working for me as well thank you

idk if this was on purpose or not but in burp suite: repeater i believe that the task 8 query it gives you should be "0 UNION SELECT ALL notes,null,null,null,null FROM people WHERE id = 1" and not "ALL SELECT". at least on mine "ALL SELECT" did return anything

This room --> https://tryhackme.com/r/room/nmap01, Task 5, at the end, this picture needs to be updated for the new dark mode.

There is a typo in SSRF room task 2. Payload ending should be &=x rather than &x=

Time set to complete this room on the top is 0: https://tryhackme.com/r/room/hydra

Not a bug,

Any rooms that were created before the time could be set will be set to 0.

could be edited in.

Is ubunutu 24.04.1 is the latest version

24.10 should be newest 🙂

pushing the "copy" in Read Team OPSEC room copies text "flag" instead of the actual flag.

Hey! I'm having an issue with the gobuster:the basics room

I followed the steps and the DNS is pointing to the machine ip and I still can't run scans or connect to the www.offensivetools.thm for completing the tasks

I did run the "sudo systemctl restart systemd-resolved" command

Connecting via browser shows this

Did you create an entry for it in the /etc/hosts file?

Nope but I can give that a shot and see if that works

Yeah that worked

DNS acts like a directory or a phone book if you will that maps the IP address with the URL for a given site. Thus, the target IP should not be put into the DNS value for this purpose.

I see, that makes sense
the task here says that we should add it there, so i assume that there was a mistake with it?

Haven't done the room yet, but will let you know once I do.

Thank you!

Gave +1 Rep to @unborn pulsar (current: #12 - 736)

I ran into another issue with the room
I tried different wordlists and still only found 2 subdomains
and the answer 2 is incorrect

I looked up a write up and they ran the same command and got 4 subdomains, i wonder if it comes back to that dns issue that I was running into?

add -r <target-IP> to your commamd 🙂

That worked! Thank you

Gave +1 Rep to @spare mirage (current: #5 - 1743)

Thanks. Will log it with the team.

Gave +1 Rep to @golden roost (current: #1672 - 2)

I'm on the Gotta Catch'em All! room and i had to look up what to do. The writeup says that there should be a username:password in the web page source. I can't find it. I can only see a :

Maybe you're inspecting source on a wrong page 🙂

it's the default apache page. I can't find anything else with gobuster. On the writeup screenshot you can also see a part of the default apache page

Try with home page of the app

there is no app. Only the default apache page

Maybe it is running on non standard port

no only 80 and 22 where open. Writeup also says port 80

Try to refresh the page

oh i got it. the user and password where in between the <>

Hey so I'm having a issue with Linux fundamentals part 3 whenever I try to SSH into the target machine it says the credentials listed are incorrect, the username works but for some reason the password Doesn't I'm missing something?

can you share a screenshot of it?

sure one sec

just to double check, the username and the password to ssh should be tryhackme

@heavy jacinth Here are the screenshots the IP address username and password were pasted from the clipboard

one sec

For some reason I can't upload a screenshot to this discord server is there a verification I'm missing

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

@heavy jacinth Here are The screenshot again the username and password were copied and pasted

ssh tryhackme@<IP> 🙂

Reverse those two 🙂

the command is wrong yeah

it's tryhackme@10.10.191.171

My dyslexia got me 😂

happens to the best of us lol

In the room Friday Overtime, the date in the last question needs to be updated.

Is this the right place to post if you find some faulty things regarding tryhackme rooms or would you recommend another better way?

https://tryhackme.com/r/room/monikerlink

small error for room directions: it is listed to change the "...Moniker Link (line #12)..." but the correct line to change is on Line #18 (ATTACKER_MACHINE) of the exploit.py script

• additionally in the script the placeholder is spelled wrong (MAILSVER) and is on line #32.

this was a cool room btw, cheers

Hello, all the machines I'm trying doesn't load or load but doesn't render, is this a known issue the support is working in now?

