has anyone played the M4tr1x: Exit Denied room yet?

Hello everyone, I was working in the Web Enumeration room and can't for the life of me discover and vhosts with gobuster. I tired nearly all the SecList DNS lists as well as the directory medium list. I also tied from within the attackbox. Any suggestions or tips would be appreciated

!rule 13

Rule 13: When asking for help/tech support please perform research to your fullest ability and don't spam the chat if you don't get an answer to your question immediately. Mods and Community Mentors have the right to refuse helping those who have not done troubleshooting/research on their own first. Clearly phrase your questions as we (fortunately for all parties involved) cannot read your mind. Please include the room, task, and question number in your question if possible.

Although we are a learning platform, we politely ask that you respect the competitive nature of newly released challenges. As such, no hints for new challenge boxes should be given immediately after a release (72 hours, by default), unless instructed otherwise by the content creator.

Ah sorry too fresh

Web Enumeration is fine. That's a walkthrough room.

It was a reply to D3f4ult

yup.. i am doing it

Remember, no help or hints on that room yet

Yup..

Hint: Follow all instructions in the description at the beginning of that Task.

Maddingly frustrating. Fairly certain I have and nothing works.

Is there a message size limit in this chat? The message that I'm sending keeps disappearing after ~0.5 sec after (the message is a bit big, contains detailed explanation of what I'm stuck with)

You can try splitting it in a couple messages

Hi everyone, I'm following Linux PrivEsc room and am currently stuck at task 7 in understanding what's exactly happening there. The question-message is a bit big and I think that's why I'm not able to directly send it here (links are restricted too). Can I please DM someone who's familiar with .so files and the way the are loaded?

You can DM me if you want, I'll give you more hints

Hi. The Fortitude Intrusion Prevention prevents me from entering a correct answer to the Burp Intruder question in the OWASP Juice Shop room in the total beginner course. Any clues? The answer format clearly suggests I have the correct answer.

You need to verify with the bot in order to send links.

Having troubles with [Severity 8] Insecure Deserialization - Code Execution - don't know if its necat not listening to port 4444 but have tried using port 1234 no luck capturing the flag. I need help to complete the task.

pls i need a hint from the gods on the Pickle Rick room ive been stuck for days but I really dont wanna look at the writeup

I've found the username for the ||/login/|| page, and ran multiple directory fuzzings on the IP address but I cannot for the life of me find anything

I know it's vulnerable to ||XSS|| but I'm not sure how that will really help me?

REE i figured it out god damn that was simpler than I thought

why am i not able to change directory

Because it has spaces in it

You need " around the name of the folder

ohh sorry

don't worry 🙂

Hi, emm, id like some hint for the room Upload Vulnerabilities, task 8. Im pretty stuck with extensions

Plzz

F

Ok, already done that one

I’ve worked most of the way through Different Ctf. I have a shell as WWW-data and pretty much know how to go from user to root, but unsure how to get to user. I have one idea to try tomorrow (||internal SSH brute force||) but if that doesn’t work then I’m stuck big time. Any nudges please?

For “Different CTF”, I got write access but I dont think it has to do with the site, so I cannot get a shell from there. Got access to the website admin panel, couldnt get anywhere tho. Have been stuck for a few days, feel like I’m missing something really stupid. Any help would be appreciated.

Hi, any hints for web to user escalation for Different CTF? tried su and ssh bruteforcing, pspy, lse etc...

Got web-flag in different ctf... very interesting room. I like it.

For "Different CTF", can anyone give a little hint for finding the secret folder?

Directory brute forcing will find it. It’s not an ‘obvious’ secret folder until you look inside of it

I’m still stuck on escalation from www-data to user

@potent quail any hint for getting a www-data shell? I tried a couple of methods but they haven't worked.

||enumerate PHPmyadmin database and tables fully - don’t skip anything ||

Thanks!

No worries

From there I’m stuck lol

watchdog so am i

so, I don't necessarily need the answer but there is a three letter prefix in room "OWASP Top 10" on task 21. I have the name but that prefix is NOWHERE to be found.

me too

i have a suspicion

I managed to get a shell as user hakanftp but from there I can't something I can exploit 😐

same here

Currently on room Relevant in the pentesting path. Found and enumerated shares. Found passwords file. Decoded and found some credentials to something. Tried to remmina on with the credentials, but no luck. Tried accessing the other shares with the passwords, but nohing. I've run gobuster on the webserver, but only getting server error pages (can these be used for something?). Would love a hint.

How to i discover the phpmyadmin process ?

in the different ctf room, i found the hidden directory and im pretty sure that i have to somehow gain access to the php my admin... I tried with Hydra and the wordlist that is given but couldnt find any passwords, do i have to try something else or am I just doing something wrong with hydra?? would love a hint

you need to enumerate more @lyric lichen

the hidden directroy... ||why is there an image and a wordlist in there ? ||

ok thanks i'll try a few things

thanks @distant grail

Hey theart42 - I am stuck on the same thing on Different CTF - do you want to share any hints ?

Hi Wim, I will DM you, still stuck though

👍

Hey! Just stuck on Physical Security Intro room. Does anybody know the answer?

An improperly hung door which opens away from you can be bypassed using this type of tool?

Go look at your door. When you shut it towards you, what way is the handle thing that goes into the door pointing?

right way in my case

It is two words, first - 8 letters, 2nd - 4

Should look like this

Now what do you think you could do to open that door if you can access the lock

hm

just try to pick it

maybe insert some plastic

Close

twisted pair should also work

i don`t really know(

It's a 4 letter word

For different CTF - Stupid question - but once we have the phpmyadmin creds, how do we find the login? Just directory brute force or something else?

maybe a shim, buy there is another answer

Unless it's changed your right

Ahhhh

This looks like a bug

#room-bugs please @slate siren

got it

/phpmyadmin

And Wam please make sure if you have more questions for different CTF please ask in #834061534639685643

haha thankz, I do the hard work then get too lazy to do the obvious - and yes will do

it's not a shim, you need look at something that can hook onto things

Google says me nothing

lookup a Shrum Tool

Ohhh

Finally

After 2 hours of searching

And there is one more question, that i have no idea what to answer.

Adams Rite hardware fixtures are susceptible to a bypass where a wire is snaked through the keyway and actuates the locking mechanism behind it, what could prevent this bypass?

