have to wait?

Which room?

Which exploit?

https://www.exploit-db.com/exploits/46635

Which room?
@woven mirage room easyctf

cmsmadesimple

\

something's broken

You need to specify the cms directory in the url for the exploit

Which is https://my.ip/simple

I did

and same error occures

Also use -c

Well

where

should i put -c

Anywhere

I think

still frozen

Is everything alright with your connection with the machine?

Yes

Can you see the webpage?

I can ping it

just timed out again

Wait

It isn't https

It's http

omg it works, thanks

nvm

Now it's connecting, this error explains itself

Oh

Stuck on Gotta Catch em All (task 2) in Scripting room, I looked at the writeup and there's still a few things I don't understand

it looks as though you're supposed to look for port 1337 when looking at the writeup but in the problem it states:

Go to: http://<machines_ip>:3010 to start...

But when I try port 3010 it just seemingly runs in a loop and never hit the port

<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 57196), raddr=('10.10.141.181', 3010)>
Waiting for the port to become available
<socket.socket [closed] fd=-1, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0>
Waiting for the port to become available
<socket.socket [closed] fd=-1, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0>
Waiting for the port to become available
<socket.socket [closed] fd=-1, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0>
Waiting for the port to become available

And when I try port 1337 I get a connection refused message:

raceback (most recent call last):
File "1337sockTHM.py", line 10, in <module>
s.connect((ip, port))
ConnectionRefusedError: [Errno 111] Connection refused

My script:

from socket import *
from time import *

ip = '10.10.141.181'
port = 3010
num = 0

s = socket(AF_INET, SOCK_STREAM)
s.connect((ip, port))
while port != 9765:
try:
if port == 3010:
print(s)
print('Waiting for the port to become available')
s.send(b'GET / HTTP/1.1\r\nHost: {ip}:{port}\r\n\r\n').encode("utf8")
data = s.recv(1024)
print(data.decode('utf-8'))
except:
s.close()
sleep(3)
pass

The operation and moving to next port part I'm not too worried about, but the receiving the data from the socket part I'm having a tough time getting through my dumb skull!

Okay, first you're not dumb

And iirc in this room the ports are open for just a while and then close

oh and btw I add some prints at a lot of places to help me troubleshoot

I know I don't really need them for the actual task

So if you run the script expecting port 1337 most of the times it will not receive a connection and will give up

For http it's best the requests library

indeed, but I tried the script from the writeup which uses 1337 and ends up hitting it within a couple minutes everytime... doesn't seem to be the case for 3010 though

With sockets I think you need to receive 2 times to get the body

You said that when you run the script it just runs in a loop doesn't it?

yes I used Requests before and found it much easier, I thought using socket would help me learn more the connection process and it's also what the task suggest

for 3010 yes it seems to be in a endless loop never hitting the port

Take a look at the script, it is hitting the port

The endless loop it because there's a while loop in it

The port doesn't change, so it will keep running forever

What's the output when you run using port 3010?

<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 57206), raddr=('10.10.141.181', 3010)>
Waiting for the port to become available
<socket.socket [closed] fd=-1, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0>
Waiting for the port to become available
^CTraceback (most recent call last):
File "sockTHM.py", line 16, in <module>
s.send(b'GET / HTTP/1.1\r\nHost: {ip}:{port}\r\n\r\n').encode("utf8")
OSError: [Errno 9] Bad file descriptor

I stopped it after the second loop, it just returns the same thing over and over after that

If you remove the "try except" does the error change?

From the output i imagine your socket is closing and in the second loop it is trying to connect again

You need to know why it is closing

What happens if you call recv twice?

<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 57224), raddr=('10.10.141.181', 3010)>
Waiting for the port to become available
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1031
Server: Werkzeug/0.14.1 Python/3.5.2
Date: Sun, 01 Nov 2020 21:47:19 GMT

    <center>
    You need to write a script that connects to this webserver on the correct port, do an operation on a number and then move onto the next port. Start your original number at 0.</br></br>
    The format is: operation, number, next port.</br></br>
    For example the website might display, <b>add 900 3212</b> which would be: add 900 and move onto port 3212.</br>
    Then if it was <b>minus 212 3499</b>, you'd minus 212 (from the previous number which was 900) and move onto the next port 3499</br></br>
    Do this until you the page response is STOP (or you hit port 9765).</br></br>
    Each port is also only live for 4 seconds. After that it goes to the next port. You might have to wait until port 1337 becomes live again...</br></br>
    <h3>Its currenly on port <u><a target="_blank" id="onPort">9765</a></u>. Refresh this page and it will update.</h3></center>
    <script>document.querySelector("#onPort").href= "http://"+window.location.hostname+":9765"</script>