Can you elaborate? 😄

why i cant send pictures guys

Need to verify

The question is "What is the SHA1 hash of the spyagent family spyware hosted on the same IP targeting Android devices on November 16, 2022?" The date I found it referring to is October 27th 2024.

Speaking of the Gotta Catch'em All! room, it's not displaying text properly in dark mode @wraith obsidian

Yo I am having this exact issue and came here to report it lol

Here are my screenshots as well:

I was going to do this as well, but it needs to be listed in the instructions for newer people

Also, this did not work for me after I just did it

Yea just to be clear, I get that we can hack our way around it as far as the room goes. we can add to the hosts file, we can specificy the IP addr in the command, but this is not what this room is supposed to be about for gobuster.

It also is on a track for newer people who will NOT know what to do when the instructions don't list it, additionally, it makes a very clear statement on NOT scanning by IP because you are making the scope to broad in this specific exercise as it says that the target server is running multiple sites, as well as multiple vhosts

it also specifically asks that you make this DNS change, so that in the network you can resolve locally and complete the questions its asking

by domain name mind you, not IP

Thats why its being listed as a "bug" I would say it would be logical that this room needs to be thought about in the lense of a newer person given where it is on the track.

and potentially re-worked

I feel like this will just lead to people looking at writeups to get past it without learning the lessons its teaching

@short pebble @heavy jacinth Yeah a lot of users seems to report the same problem recently . I tried to add domain to /etc/hosts and add -r <target-machine-IP> to the gobuster command and it seems to fix the problem 🙂 . -r is used to specify a DNS server manually .

Nah yea again, totally fair, I just feel that, I still think its an issue is all.

Like it's not an issue for you or me it's an issue when it comes to clarity and instructions is all. I have a newer friend who is coming up behind me, and I already know he's going to get lost right here lol.

Which means many people will. I get they need to think ourside the box, and thats part of the hacker mentallity that needs to be learned, but the objective in this room isn't nessecarily to do that as opposed to following implicit instructions for a specific outcome.

I think I see whats going on here, this system uses netplan

So its using netplan, and has us edit resolvd, these are not jiving

Like I am done harping on this, just know that this system also has netplan and loads that config as well, also, if we are going to need to add the host to the /etc/hosts file we should include that in the instructions for the sake of clarity for newer people. This definitly seems like an oversight and is an easy enough fix to just edit the room and include those instructions.

Also list the -r flag and its uses and why it would be needed.

Hi. I need some help if someone have time. Its networking concepts task 7 attachbox. Doesnt matter what machine i try to reach with telnet it unable to connect

Could someone check if the vm is good or can someone send me the exact,working command i should run?

Also how can i open a ticket if i already have one active? I found like 3bug since i started

Which command are you doing?

Telnet 10.10.1.5 7

I also tried it with Machine_id and ip-10-10-1-5

And what does the question ask?

The ip of machone and the flag

Can you copy and paste the question?

Yes.but i dont want the answers,i would like to try out telnet. I would like to use the roon as intended

I know i can get the answers online

I was talking about in here.

Use telnet to connect to the web server on MACHINE_IP. What is the name and version of the http server?

And what does telnet $IP do?

Hello, so I had already posted this yesterday, but I think it was the wrong channel, since I think it is actually a bug. In The VM in Room "Active Directory Basics". (but it's probably doing this on every room)

This is what happen when I hold down the ( Key.

**It's only happen when I use RDP **on a VM in THM. otherwise the key works perfectly

(i have an AZERTY keybord)

I dont know. I somehow run out of my free one hour of machone time.but i onli used it for like. 15 min. It happened yesterday too

Ok

Telnet 10.10.10.10 connects to the telnet port on the machine, the question is asking for you to connect to the http port

What you're experiencing isn't a bug, it's intended behaviour.

I see but the task before the question is to use telnet to connect to three different port on the machine and use telnet with these services.but it seems these services either doesnt work or they are unreachable

Its imtended that my free hour is only 15min?

Did you terminate the Attackbox?

Yeah

Then yes.

They should say you have only one start and not 1 hour...

Well, it's both.