It's 9 letter word

think of something that a knight carries to defend themselves

Shield? Sword?

defense, and add an ing to the end

That's not armor right?

Please don't post answers by the way

Sorry(

?

something a knight carries for defense, and you will need to add "ing" to the end of the word

Hm

Captain America also uses one

You should have said it earlier))

Thank you so much!

Sledgehammer? C4? Drive a truck into it? 🤔

Not the answer we needed but yeah sure I guess

This is the hints channel. I didn't want to give what I thought the answer is 🙂

#834061534639685643 hints needed

How to upload reverse shell i got to be in wp admin dashboard #834061534639685643

naw it's a particular tool, originally used in the textile industry

Deviant talks about it in the video

Anyone did NFS task 3?

I keep getting access denied when trying to mount

sudo mount -t nfs 10.10.216.129:share /tmp/mount/ -nolock -vvvv

mount.nfs: timeout set for Wed Apr 21 03:02:26 2021
mount.nfs: trying text-based options 'lock,vers=4.2,addr=10.10.216.129,clientaddr=10.10.177.12'
mount.nfs: mount(2): No such file or directory
mount.nfs: trying text-based options 'lock,addr=10.10.216.129'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.10.216.129 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 10.10.216.129 prog 100005 vers 3 prot UDP port 36696
mount.nfs: mount(2): Permission denied
mount.nfs: access denied by server while mounting 10.10.216.129:share

Make sure the VPN is running directly in your VM.
That's also not the correct export name, use the one you got from showmount

Hi All, i am doing https://tryhackme.com/room/adana task 2 question: "User flag ?". can anybody give hints to get there?

check the room tags. They give a hint on tools to use

not a bug - just not a very commonly used name

oh look like i missed those thing. will have alook

anyone on windowsctf

Hey it's now private as there were issues

issues with ssh ?

Yep

ok that's why that bruteforce is not working

thanks

Gave +1 Rep to @astral smelt

Hello

I'm new here 😀

Hello, welcome to the tryhackme. How are you today?

Very well

so do you need help?

I guessed you're fine too

Yes I do

yeah

I could root overpass1

Im really sorry because i didn't complete that room maybe someone other can help you if you leave a message here

I mean I couldn't root overpass1

Okay thanks ... God bless

Gave +1 Rep to @silent narwhal

if you need any help about something, you can dm me freely!

Sure

Im trying to root the box in the vuneversity room using the script that abuses SUID from GTFObins, but the script doesnt seem to be working

after I execute it the /bin/bash program is supposed to have rws privileges, but it doesnt. Any ideas?

forget it

Have you try /bin/bash -p ?

you can go to gtfobins.github.io and search the binary file that have the suid perm

i was trying to run directory scan on specify directory and find extension file ... i ran gobuster command and used -x and used differnet wordlist still not getting any extension

guys im at room DifferentCTF and i checked all attacking vectors i can use here to use the username and password i got but nothing works, maybe im in the wrong direction? Its task 2, flag 1

did you used this syntax "gobuster dir -u <url> -w <path to wordlist> -x <txt,php, or other extensions>?

Yep forgot to enumerate files in the directory... was so focused on cracking the user with the wordlist i got

well i did and there is nothing interesting there

is it suppose to be with an ordinary dir/file list

yes i did

/room/bpsplunk:
Task 2 Can you dig it?

When viewing search results, it's often useful to rename fields using user-provided tables of values. What command do we include within a search to do this?
Answer Format: ******```

I'm not finding the desired answer for this.
Other than performing a function as defining the output 'AS' <newlabel> --- any hints?

Th0rn ....check search examples

@white salmon thank you! That worked. I really don't think that should be the answer though... at all...

Gave +1 Rep to @rigid smelt

I also don't see how that's different from rename:
What command do we include within a search to do this?
Since the answer also requires a pipe and isn't inline with the search.

In fact I'm 99% certain that the author pasted the wrong answer and then defended it rather than change it.

Ig the rename is causing problems there

rename should be replaced by locate?

the "correct" answer is used to reference an external source in order to "rename" a value...

and that's not that command's purpose

renaming isn't anyway... you could use it for that very roundaboutly... but it's a pretty bad question to check someone's knowledge of splunk commands.

goddamnit

I take it back

I didn't thoroughly read the question

i still think it could be worded better...

?

This is what you want?

but I should've gotten it from "user-provided tables of values"

Yes

Yes please

Go ahead and report this as a literature in #room-bugs

will do - and thank you again for the help!

With room name task and question number with the error

Having the same problem here

Anyone around who could help with OWASP Top 10?

just ask, somebody might be able to help

I'm working on task 5. Machine deployed. It's asking for the version of Ubuntu. Answers format ..*. I am passing uname -v and get #102-Ubuntu SMP Mon May 11 10:07:26 UTC 2020 which clearly doesn't match the format. It looks like the kernel release but that is 4.15.0. Also tried 04.15.0 but it didn't work either. Any thoughts or iss this a bug?

answer format xx.xx.x

theres usually a file /etc/os-release in ubuntu

ok. I can pass ls so I'll look there. Thanks.

@cedar axle perfect. Thanks. I was focused on uname. Didn't know that file existed. Thanks again.

Gave +1 Rep to @cedar axle

I'm stuck on https://tryhackme.com/room/introtonetworking section whois.
Microsoft has anonymized data via Markmonitor, and the Whois data for neither MS or Markmonitor publish location, technical contact, etc. that are the required answers.
Is this a bug, or do I need to find the information elsewhere other than Whois data (or am I not using whois right, but I've used it for years)

what's the question sorry?

There's also an nmap flag to scan for version info

whois microsoft.com gives me the answers to the questions in that challenge (except the one that needs more extrapolation, osint)

look at the info above that from the whois result

I had already tried that. It hadn't been able to provide the details needed. But since I had command injection I was too focused on uname. cat /etc/os-release spat out just what I needed. But yeah, that nmap -O flag usually gives me what I need. It's just they crafted the room to force using command injection. And I learned something. So yay.

I don't have my notes in front of me and don't recall how I did that part of the room (it was a lot of steps). But I don't recall doing the /etc/os-release route

I think the nmap flag is -V but I'd have to look it up

Im sure there are many ways to get this information from the machine

Undoubtedly

I may have used the wrong nmap flag. But with help from @cedar axle I learned something new. Either way it's all good.