<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 57224), raddr=('10.10.141.181', 3010)>
Waiting for the port to become available

<socket.socket fd=3, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('10.9.185.144', 57224)>
Waiting for the port to become available
Traceback (most recent call last):
File "1337sockTHM.py", line 15, in <module>
s.send(b'GET / HTTP/1.1\r\nHost: {ip}:{port}\r\n\r\n')
BrokenPipeError: [Errno 32] Broken pipe

what I'm passing:

from socket import *
from time import *

ip = '10.10.141.181'
port = 3010
num = 0

s = socket(AF_INET, SOCK_STREAM)
s.connect((ip, port))
while port != 9765:
if port == 3010:
print(s)
print('Waiting for the port to become available')
s.send(b'GET / HTTP/1.1\r\nHost: {ip}:{port}\r\n\r\n')
data = s.recv(2048)
print(data.decode('utf-8'))
sleep(2)

What do you want to do exactly?

I will stop helping you now because I'm not in my computer so I think I'm not being much helpful :p, but someone may come and help you

I'm trying to get the server response of the operation, the number and the next port

cool thanks anyway I appreciate it

Hey, I’m doing “Year of the Dog” any hints would be greatly appreciated. I believe it has to deal with c***ies . I used burp to collect a list and I’m currently fuzzing

hello im on task 18 learn linux

i did the command to see what was in the variable

but when i type it in it says im wrong?

im pretty sure i can read

so this has to be some kinda voodoo but i changed it to something else and it worked

seems like an error to me

Make sure you switch user when you're told to

task 25 learn linux. i dont see any operator mentioned anywhere. am i expected to google it?

any help would be appreciated

@wind peak which number?

3

@wind peak which number?
@simple phoenix 3

what's the format of the answer and is there a hint?

What flag allows you to operate on every file in the directory at once?

no hint

dont see it mentioned anywhere in the room so far

and its 2 characters

im about to google this cuz i dunno where im expected to find this

and google wins again

Thanks anyways @simple phoenix

did you look 'man chown' in your terminal?

yeah got that same hint

found it

@simple phoenix thanks

Task 43 Bonus Challenge - The True Ending in the learn linux room is kicking my booty. any hints?

Please help me

I am so lost atm. Maybe i need a break or something

but i know where the file is

and i know the root user can access anything

but i cant find pass for root

can i use john the ripper to brute force it or is that cheating lol

Search for user owned files. Also taking a break helps.

thanks for responding darkw but how is that gonna help. im trying to figure out the logic behind it

if i can figure out the mental process i can get the answer

Well, you can't figure out everything in one day. It takes some time.

well i guess i did go ham today completing everything up to that point

Use find command to find files belongs to some users.

break time i guess

Yeah take a break when you feel a burnout.

nice advice @wintry yarrow

hi, i'm doing the "basic pentesting" room and i'm stuck at question 5, i'm supposed to somehow exploit smb to get a username but i don't really how to do that. any hint would be appreciated

Google something like smb enumeration you'll find some good articles read them. Like on hacking articles website @tardy crater

thanks, i'll get to it

Someone can give me something on NerDherd ? For the first Flag. I found /admin/ , something like credentials but I can't decipher them ...

Hi there, I am doing Intro to x86-64, last question but I'm not sure what the correct password is. I have extracted so far ||dwperuca|| from the binary through the CMP instructions so far.

anyone help me out on "year of the dog" || ive got www-data, but now i have no idea how to defeat this gitea || this is a learning platform yeah?

@white salmon youre close, very close, ||there's just a few more chars||

Thanks, @cedar axle.

Are the last few characters extracted differently?

i cant remember, to be fair, but i checked my notes and you are nearly there

Just completed it!!! Thanks @cedar axle for the nudge! I'm going to be the next Marcus Hutchins.

lol, the wannacryguy

yah! :))

how was that for luck?

just register a domain and save the day

Yeah, he thought he was going to get some sick a** malware that way.

But it was actually the killswitch.

he saw it trying to connect to the domain that didnt exist, and thought i wonder what its trying to send, i know ill register the domain, and capture the traffic

XD

Funny how we take for granted what he did.

Not to put him on a pedestal or anything.

he wasnt always a good guy either

You mean because of his arrest?