It should say so. I wanted to subscribe but i am not going to pay for one year when i see bugs everywhere

Out of the bugs you've posted, it wasn't a bug.

Which other bugs did you find?

You can also use a virtual machine and connect via the VPN

Wrong questions in some room.like the room is about one topic and the questions from another

Also i dont see the split screen togle anywhere

Oh i see it now that it should be a 2 machine operation this time.i am sorry

But they should still state that i have one attachbox start/day

Which room is this?

Networking concepts

Oh sorry.the wrong question rooms?

Let me see...

Sorry.i need to work now.but there were miltiple in the cyber security path before the network part

Thanks.

Gave +1 Rep to @idle python (current: #2550 - 1)

Searchskills:
Task2:asking about snake oil,it should be in cryptography
And netstat i dont think it should be in search skills
Task3:what does the linux command ss stand for? Its not about search engines

Some questions will require independent research to reach the answers.

Search skills are about the ability to research

So you are saying these questions are on the right place?

Okay.i think it is missleading but then its not a bug

It should state that its one start/day only

Now i have to wait a day because i wanted to be nice and stopped it when something disturbed me. Its prety irritsting

possible it is related to most windows machines on tryhackme being configured to only use the usa keyboard layout

remmina and xfreerdp can inject the correct keyboard layout after you login

thank you ! i note it

Gave +1 Rep to @rugged canyon (current: #3 - 2041)

Sorry, maybe i was angry because the problem and started being stupid. I didnt ever realised there is a monthly premium. Thank you for helping

Gave +1 Rep to @quaint sparrow (current: #1 - 3186)

Don't worry about it, after all we're to help. 😄

When you subscribe you can launch it as many times as you want.

Happy new year everyone! I am just starting out on TryHack Me, and I am having trouble in PreSecurity. The Split Screen will not load. I don't normally use discord, so i cannot figure out how to upload an image, but here is the text:

The webpage at https://vnc.tryhackme.tech/index.html?host=proxy-14.tryhackme.tech&password=TryHackMe!&proxyIP=10.10.80.182&resize=remote might be temporarily down or it may have moved permanently to a new web address.

I was using TryHackMe on Google Chrome on a 2011 Imac, and then I tried Safari, and TryHackMe would not even load. I have a 2012 Macbook I will try later and see if that fixes the issue. How do I upload screenshots? Whiteboard won't let me launch it, and Im guessing I am not allowed to use outside links?

Hello! I have a room+attack-box-bug 🙂 It is in task 4 of the last room of the Complete Beginner course, Steel Mountain, https://tryhackme.com/r/room/steelmountain
It asks you to use CVE-2014-6287 (https://www.exploit-db.com/exploits/39161) which needs a webserver to be opened on the attack box on port 80. However the attack box already uses port 80, making it impossible to complete the room without using VNC. Would it be possible to add some explanation to the task showing how to adapt the CVE script to look for the nc.exe on a different port please?

In Cyber Kill Chain (r/room/cyberkillchainzmt), task 2, is Email harvesting supposed to be this small? phishing attack is also bold but has the same font size as the rest of the paragraph.

Also found these on task 6 and task 10 in the same room, in case this is a bug.

Hello! I am new here and I do not understand how to fix this problem. Can someone tell me how I can terminate the running machine or if I can connect to the already running machine?

https://tryhackme.com/api/vm/running

If you click this link, do you have any outputs?

Nope. just an empty text box.

That's great, that means you don't have an active machine.

Try CTRL and F5.

Thanks. Problem fixed. A machine is starting right now.

Gave +1 Rep to @quaint sparrow (current: #1 - 3196)

Web Application Pentesting > Advanced Client-Side Attacks > CORS & SOP > Task 7 Arbitrary Origin

I believe the link in the following sentence might be incorrect:

The sample exploit code can be found at http://corssop.thm/exploits/data_exfil.html.

The link http://corssop.thm/exploits/data_exfil.html has a href to "http://corssop.thm/exploits/arbitrary.html" instead of the indicated location.