Yep, I was just mentioning that in case you hadn't thought of it

I appreciate it. Believe me, I've got lots to learn.

me too. Hence the name 🙂

lol

HI, I'm kind of newbie, kindly apologize if this question is dumb, I'm working on this Different CTF Room (Adana) in Tryhackme and I'm badly stuck after gaining access in the wordpress

On the room it says I need to create a reverse shell, but it says file is not writable in the plugin and the theme

I can do xss but even that isn't fruitful

kindly help me in telling where am I going wrong to create the shell

did you know you can change file permissions with ftp?

yeah, tried that too, but it didn't work out

I used the chmod u+s in the cli

and tried using the filezilla

try using octal notation

you mean 755?

yeah

I tried the same too

but let me login to the room again to try it

did you find the vhost?

no, I didn't

how to find the vhost?

using nmap?

I'm really sorry if it is a dumb question

I've just started my part on this side

you should try looking in the database

notice there are 2 databases?

I'm really sorry for the late response

yes sir

there are 2 databases

let me check it now

I want help with retro room

The machine is disconnecting every other minute

!vpnscript

i am doing hackpack whle using hydra optional added cokkie also why is that so ??

You need to match the format that the server expects

Thank you! I realized what I was doing wrong, it wanted a dash instead of a colon

Gave +1 Rep to @stuck fractal

I have no idea what the context on this is, but I will happily accept your thanks

what does this mean

do i have to tell the golf name ?

you need to research it

just find the place on maps and look at the near places

oh okay thanks

i'm sure you'll find it, it isn't that hard at all

thats what i was wondering did it really ask me

golf club name near the place

ahha

nice

yeah i was looking at it too :D

well power of research

yep

whois

is so strong i never knew

it gave literally a customer care number

if you'd like to know more about researching try some google dorking rooms

for the sites

already done that

i did it last year and

i am starting back again

since i had no clue how ctf ever worked now

i am enjoying it

alot

well good luck !

have been engaged

in couple of them

@nocturne arch thx for the help

Gave +1 Rep to @nocturne arch

no problem, if you need more help feel free to dm me or tag me here

cool will do for sure

Task (3): Privilege Escalation
Question: Upload your binary and replace the legitimate one. Then restart the program to get a shell as root. 

Hello there, could you gimme some hint about it? I tried to delete the .exe in C:\Program Files (x86)\IObit\Advanced SystemCare\ but I don't have access to it, I also tried stopping the process killing the pid in meterpreter, but I can't do that either.

Reading this: Upload your binary and replace the legitimate one. Then restart the program to get a shell as root. I've assumed that maybe I could change the service's path, but not sure how to do it, any hints? Thanks!

ok,so im in the introductory research room. the question is

What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?
my answer "2020-10385 "

oops i didnt mean to push enter yet😅 Anyway so i looked it up because i was confident in my answer and it still tells me im wrong. Is the format not correct or am i just wrong?

CVE-...

I mean, your answer is right be sure you put CVE- before

😫 ive been on that question for far too long.. thank you

Gave +1 Rep to @dawn isle

Pro-tip: always look at the flag format- it gives you a hint as to the structure (dashes, periods, location of spaces, etc.)

okay, i see what you mean. thank you as well. Today is literally my first day haha. i appreciate the tip

Gave +1 Rep to @worn otter

Also in this case the room itself tell you the format

Welcome to the site!

i see that now, thanks. one more question as ive never used discord before either. How did you upload that image? i had screenshots all ready to go with my question but couldnt figure out how to include them.

Gave +1 Rep to @dawn isle

you can paste it with ctrl+v

Thank you im really enjoying it

CVE:
2019-18634

You need to copy the picture at least

you need to verify before you can post screenshots

!docs verify

Oh

Didn't know that lol

I see it get asked a lot. Trying to save James from having to say it 🙂

oh okay, ill get on that

You don’t delete it, you’d stop the AdvancedSystemCareService9 and then replace the ASCService.exe with your shell (msfvenom one) and then reboot the AdvancedSystemCareService9

You’d find that you got a shell back in the metasploit terminal 🙂

Some minutes ago I figured out, my mind was stuck thinking that I can't delete it instead of see that the fact why I can't was because the service was running, thanks a lot tho!

Gave +1 Rep to @storm robin

Haha, no worries 🙂

@cedar axle and @silver otter the web version of Whois gives me what I need. So I need to research the cmdline version more. Thank you!

Gave +1 Rep to @cedar axle

I actually think you just didn't scroll up enough on your cmd line version

(whois microsoft.com gives a fair chunk of text at the bottom)

can I paste the output in here?about 20 lines

if you put it in tags it will make it look more readable but yeah you probably can

` tags

` $ whois microsoft.com
Domain Name: MICROSOFT.COM
Registry Domain ID: 2724960_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http://www.markmonitor.com
Updated Date: 2021-03-12T23:25:32Z
Creation Date: 1991-05-02T04:00:00Z
Registry Expiry Date: 2022-05-03T04:00:00Z
Registrar: MarkMonitor Inc.
Registrar IANA ID: 292
Registrar Abuse Contact Email: abusecomplaints@markmonitor.com
Registrar Abuse Contact Phone: +1.2083895740
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
Name Server: NS1-205.AZURE-DNS.COM
Name Server: NS2-205.AZURE-DNS.NET
Name Server: NS3-205.AZURE-DNS.ORG
Name Server: NS4-205.AZURE-DNS.INFO
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

Last update of whois database: 2021-04-24T00:53:16Z <<<

For more information on Whois status codes, please visit https://icann.org/epp
`

hmm intersting, mine keeps going after that

what do you get if you do whois --version

mine has a lot more after, but it is just NOTICE wanring and TERMS OF USE, etc

it shouldn't be

5.2.11

after the "Terms of Use" section

The Registry database contains ONLY .COM, .NET, .EDU domains and Registrars. Domain Name: microsoft.com Registry Domain ID: 2724960_DOMAIN_COM-VRSN

this is what I get after "Terms of Use" section

and it leads into all the answers

my whois is Version 5.5.6.

yeah my registry iID and stuff is at he top. let me try to update Whois. OR play with switches 🙂

no

it has two sections with that

ah - yep I definitely have just the 1 section

ok yeah, try update whois I guess

can you paste me the entire output as a .txt file in dm?