And what he was charged for?

well he did some dodgy stuff, i mean hes not a murderer or a pedo, so hes ok with me

Yeah, we should probably move this chat somewhere else.

lol

its way off topic

one hint for get root in LazyAdmin ?

Looked like you had root code execution

If you can run commands as root, you could make yourself a sudoer or add your own fake user or add SSH keys

Reverse shell is just one of many many options, and not usually the best one

any hint for getting root in Willow tree room

any hint for nerdherd

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done

i am in room nerdherd
i have currently got some png and a text file from ftp ano login
the text file says 'you want is in leet' and i did a exiftool and steghide scan of that png photo
nothing got with steg but i found something diff in exif as it contains the owner name in some random words
now i want a hint what to do next ?

ZTH:Obscure Web Vulns
Task 22
Section 4 - XXE Challenge

Tried To Do :
<!DOCTYPE replace [<!ENTITY xxe SYSTEM “expect://id”> ]>
Result :
Sorry , ....is already registered
Any Help?

Please don't ask in multiple channels like that, it's kind of spammy

I deleted the other one

what about my nerdherd hint ?

Please remember that everyone here is a volunteer. You will get an answer when someone who has completed the room or at least is further than you wants to give you a hint. Please be patient.

👍

ROOM: Physical security intro
TASK: 3
Question: #7 When single pin picking, this term refers to when you feel like you have set a pin and the core rotates slightly

I tried googling everything i could.. if someone can hint me about this

Did you watch the videos?

not sure that's actually mentioned on the vids (particularly the 2nd vid which is where it should be if at all), but think about pins, what pins behave that way and what is it called when you think you have a set but you actually don't

hello I'm in the owaspjuiceshop room and trying to answer "question 1: access the administration page", I guess they mean that I can access the administration page without logging in ... but when I try to go to the page it doesn't show. Do I miss something here?

You need admins creds and you need to be logged in as admin I think.

Ok, I thought you had to access the page without admin login

It'll not open unless you are logged in as admin.

bit of an unclear question then ... only in the next question it's asked to login as admin

I thought I maybe was missing some point ... but I'll try to login as admin first and then access the page and see if I get the answer

https://tryhackme.com/room/owaspjuiceshop

This room?

yep

First question is what's the admin email.

it's first quest of task6

Oh got it, you didn't mentioned task so I was confused.

sorry

No worries but if you've done the task 3 then you already know how to log in as admin. 🙂

in task3 it's been shown indeed with sql injection ... but since the question didnt say to login as admin I thought you were not supposed to

yes it makes sense indeed ... but maybe i wasn't supposed to since it's not explicitly asked to login as admin ... my english interpretation not good I guess 🙂

oh well, I get the answer when I access the administration page with the admin account ... so you are supposed to login with admin account first

@wintry yarrow thnx for the replies

Np, happy hacking!

hmm, Im doing the intro network course would anybody mind giving me a hint on "Where is the very first place your computer would look to find the IP address of a domain?", Ive got everything else but im strugglingn with this one

Exploit failed: Msf::OptionValidateError The following options failed to validate: SESSION.

what is my ip

@rustic sphinx It's written just on top

hmm, Im doing the intro network course would anybody mind giving me a hint on "Where is the very first place your computer would look to find the IP address of a domain?", Ive got everything else but im strugglingn with this one
@rustic sphinx So you know it's going to be DNS because it's domain from an IP

mk

So where's the first place it looks?

Well on a server right?

Read the paragraph, attached to the task

oh hang on

ohhhhhh

You can now delete your answer

Thanks

thanks lol

guess it was just re reading it

I am working on Attacking Kerberos room - 4th section. I got the hash from the Rubeus and I was trying to perform Kerberoasting...I got the following error. I think its due to line spacing but I tried all possible options.
Hashfile 'hash.txt' on line 29 (FBFD5D...211C7EA3EBABF3CE6BE4C25B0E9FC74B): Separator unmatched
Hashfile 'hash.txt' on line 30 (D6054E...8949166F676552EB329DD7F1FFF1AC8A): Separator unmatched
Hashfile 'hash.txt' on line 31 (77CF4D...29D54FB972916DA8E4A75C39881C8A9C): Separator unmatched

Can someone help me

remove newlines

remove all \n and \r

Quick question...I'm doing Simple CTF as a beginner box...I've rooted the box and got the flag, but there's two questions that I don't know how to answer..The two questions are: What's the CVE you're using against the application and To what kind of vulnerability is the application vulnerable...any advice on google searches would be much appreciated

It'll be asking for the intended way

yeah I'm a little lost at how to answer it

I used what I learned in previous rooms

So you used a script to exploit the webapp?

negative

am I allowed to say what I did?