Advent of Cyber Day 22 "Join Lab" gives this page

Yeah a lot of users are reporting this 😦

Any way I could be notified when it's fixed it's one of the last 3 labs I need to do for the certification

Linux Privilege Escalation - NFS. Instuction is to compile with gcc.

--static

/r/room/howwebsiteswork

Hey, there seems to be a bug in room metasploit: exploitation - task 6 - on the machine "MetasploitMSFVENOM". Every time I leave it (switch to show THM AttackBox UI) and later come back to it the state has been reset to the initial state with default user Murphy. This happens also when I have a root session running and have started the elf for the exploit. If I leave the machine terminal window it soon resets and stops whatever was started. It would seem this makes it impossible to get a meterpreter session to run another exploit against for the hashdump as it automatically disconnects whenever the machine is reset to its initial state.

I have a problem with the soc simulator. I completed it correctly, 'Victory! Security breach prevented!', but I didn't receive any points or badge. Has anyone experienced something similar or knows how to fix it? Btw I earned 535 points in total.

Dark mode bug in room Common Attacks, task 2, same details issues also exists in task 5, task 6, and task 9.

Hey any fix for the submit button working at all on a particular room (netsec challenge) ive got the answer in there and it wont submit at all or respond in any way, the attack box is working fine. Also I am able to enter answers into the text field well outside their normal formats.
ive tried refreshing clearing browser cache and running in both fire fox and chrome

never mind gotter done

Windows Forensics 2, Task 5, Question 4 asks: "What program was used to open C:\Users\THM-4n6\Desktop\KAPE\KAPE\ChangeLog.txt?"
The path should be: "C:\Users\THM-4n6\Desktop\KAPE\ChangeLog.txt"

Hey there, im having some trouble joining the room "Breaching Active Directory"

I cannot join it, it doesn't matter I recharge the webpage, I log off and log in, it doesn't matter

It doesn't let me join the room

Are you a premium user ?

Nope but its a free room

Then you will need a 7-day streak to enter that room 🙂

for real?

How can I know that

Yes , if you aren't premium user you need a 7-day streak to enter networks 🙂 . It is stated on the room info card 🙂

I don't see that its needed a 7 day streak

https://tryhackme.com/r/room/breachingad

this is the room

holy fuck, what a shitty mechanism

well, thanks anyway

It's a reward; once you earn the streak requirement and join the room, you get access forever

Oh, they left 🤷‍♂️

The answer field has 1 character less than the answer, and the room cannot be finished:

Networking Secure Protocols - Task 8

You sure? Look closer, I see one more character in there.

@idle python yeah the "P" is missing, but I do not have enough character space in the answer field.

AFAIK these isn't a limit of what you can enter in the answering fields.

@idle python there seems to be, I cannot add more than the pre-set number of characters. Nine characters are the limit for this answer (not including the brackets):

Aah, OK, I noticed the issue, check what { and } is urlencoded and you should get the right answer. 👍

Or url decode the entire string.

But your answer is wrong :/

you can use cyber chef if that helps to decode it

@heavy jacinth the correct answer is THM{BB8WM6P} if I am not mistaken?
I've watched a tutorial just to check and the guy there entered "THM{BB8WM6P}" and it was correct as seen here:

so you have to shift it by another letter

THM{B8WM6P}

In his video that is 1month old, there is a different template for the answer. Here is how it looks like:

Is the right answer

for me, this is how it looks like and the brackets are pre-set:

so I can only input 3 characters before the brackets, and 6 within the brackets.

The first B should be removed, that is part of the url encoded { (%7B).

Yeap, @weak dew look at this output from Cyberchef

@idle python @heavy jacinth yes it worked now, I see that in my Cyberchef as well. I was looking at this tutorial and for some reason his answer was correct, you can see it here: https://youtu.be/61Ex9WONJUk?si=nW12N_AnQj7ndfHO&t=2288

Strange that it worked for him, the answer should be incorrect. Thanks again for the help @heavy jacinth @idle python !