I'd be curious to see

I have a question and hopefully someone can help

I'm currently in the Cracking a Zip hash section. The file that I downloaded from THM doesn't have a zip extension.

so when I use zip2john I'm not sure what the filename should be that I want to crack

the file is named zip. That is it

Just a guess, I haven't done that room, but maybe you have to rename the file?

I don't know. I'm stuck.

if it's a walkthrough room, re-read the instructions. You probably missed a step

ok. I just renamed it zip.zip. I will try that thx

Yeah it's a bug with THM atm, with downloads being incorrectly named

renaming it .zip worked! Thx

there were some other rooms I could not finish because the file they wanted me to download literally doesn't exit

exist

hy

Has anyone completed Windows Investgiations 3.0? I am Stuck at What was the path for the first image loaded for the process identified in Q's 19 & 20?

Is there any easier way to do wireshark101 task 11 regarding question 4: Looking at the data stream what is the full request URI from packet 18? I couldnt find a non trunceated version and have to build it out of the blocks I could see. Surely theres an option to show the full non shortened version?

hey guys, can anyone do a code verify for me on my script for buffer overflow prep overflow1? I just really cannot figure out why the program is still crashing?

I have all the badchars just cannot figure out why its crashing

you still about?

I have like 3 mins if you can post ur exploit I can see if I can spot anything else dm me and I'll get back to you in 12hrs or so when I get back to my pc

can anybody help me with year of the jellyfish

@anyone

There's no help on this room until the event has ended

@cedar axle and @silver otter thank you again, I found the issue.
Apparently now there are "thick" and "thin" whois requests. Clients are supposed to initially request the thin details (what I was seeing) and then contact the official Whois server for the registrar for more detailed info.
I am able to get the needed info by doing the initial whois query, getting the domain Whois server, then running 'whois -h" (whois host name).
Or by telnetting to it on port 43 and typing "microsoft.com" 🙂

Gave +1 Rep to @cedar axle

what os are you using, and what is the command you are using?

i need help with html injection

room

i am not understandin g

on what i am suppose to do

hi people, anyone able to help on the mitre room ? having issues with task 6 question 3 big time lol

@steady stratus , @slim fractal @hexed crescent have any of you had problems come up about this before ?

is that the actual name of the room ?

or @trim haven

Hey please avoid pinging TryHackMe staff, we are all very busy

sorry

my first time on here

thanks anyway

ok so im in "Introductory Research Walkthrough" specifically task 4 "manual pages. The question is "

SCP is a tool used to copy files from one computer to another.
What switch would you use to copy an entire directory?" i dont see anything else in the man page so i chose "-3" but thats incorrect so is my problem syntax or is that simply not the ight answer?

this is the man page and my answer

Yeah that definitely doesn't sound correct

You can scroll through the manual, use your arrow keys

-3 Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly
between the two remote hosts. Note that this option disables the progress meter.

Ohhh okay i foundit!! thanks.

Gave +1 Rep to @stuck fractal

guys i am doing internal room and i am trying to bruteforce the jenkins form

so i used hydra and here is my command:

hydra -l admin -P /usr/share/wordlists/rockyou.txt -s 6767 localhost http-post-form "/j_acegi_security_check:j_username=admin&j_password=^PASS^&from=%2F&Submit=Sign+in:H=JSESSIONID.66f1d4a8=node0idaxpl7k62fw1mmhys0j7mqil0.node0:Invalid username or password" -V -t 4 -I

Anyone know why ‘No service workers found’ is showing up in the Overpass website, I feel dumb

it just hangs after having tried once. if i do -t 64 after 64 tries, if -t 4 after 4 tris etc

Perhaps because the site does not use service workers

then i installed wfuzz, after disperetly looking at the internet and discovering that neither one guy that made a walkthrough about that room did function it with thm attack box

source: https://medium.com/swlh/tryhackme-internal-walkthrough-fdc6c4b569bd

If you're reading writeups already, please ask in #room-help because you're a little further than hints

"Note: Due to some weird reasons I couldn't able to crack using THM attacker machine. I deployed my on kali machine on vm and then it worked."

i write it all again there?

ok

Hmm

I curl’d to it and got what I was looking for

Now ssh2john don’t want to install 🐸

Hi! Can someone give me some hint how to find the "User flag" in the Django room?

Having an issue with HackPack room if anyone is available? Been at this for a couple hours....

oh i got the answer thx tho

Gave +1 Rep to @spring nacelle

@limpid jolt

Whats the problem?

got the answer buddy

will hàve to redeploy the machine

Linux Mint 18.3 / kernel 4.4.0.201
I have to run whois 2x:
whois microsoft.com (then find "Registrar WHOIS Server", whois.markmonitor.com)
whois -h whois.markmonitor.com microsoft.com
...then I get the full WHOIS record

in kali its much easier, but nice to know, thanks

Gave +1 Rep to @hard karma

👍

any one Different CTF

Have you checked #834061534639685643 yet?

There is a problem in the box anthem I couldn't login with the credentials

on rdp and on /umbraco

anyone

@anyone

AAH GOTCHA!!!!!!!

can someone help on vulnnet:dotjar?

yeah where are you stuck?

hey guys

this is off topic

related to cryptography

so i have two images

If it's not for a tryhackme room, please do not use this channel

okay sorry about that , what room should i ask my doubt in ?

#infosec-general

Hi all

I am new to try hack me

Can anyone help me to enumerate over machine to get the information ?

This is related to https://tryhackme.com/room/agentsudoctf machine

@here

~~Ask in #room-hints and ~~don't try to use @ here its disabled.

This is #room-hints

Ah sorry. I thought I was in #site-support .

pm me broo

im trying to run the binary and says permission denied, am i misunderstanding what i am supposed to do or am i giving the command incorrectly? TIA

That is not the binary

That is an empty text file that you just created

i tried loacating the file "shiba1" and cant seemto find it.

You are currently not using the target machine

You are currently on the attackbox

ooooh... lol thanks I'll uh.. spin that sucker up 🤦‍♂️
thank you

do i only need the target machine for this exercise or do i need both?

For Linux Fundamentals 1, you have split screen access to the target machine

You might need to click "Show Split Screen" along the top

no i know, i mean do i need both the attack machine and target running at the same time or just the target?