You should have exploited a webapp

used FTP anonymous login to retrive a document for a user...bruteforced the user name with hydra to get initial foothold into box

That wasn't the intended

dang

ok

I'll go back and poke around

appreciate the assistance!

solved. Thanks for the nudge!

working on learn linux task 43: I broke down and went to the walkthrough for the answer and am confused about part of the command that i dont understand

for finding the file the answer says : find / -user <insert-username-here> -type f 2>>/dev/null

the part i dont understand is the <2>>/dev/null> portion

2>/dev/null

it redirects IO stream 2, which is the standard error output, to /dev/null

So discards it

ugh now im more confused lmao

So there's 3 things

Standard input

Standard output

Standard error

They do what you'd expect

Errors go to stderr, output goes to stdout

All you're doing is redirecting the errors so you don't see them

ohhhh

thanks man

Hi I'm on Task 2 of the Python Scripting room and I don't quite understand the error message I'm gettting when I try to hit the second port open:

requests.exceptions.ConnectionError: HTTPConnectionPool(host='10.10.232.94', port=34232): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f5649ad64f0>: Failed to establish a new connection: [Errno 111] Connection refused'))

I know that that port is supposed to be the next one open according to the message received from the first port:

Its currenly on port 34232. Refresh this page and it will update.

They cycle

So if you miss it, you need to start again

Time is against you

I do cycle every 4 seconds as it states in the message

should I just include some sort of a while loop until I get a Response 200 instead of the sleep function

^

?

Hello All!

I could use a little help with this

@olive birch you wont need to that post module as you already have a meterpreter session

i think what happened is the default payload for that changed to windows/x64/meterpreter/reverse_tcp at some point after the box was created

yes and if I run it again it fails and says that its already listening on port 4433

Thanks; I'll keep working on it.

@olive birch you should upgrade your shell to a more stable process

Can anyone please give a nudge for https://tryhackme.com/room/physicalsecurityintro
Task 6, Question 8. I've spent several hours watching videos on the bypass and browsing forums but not found the acceptable answer to the question.
Edit: I got the answer thanks to @remote gate . Hint: Medieval defense tool extended to 9 characters

Doing the 'LookingGlass' room, i could find some 'interesting' open ports on 9k+, after some googling i'm trying an exploit with msfconsole, but got a 'Connection reset by peer'.
Am i looking in the wrong direction ?

100% yes

Ok thanks.

Did you try actually looking what's running on the ports?

Yep, i googled that

Nmap incorrectly fingerprints a few of them

They're all the same

Oh ok

hey, im doing security misconfiguration, its supposed to be a flaw where default passwords are set. now, i tried with intruder, but on wrong user/pass combination, server responds with 200 code, i tried filtering out 200 responses, but seems like deadend

Room, task, question?

i remember hydra had something like looking for certain words on page upon bad combo

just a sec

https://tryhackme.com/room/owasptop10

If i recall correctly, check out the length of the response

Yeah don't use hydra

task 19

You should not be bruteforcing anything

If i recall correctly, check out the length of the response
@white salmon all same

i tried 110 most common combinations

You should not be bruteforcing anything

Then @stuck fractal has the good answer ^^

how then am I supposed to find which default login is there

Check the hint

Do some research on the software

oh, didnt see the hint

.....

Single google search

hey guys quick question about grep

Is it directly room related?

If not, #infosec-general

yes

need to grep a flag

does it read the txt file then output matches or are the matches in the title

@noble ledge https://tryhackme.com/room/thefindcommand

does it read the txt file then output matches or are the matches in the title
@noble ledge Depends entirely on what you're doing

Grep searches through the input for the pattern

Input can be done a few different ways

@white salmon where do you find those lessons at?

that's what i need

Go to hacktivities

Search for things

ok ty 😄

Don't forget the man it's always helpfull like, man grep in your case, or man find and so on

got the flag, thank you!

hello- I am stuck on Linux challenges task 5 sub task 4 (use scp to download flag32.mp3) . from my research i have tried using : scp alice@my.ip:flag32.mp3 /home/alice

once i run cat on it is still comes out jumbled

Yeah

it's an mp3 file

Do you know what that is?

yes sound

got to convert to txt?