Gave +1 Rep to @heavy jacinth (current: #1681 - 2)

Yeah that is weird that it worked for him but I would personally say that not to rely on tutorials a ton, while it is helpful, try coming with up the answer on your own and if you are really struggling with it, then look for tutorials to see how they had different approach then yours

Maybe I'm losing it but can you be specific what room? There's Cryptograph Basics, Public Key Cryptography Basics, Introduction to Cryptography and many more

and a screenshot would help a lot too

Oh of course wait

Public key cryptography basics

Can you share the screenshot?

Ok

The certificate section of the public key cryptography basics room seems to be broken

Someone is having trouble in the Wreath room? I click on "enter room" and nothing happens

You need to have a 7 day streak to enter Wreath 🙂

Seems like formatting of your quote is bad , refresh the page and paste this || Let's Encrypt || 🙂

On the Cyber Kill Chain room, "Reconnaissance" section

Thanks

Gave +1 Rep to @spare mirage (current: #5 - 1802)

If the dark mode issue I reported before ever gets fixed or checked up on this week, could this also be looked into? Same room, Common Attacks, task 8.

Ive been stuck on this for a bit now....Lateral Movement and Pivoting room. task 1 has you input this into the terminal. BUT when that happens, I get the error message.....so what am I not doing correctly and how does this get resolved?

Try to add domains to /etc/hosts

the issue is when I type the command...I get the "failed to resolve interface" for lateralmovement. The instructions they give in this particular exercise are pretty vauge, which doesnt help

Hi - I'm having issues with room Snort Challenge - The Basics. Trying to submit answers for Writing IDS Rules (HTTP) - when I click 'Submit', nothing happens. I first encountered this on 03/01 and since then have not been able to proceed any furhter in completing the exercises in this room

Try to refresh the page 🙂

thanks yes, have already tried this. also tried with different web browsers to no avail

Gave +1 Rep to @spare mirage (current: #5 - 1821)

Which question and what's your answer 🙂 ?

Use the given pcap file.

Write a single rule to detect "all TCP port 80 traffic" packets in the given pcap file.

What is the number of detected packets?

Note: You must answer this question correctly before answering the rest of the questions in this task.

Answer: 328

is there a bug at introductory networking room, i didnt solve before today but still i cant get points when i solve tasks

i checked again and again

No , there's no bug with that room 🙂

Well , that seems like a correct answer , can you provide a screenshot of what's going on 🙂 ?

i solved yesterday but my points still didnt came

Points are added in real-time

thats why i asked, it should be in real-time but didnt

did i get banned or something? why that happens?

enlighten me

You got your points , each question that requieres answer gives you 8 points

i checked several times, i didnt get any point, thats interesting, other rooms are giving in time

Strange 🙂

Can you try to restart your browser ?

should i screen record

Points are already been given to you , try to restart room progress and complete it again

i just restarted now and reattempted but unfortunately no success

Can you take a ss of whole screen

sure

Try to disable proxy and vpn if you're using some

definitely no proxy or VPN on

Super strange 😄 . Can you try a different browser ?

you believe me now?

Points are given only once

If you restart the room you won't get the points again 🙂 .

That way somebody could just restart the same room over and over again and build up points 😉

i know that

thats my first time

thats why i report this bug

i didnt solve that room before

i showed at first, didnt you watch??

i proved at the begining

i proved with "not completed" filter

When you restart the room it will show not completed 🙂

Anyway if you think there's problem with your points , try to reach out to support 🙂

😭 . Do you have browser extensions or ad-blocker ? If so , try to disable them 🙂

no extensions or ad-blocker for the latest which is Firefox

Could you try to press Enter while answer box is in focus instead of clicking on Submit ?

Have you tried to restart your PC ?

yes - i've tried this on different PCs

😭 😭 😭 😭

Can you try to connect to a different network ?