You have split screen access, I don't see what you could need the attackbox for?

You can spin the attackbox up if you need it

thats what i was asking, if i needed the attack box for anything. doesnt seem so.
thanks

I've installed john the ripper via
sudo apt-get install john -y

but the john command doesnt work

the room doesnt say any other commands, tried installing it other ways

What distro? What room?

kali linux

networkservices 2

i used man john

and it comes up

oh nvm my machine just crashed I think

I should say its through THM kali box, ill try again

Then it already has John the ripper installed

aye, but whenever I use john it says command not found. The man page said john -a would work but bash: command not found

ill retry it now the machine has restarted

Screenshots.

sorry was restarting the kali machine

sudo john

ahh

ofcourse

It's not in your PATH, that's the issue

It doesn't need to run as root really

Need to remember to use sudo more. Thanks @stuck fractal

Gave +1 Rep to @stuck fractal

No no no

Less sudo

I mean, try adn use it to see if it fixes small issues like this

no?

or be more wary of it?

It's important to learn where you need it and where you don't

fair, ill pay more attention to that. I'll look up sudo and paths and stuff. Try and wrap my head around when and where the command is needed

anyone completed agentsudoctf ?

Just ask your question please

Always best to directly ask

How you redirect yourself to a secret page? i don't know what is means

anyone have a hint for https://tryhackme.com/room/webenumerationv2 task 6 question 2

What’s the problem xD, it’s asking what the file extensions are

hey! I need some hints about physical penetration intro room, please 🙂 I am stuck on how to prevent attack on Adams-RIte, and with what to open wrongly hung door which open away (two words). I am googling and stuff, but I am not getting any closer, haha.

for the second one, take a look at these videos (the names should help) by the guy who made one of the original videos in the course
https://deviating.net/lockpicking/resources.html

Thank you!

Gave +1 Rep to @silver otter

for the first one, honestly this could have 100 names and the one the room author chose is kinda 'ok'

I know, haha, I found many already and no luck so far 😄 but I will check the video 🙂

the other one I can give a wordplay hint if you want? I don't really know how to find a resource without giving away the answer

ok, I will appreciate the hint 🙂

another plural/doing word for 'protecting' something, usually physically

thank you!

gl 🙂

OMG, I got it! I would die and not find it by myself, haha. The Adams one was also kind of 'not standard'. But, cool. I learned a lot around. Thanks for help!

glad to help

My mistake was looking for more 'specialised', 'professional' names. Funny thing that there are many things which fit to both.

yeah I had the same problem the door hanging one i tried a different name for like 100 times, exact same tool though

and the other one was just too obscure, if you search the internet for the actual answer i never even found it, even searching with the answer

But, not bad, not bad. I like challenging things. These vids were awesome, and I learned many things during my research. 🙂

yeah it was a great room overall, and great videos

I dont know what file extensions to use with the -x flag I've tried the usual ones like js,html,aspx,xml,sh,pl,cgi,php,txt,phtml none of which are the correct answers

and its the last question I have to answer to complete the room

try a file type that would be used for configs

thanks finally finished the room

Gave +1 Rep to @glacial gust

hi guys i'm trying to solve this room https://tryhackme.com/room/musicalstego
i can't get the link from the audio like there's something but i can't read it i tried a lot of spectogram frequencies but i still can't tell what's in there

Hey there, I am doing the NMAP Room of Networking Fundamentals in Complete Beginner. The task is to answer why the first 999 Ports are opend or filtered. My idea is that their is a firewall which answers with an ICMP unreachable packet. unfortunately i do not know what to fill in the field. It says the answer will be in my scan results, but i cant find it. Maybe because of my bad english. sry. I used the following to scan the machine. nmap -sX -vvv -f -p0-998 10.10.197.175

look at the format of the answer field- the *** give an idea as to what it should look like

look for a similar structure in the scan results, if that's what the hint suggests

Don't you also need -Pn there? I don't know if you're scanning from the attackbox

yes i do

Also, yeah, it's not because of ICMP Port Unreachable messages here

the answer format is **....

oh ok then i think i will repeat the lesson

thx

what is the exact question you are working on

There is a reason given for this -- what is it?

and the first one was this: Perform an Xmas scan on the first 999 ports of the target -- how many ports are shown to be open or filtered?

did you answer the first one?

yes its 999

ok, I think the answer will be in your results you just might need to recognise it

also in the correct format?

I believe so, two letters then eight letters

i will search _ 😄 thx

it was so obv. thank you so much

HELLO FRIENDS, THERE IS A NEW ROOM CALLED OSQUERY, I ONLY MISS ONE QUESTION TO FINISH THE CYBER DEFENSE CENTER COURSE, I'M STUCK 3 DAYS AGO ON A QUESTION HAHAHAH
Sorry for the capital letters xD
I have all the other answers in the room in case anyone needs them
😄

hello

which question?

@tawny lava

I finished it, thank you very much 😄

in the same way I cannot obtain the certificate because mem say that we have to wait for the new rooms to be published 😰

Ou

F

Congrats anyways! @tawny lava

thanks bro

Any hints for finding flag 2 on Avengers Blog Room Task 3? (FOUND IT, man that was well hidden)

I am stuck in safezone room. I did login as admin and tried to inject a php for RCE but nothing after cmd command runs and can not get a reverse shell. Any help would be appreciated.

any screen shot

@distant tartan I’ll send the screen shot in a moment

ok

YOTJF hint here ?

No hints for the room until the competition ends

also there's a dedicated channel for that room #835202386455953438

Hello i have a question about one of the questions on the java script task 3

room?

Hey, how to download folder from windows machine? I uploaded nc.exe but it looks like it downloading only one by one. I need to download whole firefox profile.

what room u doing?

or anyone know what exactly files need for firefox_decrypt https://github.com/unode/firefox_decrypt It is for Gatekeeper room

Yeah I haven't done that room cant help sorry lol

now I have files what sed is useful by WinPEAS

that looks wrong

pretty sure it wants the whole profile

I'm struggling so hard with the last flag on the Telnet section of the Network Services room. I feel really dumb right now. I need to get up and move around and maybe let my brain try to reset I think. I have no clue wtf I'm doing wrong.

https://tenor.com/view/head-bang-employee-frustrated-head-bump-on-keyboard-gif-11953744

which part?

the exploiting is just based on you getting a shell from msfvenom so you cant get the flag unless u get the shell

I've had luck with everything up until the end. I run nc -lvp 4444 and then I copy/paste the msfvenom payloat in the telnet session after .RUN and it does nothing.

u set the rport?