No

Listen to it.

is there a built in media player i am unaware of? using just the active machine shell. i tried mpg123 and it needs to be installed which it wont allow me to do

download it to your machine and play it

is there a built in media player i am unaware of? using just the active machine shell. i tried mpg123 and it needs to be installed which it wont allow me to do
@queen hull The whole idea was to copy it to your machine using SCP

You're copying it from the box to itself, it looks like

Probably best to check your SCP syntax and try again

got it to my machine. however VLC is silent when i open the file to play it and I can't open VLC to check to see if it is muted for some reason

maybe while trying scp you accidentaly overwrite the file with nothing

try to redeploy the machine and copy the file again

lol was scared that was gonna be a suggestion

working on it now

Can someone give me a hint for the Bonus Challenge (Final question) for the learn linux room

Hey folks. I'm working on Ice room Task 3 #1. it's asking what type of vuln is Icecast. Now I've looked up the cve site and done some other research and I'm just not finding what needs to be found. Or...I've overlooked it. I see the star pattern for the answer but I don't see anything that fits. Give me a nudge in the right direction, please?

I thought the nmap would tell me what version it was or something.

Can someone give me a hint for the Bonus Challenge (Final question) for the learn linux room
@raven locust find files owned by different users.

nvm

Found that one piece of info that I needed.

Thank you tho.

Hello, looking for a hint with challenge 2 and 3, task#8 of the XSS room, got the alert with the message 'Hello' spawnned but nothing then. Any idea ?thanks

Still on Ice Task3, but question 14. Says the privs listed should show one that allows taking ownership of files. I tried the one I thought it was, then tried them all. None worked. So I'm curious if I actually escalated or not. How many privs should be listed?

also, side note. In tmux, if I have 2 panes open, are they both connected to the same box so that if I've elevated in one the other benefits, or are they their own entities?

theyre their own entities @stone oyster

Hello, looking for a hint with challenge 2 and 3, task#8 of the XSS room, got the alert with the message 'Hello' spawnned but nothing then. Any idea ?thanks
@white salmon that room is broken. Best to just move on and wait for the replacement

well, you could keep trying i guess, as it is possible, its just very particular

Finaly a answer ! Thanks @oblique cliff i'll leave it for now. Thank you very much

no problem

A note could be great i think.

yes, it would

if you'd submit that to #feedback-and-ideas thatd be kewl

sorry for the lack of responses, since @trim haven became mod he thinks he's above helping people

In the Ice room, when I run the second exploit to escalate, bypassuac_eventvwr, what kind of output should I expect?

a shell that gives you sys admin privs

Looking at privs prior to and after the run they are the same.

screenshots plz

Exploit completed, but no sessions was created.

you need to set the lhost to your tun0 IP

its your virtualbox/vmware IP rn

Let me double check but I'm pretty sure I did.

yeah. ip addr.

you didnt

the IP thats set is 10.0.2.15 isnt a THM IP

yeah.

session 2

thx

hello, im in ZTH: Web 2 room. at last task, could somebody help me plz, because i dont find anything useful

You need to do what the task tells you to do

Read it carefully

hello im in the blue room, cracking task question 2. would someone mind telling me how i am to go about figuring out the hashed password?

do you have the hash? @raven locust

yes

im having trouble figuring out how to import the rockyou.txt

are you using kali?

@raven locust if youre using kali, you neep to gunzip the zipped rockyou file that comes default on kali in /usr/share/wordlists/rockyou.tgz or something like that

oh okay, thank you 😄

could somebody help me at question 4, in task 9, in room "network services 2", because the options that should be, arent those plz

@balmy crystal what do you mean?

wait a sec

omg, i posted the answers

In descending order

yess

i did

and tells me that arent fine

:/

F

maybe is cuz metasploit chaged the name of the options

well, now i am at "Hacking with Powershell" room

thx, anyways

It won't have changed it

really ?

ok

ill try later

thx

@stuck fractal This is what i see when i make "options"

: /

So some of those you need to set

It's asking for those.

the ones that are marked as required

||when i make "RHOSTS/RPORT/SQL" it doesn't work||

@stuck fractal

Hey

That's not what I said

What ones do you need to set?

ooww

I know i must put RHOSTS

as i dont have passw or usernames, i cant put them

Yes you do.

f

yess

i saw them

Just try things until they work.

now i know what to do

xD

thx

im kinda slow today

@stuck fractal yeess, now i got it right

@stuck fractal i made the room, thanks ./James

Anyone able to give me a hint for nerdherd ? As no write ups until the atleast tomorrow will dm what part I am stuck on

Anyone able to give me a hint for nerdherd ? As no write ups until the atleast tomorrow will dm what part I am stuck on
@manic citrus same here stuck on pass hash but i am pretty sure what it is but cant crack it

if anyone could provide a direction or hint?

no hints today for that room you can get it tomorrow

I need a hint about the room alfred

i am nt-system but there is no root.txt in the given directory

It's in admin desktop iirc. Read the task it says where you can find it.