No. I'm gonna just step away for a bit and start the Telnet lesson over I think.

I just realized I haven't eaten anything of any substance today. That may not be helping my brain to function lol

I think you may be forgetting to put .RUN in the telnet session

or your msfvenom payload just has the wrong tun0 ip/you're listening on the wrong port

Maybe. Thanks for those hints.

Any ideas why the telnet welcome message isn't coming through? It came through when I went through this process last time...

uh what fixed that for me was to terminate machine and re telnet

happens if u telnet to it to much i think

Okay, thanks. Maybe this is related to why I wasn't having any luck before! I think I've extended this machine by an hour 3 times now, lol.

That fixed that problem! Thanks @white salmon!

Gave +1 Rep to @dull imp

np

Hi. Can someone help me get the password for shiba4? I know where the binary is and I have to create a directoy called "test". I tried mkdir and also ln but both don't work for me

you know where the binary is so run it by doing ./

okay thank you

hello I am trying to do the zero logon room but i cannot install impacket from the kali attackbox :

root@kali:~# python3 -m pip install virtualenv
/usr/bin/python3: No module named pip

you have to install pip

of course, sorry!

thanks.

So my question is about the java script. It asks you to add your script to make it say “Hack the Planet” so i did that but what do i need to put in the answer box? I can’t seem to figure it out

room?

an alert should pop up with the answer, if you are doing the room how websites work

After i put the script on the bottom the HTML title changes to Hack the planet as asked but nothing else shows up

refresh the page and try again

is it the room How websites work?

Yes that is the room im on

you should get something like that

You should get an alert like that, check the screen shot above

Ok I’ll try it now thanks

Thank i did it.

gj!

Im new to kali and cyber security and ethical hacking and i need help learning stuff

Can anyone help?

?

#start-here

Hello

Please, help with hints for room ISO27001

I've completed everything, but 2 questions

https://tryhackme.com/room/iso27001

Task 5 - Controls and domains

1. If i talk about "A.9.2.4" Managment of secret authentication information of users" i talking about an...
2. What is the name of the "Operations security" i talking about an...

Anyone plz

Anyone know how to terminate a machine if you don't have the terminate button?

there are a lot of people with the same problem, it seems global, we will have to wait for them to fix it

never mind

i got it

i am solving {{Buffer Overflow Prep
}} lab but i got stuck on task 10 i am putting right badchar but is showing my answer is wrong

these are research questions AFAIK

Yes

so research 🙂

This is very weird research question, where you should find a "word"

read the task then

Telling you as certified ISO27001 LA 🙂

yep, already did..

there are 3 categories mentioned

the whole room has issues, mind you

Ok, completed

gj

Thx

can anyone tell me what i did wrong here?

Yes. You cat'd the binary.

You also probably broke it because you wrote to the binary.

stuck on mitre module
could someone help me out

guys plz look into this bug

Not a bug, please don't post answers in the #room-hints channel

@steep swift

will keep in mind next time
meanwhile what should i do?
cause my whole room is stuck just cause of one question

It's not meterpreter. Meterpreter is one component of a larger bit of software

Anyone?

Peak Hill room

pip install the module? Any results on Stackoverflow?

No module found

Stack said pycrypto

But pip install is getting executed for python3 modules

"Using Get-WinEvent and XPath, what is the query to find WLMS events with a System Time of 2020-12-15T01:09:08.940277500Z?" i still havent found the right syntax, i've been searching all over

So use python3 to execute your program

Thanks

Gave +1 Rep to @frail rain

It was just that last L in pass was giving syntax error

Ur initial error was module not found...

Ah well.

"Using Get-WinEvent and XPath, what is the query to find WLMS events with a System Time of 2020-12-15T01:09:08.940277500Z?" could someone help me craft the right syntax ive been searching for a while and really want to quit...

never mind i found it

Hello Guys, I am completely beginner is that ok to Start learning in the TRYHACKME ?

yep

i suggest you to buy the subs cuz it will give you lots of path that teach you not only the basic but also something plus

I did that but I want to know if that's right or not

thanks

Gave +1 Rep to @clever charm

sure cuz it teaches you the theory and in the meantime allows you to develop what you have in parade through

is there any additional thing you suggests for beginner

Read writeups

Another website is picoctf

That has very benighted ctf

hi guyz

There is also htb academy

can i get some hint about "Cyborg"?

thanks again for your time

Gave +1 Rep to @clever charm

Np

writeups is very informative

I also took the 4 IBM cybersecurity courses

for fundamentals

I think htb academy is the same of thm

It aint the same

For a start, htb academy is paid

oh is the material not the same ?

TryHackMe and Hack The Box are totally seperate. They are competitors.

The content is not the same.

oh cool

thanks for information

Gave +1 Rep to @stuck fractal

Please don't ask the same question over multiple channels

me ?

They deleted their question

ok

What flag outputs things in a "long list" format

@white salmon Did you check the manual for ls?

yeah but is not working

What

What's not working?

Roki, I recommend finding out what the problem is before suggesting things

Might not work

True..I though it was his terminal

Uhh, so what is the problem? 🙂

hint hit the point

Hello,
Room: Web Enumeration (webenumeration2)
GoBuster: I can't find the flag in one of the subdomains (there are two)
I've used different wordlists to bruteforce folders and files and nothing useful...
Could anyone give me a hint with either specific command or maybe wordlist?

have you checked the found folders via a browser?

Yes, and only css and js files are in there, I mean that are the folders and files that I was able to find...

thats how I found it

might not have found the right folder then

try to add -x <extensions> cuz maybe is a simple file

Hi team,

Room: Investigating windows 3.x

q1

Need a hint to find out this event id in sysmon in faster way

It could be that I am doing something wrong but is it possible to pass wordlist of extensions instead of -x .php,.html etc?

do you intend to add .php, .html in each word in your wordlist?

No but there is a list for all common extensions and I would like to pass that list to -x argument

hey can anyone help me with htb scriptkiddie

there's only one flag, so if it's not in one of the vhosts it's on the other

This is the TryHackMe discord, I'd advise asking in the HackTheBox discord.

also think about what the filename for flags are in other rooms

i need a hint to crack this hash $2a$06$7yoU3Ng8dHTXphAg913cyO6Bjs3K5lBnwq5FJyA6d01pMSrddr1ZG

Room, task, question?

room - Hashing - Crypto 101
task - 5
question - 1

Use hashcat/john and rockyou

ok

got it thanks

Gave +1 Rep to @stuck fractal

i was wondering around the internet and found nothing

@dapper sentinel https://nth.skerritt.blog/ good tool for naming hashes

thanks but i know its a bcrypt hash i am wondering around internet to crack the hash online

You really can't

Online hash cracking uses rainbow tables

Bcrypt is always salted.

yeah i just rememberd its rainbow tables

yeah thats what i want to say i am a bad typo

you can use google colab for it

to get more resources and not put a pressure on your own machine

hhupd isnt on my retro machine, any ideas ?

It is, just not where you think it is

i did a full machine search...

There's something on the desktop
If the user wanted to patch it, maybe they downloaded it then deleted it later

ik about the search history and the cve

ahhh nvm

thx @stuck fractal

Gave +1 Rep to @stuck fractal

so im trying to find cmd inside C:\Windows\System32\ but its all folders and no cmd.exe

Change the filter

ok

srry james im not good w/ windows

thx for the help

i still cannot find cmd.exe to run the file as

Change the "save as type"

oohh ok

Hey. I need some help on Alfred please. I cannot understand what is the problem. I have also checked a few writeups and the step to download the shell.exe to the server simply doesn't work. I used a different exploit on the initial foothold as well because PowerShell commands simply don't work

Am I going crazy?

I re-did alfred a little while back and there's a gotcha in there

You need to run the exe from the powershell reverse tcp, not as a job

Yeah I wanted to do that. But I cannot get a reverse PowerShell TCP to download

!docs verify

If you follow those steps, you'll be able to post images

Cool I will get the box up a bit later and send it through. Thanks.

In burpsuite room task 6 which web application hosted on VM its talking about to complete the task?

Please don't ask the same question over a bunch of channels like that.
I answered you in #room-bugs

so i am doing http fundamentals ,, web fundamentals and i am stuck at the part of getting the cookies i did use the command curl -v http:machine_ip:port/ctf/getcookie and in output it told me to check my cookies now i did this using my terminal and i cant see where the cookies are i did use the hint and it told me to check firefox dev tool and there is no flag there

The room covers this, your cookies are not shared between browsers

If you got the cookie with curl, it won't be in firefox

Then how do I get the cookies ? If it's not in my browser ?

You should have it in curl, seeing as you had verbose

Look at the headers.

http:machine_ip:port/ctf/getcookie this isn't quite right either

needs to be http://

Oh okay let me check , I directly went to the file I saved it

Oh I might have missed it writing here its rite in the terminal

Screenshots are generally better

Alright will post it , I dint post ss cause usually people say it spoils or reveals stuff so

Mark it as a spoiler then

Idk how to do thag

It's a checkbox when you post it to discord

Okay

@stuck fractal thanks I got the answer

Gave +1 Rep to @stuck fractal

Ok

wifi hacking 101

"What three letter abbreviation is the technical term for the "wifi code/password/passphrase"?
i can't find the answer, last question for my completion of the room, Any tips would be nice

Look at the different ways to authenticate with WPA2

now im deeper into my rabbit hole lol

I mean there's like 3

PEAP, EAP, and you want the other one

i tried pmk, that didn't work

The one that people tend to use

pmk aint right

i also tried the eap so i must've not read something

i shall return, thanks

https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#WPA2 Take a read of that, if you want a bit more of a hint

found it, thank you @stuck fractal

Gave +1 Rep to @stuck fractal

Howdy, I'm doing the network services room, task 6, questions 6 and 7.
I'm doing the complete beginner collection and i'm stuck on this. Any hint would be great, thanks!

task 6, question 6: Based on the title returned to us, what do we think this port could be used for

task 7: who could it belong to? gathering possible usernames is an important step in enumeration

Heya, if you're still looking for hints: task 6: is a way to bypass the authetication and connect back to a machine. "a b######r". task 7: is a name. Both task 6 and task 7 information can be found at the upper part of port you found

hm :/
I can't seem to find any other info about a backdoor and the username

by executing the command
sudo nmap -A -p8012 -T5 10.10.88.57
i got the following output

Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-29 17:44 EDT
Nmap scan report for 10.10.88.57
Host is up (0.00017s latency).

PORT     STATE    SERVICE VERSION
8012/tcp filtered unknown
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: WAP|general purpose
Running: Actiontec embedded, Linux 2.4.X|3.X
OS CPE: cpe:/h:actiontec:mi424wr-gen3i cpe:/o:linux:linux_kernel cpe:/o:linux:linux_kernel:2.4.37 cpe:/o:linux:linux_kernel:3.2 cpe:/o:linux:linux_kernel:4.4
OS details: Actiontec MI424WR-GEN3I WAP, DD-WRT v24-sp2 (Linux 2.4.37), Linux 3.2, Linux 4.4
Network Distance: 2 hops

TRACEROUTE (using port 80/tcp)
HOP RTT     ADDRESS
1   0.05 ms 192.168.130.2
2   0.06 ms 10.10.88.57

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.58 seconds

did you try nmap -A -p- <IP> ?

Seems like some information is missing

i did, but its incredibly slow
i can execute it and let it run for a while and hopefully get a result

You're getting filtered. Filtered is bad. Check your VPN

i also tried the attackbox and got the same result

hm, alright let me troubleshoot this

amazing, its fixed! changing VPNs was the solution. Thanks for the assistance, @stuck fractal and @tight fulcrum

Gave +1 Rep to @stuck fractal

anyone about to answer some questions about relevant?

It's always best to directly ask your questions

Then if someone can help, they will

sorry, forgot the just ask rule

anyway, it seems to have sorted itself out - its responding as i would expect now

||the smb server on 445 found with nmap is non responsive - is this normal behaviour?||

^relevant room (maybe) spoiler

Can anyone tell me how to read a file that is named with special characters ?
The name of the file is '-- -root.py'

This is for peak hill, right?