Anyone able to give me a hint for Introx86x64 room, am stuck in the task6

#room-hints is here for people who want a "pointer" towards the room they are completing, and not necessarily a spoiler. As such, when asking a question, be sure to include:

• What room you are on
• At what stage are you stuck exactly? Enumerating? Exploiting? Priv esc?
• What techniques / tools have you tried so far? Just so that we know how to hint you in the right direction without repeating what you've already done.

i am nt-system but there is no root.txt in the given directory
@rigid dagger you need to have a sys admin token

• I'm in Introx86x64 room
• Am stuck i task6 I checked the algortithm using radar2 but I know that there are spliting the string into substrings using delimiters but I don't how I can know the string

set breakpoints everywhere and see if you can figure out where your input is being compared @ebon crypt

I'm in the Empire room stuck @ t8 #2... Searched the Git repo, searched the attack.mitre.org, but found nothing 😦 Where do I have to search for it? 😦

omg, that room changed, now i got to re make it

: /

lol

me2

did you made ZTH: Obscure Web Vulns ??

im stuck at Task 14, idk what to put on the payload

xd

could somebody help me plzz

Have you followed the commands in task 12? Manual JWT Exploitation?

yess

Did you read this? https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/JSON Web Token

now im thinking, i was missing a step

F

@white salmon i was missing this XDD

So you got your hint 😉

i forgot to re validate on each try

so i was always re trying with same no valid key

ok, here we go again

im too slow

F

lets do iiiiitttttt

I am having some trouble access the root directory of bob, is the a linux navigation issue?
[9:18 PM]
still gives garry's home directory after chaning user to bob

@thorny drift Please don't ask the same question in multiple channels, it looks kinda spammy. Ask in one and then wait please.

Apologies @stuck fractal still figuring out discord, wont happen again.

This one is annoying me.
https://tryhackme.com/room/javascriptbasics
Task #2

What tag is used for linking a JavaScript file to HTML?
11 characters.

The hint gives example <TagName>, but I cannot find one that fits.

The hint tells you to not use the <> type only the TagName

No, they've just updated it to say that

Prior, it said "Example: <TagName>"

Now you know ^^

Solved. The character length probably needs to be updated too, if it hasn't already- as the answer is 5 characters shorter than the input suggests.

That's pretty obvious anyways

I'm fairly positive I had entered the correct answer prior to the hint being updated too- but it is whatever.

I can't figure out what the answer of task 5 #2

that's the very last thing i'm missing.. Any hint ?

@white salmon For the JS room?

yep

var choosePill = ['Red', 'Blue', 2];

var choice = choosePill[0];

console.log(choice); // Outputs 'Red'

Exactly

There is no way to be wrong

But nothing i typed worked

Work backwards, what is the console trying to log, which item from the array is being selected and what is the question asking specifically.

Solved. The character length probably needs to be updated too, if it hasn't already- as the answer is 5 characters shorter than the input suggests.
@quartz totem the length is automatic.

It was edited live.

It wanted 11 characters, but the answer was 6 characters.

The length. Is automatic.

I am capable of repeating myself too:
The length. Was. 11.

The room was edited while I was discussing it here. Thank you.

Hello guys

I m on task 21 of zthlinux room

I can't seem to find the binary file to be executed named shiba2 to find the password of shiba3

Plz help

It should be in the user's home directory

No it isn't

Only file there is shiba1 execcutable

Shiba1 has password to shiba2

Then switch to shiba2 using the knowledge the room should have taught you

I m in shiba2

May i send a picture?

I tried going back to shiba1

But nothing there

And nothings in shiba2 too

Show me please

You're not in the user's home directory

You're in shiba1's home directory

I tried going back using cd..

But it isn't working

https://linuxconfig.org/single-linux-command-to-return-to-home-directory

Just cd.

Works just fine.

https://linuxconfig.org/single-linux-command-to-return-to-home-directory
@trim haven got it...thanks for the help😄