M4tr1x: Exit Denied

There's a dedicated help channel for that: #834061444152295434

Got it, thanks !!

hi

i have a problem with Burp Suite

at OwaspJuiceShop

Task 3

When i m trying to intercept the login

it s intercepting another

I know how to make SQL injection but i m stuck here at burp suite

because i can t intercep the right request

the request shoud look like this

the intercep is on

when i m pressing the login button

it says rest/user/whoami in ur requset tho

check the URL where you are doing the request

and urs is a get request and the one they have is a post request

that too

is shoud make a post request

the url

is good i mean it s the login page

are you logged in by chance in that site?

i m not logged

i m trying to type random credentials

and after that

intercepting the request with burpsuite

and after that making sql injection on the login page

to bypass the login

and get the flag

this task is simple but i got stuck at burpsuite

what room are you doing

owaspjuiceshop

https://tryhackme.com/room/owaspjuiceshop

Task 3

i'll try it myself now and see

k ty

maybe clear your cache or restart the box or restart burp

I didn't do a single thing and it just gave me that when I clicked log in

might be related to that cookiconsent status thing too

if you have set your browser up non-default or something maybe

yea sorry it s working to me right now

nice, for reference I had not clicked this button yet

not sure if it's related but what did you change to fix it?

OK, feeling dumb - I can't for the life of me see ISP/Organisation info using WHOIS to solve Task 5 in Sysinternals room. Any pointers please?

hmm, the IP address may have changed

maybe raise it in #room-bugs

have you tried using TCPView to see if the IPs are the same as the screenshot? If not then try using the live IPs in your query

Thanks, totally me being dumb, I was off thinking about the remote address "OF" the screenshots 🤦‍♂️ ....... late night is my only excuse

eh, happens

in fairness, it WAS those IPs when the room came out

That's what I thought............. maybe 🙂

Gave +1 Rep to @ripe hedge

^_^

(you should also verify with the bot)

!docs verify

I am doing a room and i got a binary file and a dictionary file

the task says that i have to brute it to find the right key for binary

i dont know how to proceed further

contents of binary

Please state the room, the task, and the question when you are asking for help here

Ok

Doing psycho break room

But nvm i opened a writeup

Ok good hunting

hey

anyone finish the osquery room that I can dm?

It's always best to just directly ask your question. There's also a dedicated channel: #834161448934309948

Thanks

Any tips on WWBUDDY?

wgel ctf ? anyone

i need hint 😛 suid binary wget, im able to upload file to the server but php is not avialable

https://tryhackme.com/room/catregex Task 4 - Q5 Match all of the following filenames: File01, File2, file12, File20, File99 Expected 14 characters ? I got answer but Not in the expected format . Can anyone help ?

@mighty stirrup I'm on the same room so I'll tell you when I'll be there

👍

Well , I got the answer, It took some time though! ||[Ff]ile\d{1,2}||

Oh sorry I got it and forgot to mention it. It though it was another farther.

how did you do it, my scan is incredibly slow too. When I say incredibly slow it estimated around 5 hours for the nmap -A -p- <IP> scan

For me, I re-download the VPN file and did a Syn Scan with a -T5 switch and let that run, really

-T5 being the fastest for performance

oh, your doing from your machine, I'm using ActiveBox, probably would be better to do it though SSH

Hm, still try the syn scan on nmap with the -T5 thi

And grab a coffee while you're at it lmao, I went to do some stuff while it scan to pass the time

trying currently nmap -A -p- <IP> , extimated 5 minutes, if true will be really happy 😉

great idea 😄

now you will laugh. as I didn't realize I'm on linux, I wanted to copy the command which I used to post it here. So I pressed ctrl c 😄

Loooool, it do be like that, still trying to get used to that as well

yeah, musle memory is something not the best thing, so starting all over 😄

At least you weren't doing the 5 hours one :')

https://tryhackme.com/room/catregex Task 4- Q8 Match the string in quotes (use the * sign and the \s, \S metacharacters): "2f0h@f0j0%! a)K!F49h!FFOK" Have You got this?

true 😉

I believe i got the correct answer - b03f4b0ba8b458fa0acdc02cdb953bc8 but this is not accepted and I'm stuck with this question. please help.

@grand linden Let Me Check

@grand linden can you send me a link to the room?

i cannot find it

Hi all. This is the error on Alfred i am talking about. Any clues as to what i am doing wrong. I have tried so many different things. Even the walkthroughs fail here when i attempt them.

I managed to finish Telnet Task(Network Services Room) with AttackBox, but when I try to do on my local machine I can't solve it

Why in the part "listening on" it shows [0.0.0.0]? I can't make the reverse shell

I tried other port, rather than the 4444 suggested by the exercice coz it was being used by my Linux

My telnet prompt

VPN Local IP

If the port is in use, then you might have another nc listener using it. Also, I don't think you want to be running nc from within msf, but i might be wrong.

Y I agree with running nc from within msf
But I tried outside.. same error

well, a port in use error is going to be the same across your machine

gotta find out what's using it and kill it

or use a different port. But if you use a different port, make sure you update that in the revshell and payload info

Hey there! More of a im missing something obvious question than anything. Working through the MITRE room on the Cyber Defense Path and I'm stuck on last question of Task 6 . I cant for the life of me find any set of two words that answers the question and have been banging my head for at least an hour on this.

Hint: what do you call a collection of weapons?

Arsenal?

AHHH got it ty!!

🙌🏻

what do i do now having broke it? howto i complete the section?

Terminate and redeploy the box

i did, tried to cat shiba2 again and i get this😟

You're not meant to cat the binary

When you ran the binary, you got the password

It's in the screenshot

ok i got it, sorry im trying to do this in my spare time and am just getting confused what with being this tired. i appreciate the help and patience

ok so when looking for a flag what does it mean when there are seemingly 2 flags. for example -r and -R

In that case, there are just multiple flags that do the same thing. That's not uncommon to have a shorthand with a single - and a full word with a double -.

so in the case of rm -r or rm-R it would do the same thing?

correct

and most rooms and answer fields allow multiple answers, or might not be fully case sensitive. They allow a little "wiggle room" in the answers, often

awesome thank you

Gave +1 Rep to @worn otter

you're welcome

I think the answer tolerance is that if ~90% of the answer is correct it'll give it to you

anyone done the "what the shell" room

I think im being thick