I'm running out of ideas what's going on here 🤣

@wide solar @spare mirage - Strange. Is this the correct summary of the issue:

• only on the some questions in the room "Snort Challenge - The Basics", not others rooms/questions
• Not VPN, no browser Add ins
• incognito mode other browsers, other machines, reboot all tested and show the same issue,
• Reset room progress and retry - same?
• Issue is either no visual response or a error "An unknown error has occurred"

We only haven't tried room restart . Thanks for pointing that out 😄

Gave +1 Rep to @wraith obsidian (current: #630 - 8)

@wide solar Can you try to restart room progress or to leave and re-join the room again 🙂 .

not sure whether this is a room bug or not but the room Allsigns2pwnage keeps disconnecting every 30-45 min. Its a premium room, so a bit disappointed really.

I am using attack the box as well

@spare mirage @wraith obsidian - room reset and same issue persists

Can you try to leave the room 🙂 ?

and then rejoin?

Yes

done - rejoined, completed the Introduction Task 1, moved onto Task 2 and same issue

😭 😭

Go to Task 8 and try to complete question in Task 8

not sure if this feedback helps but it seems to be isolated to this room , other rooms work fine

Go to Task 8 and try to complete question in Task 8

also just tried but no response

😭

here is an example from a different room - this works fine

Sending you DM to get your THM username @wide solar

Thanks. Fixed.

Gave +1 Rep to @nocturne gulch (current: #1684 - 2)

I think there is an issue in the metasploit: exploitation room, specifically regarding OpenVPN connections. on task 6 which requires the use of a staged rev_tcp exploit. I have confirmed that hosts, and ports are set correctly, and matching payloads are loaded to the listener. I've also tried alternative staged exploits and un-staged exploits with the same relatable issue.
For staged exploits the the listener acknowledges connection and begins [*] Sending stage (1017704 bytes) to 10.10.x.x but hangs and is stuck for more than 10 minutes.
For un-staged exploits its hangs at 0% during the wget call to the http server on attack device.

ssh to the exploit box also does not work over the openvpn connection.

just confirmed copied all steps from the attack box and it worked

hello, in aoc 2024 task 22 - azure everyone can join? i get 500 error ..

A lot of users are reporting the same problem 😦

Probably something on THM side

Ok thanks for reply

Hey there guys I am trying to access the upload vulnerabilities webpages but it won't reach the them on my own computer or the attack box at all even with accessing my /etc/hosts files and inputting the required information

I have an issue with the room Snort Challenge the basics Task 2. The right answer isn't accepted to the question. What is the destination address of packet 64? can you guys help?

https://tryhackme.com/r/room/whiterose

http://cyprusbank.thm/ not working?

You've added it to your hosts file, yes?

Added what to the hosts file ?

The domain

oh no I got redirected automatically

Thought that was by some dns server

... Why would a DNS server redirect you from an IP to a domain?

oh, right

And how would DNS work in a lab environment where the same box can be deployed multiple times?

I'm pretty new, my bad.

(tbf, I actually can think of a way to do that, but it's not something I've ever seen in practice )

All good

So what's the reason for doing that?

And why does the browser automatically turn that IP into a domain?

There appears to be a bug in Task# 5 at https://tryhackme.com/r/room/windowsfundamentals3xzx

... and now I wanna go code a DNS server

For doing what?

Adding the domain to a hosts file

It doesn't. The server redirects.

The server will be configured with a virtual host on that (non-existent) domain. It will be configured to redirect anything else to that vhost

Oh so you kinda have to act like a DNS and assign that domain to the ip by adding it in the hosts file?

i.e., you need to access it via that vhost

I mean, it's not DNS exactly, but yes, the same principle. Domain resolution, just with a manual mapping.

Kinda weird, any reason for that ?

It's a common thing. A web server can host multiple apps. It needs a way to distinguish between them.
That gets more complex when we start adding in load balancers, gateways, other reverse proxies, etc.

The other reason is for TLS. The certificate must match the domain name. Redirecting clients means they don't get TLS errors.

Thanks @obsidian kiln

Gave +1 Rep to @obsidian kiln (current: #10 - 815)

Np 🙂

Which bug 🙂 ?

hi

having a little issue here

Are you sure that you're using the right machine 🙂 ? Each Task in this room has a different machine attached to it .

Yes I did, was able to compile it from attacker machine, thanks

OWASP Top 10 - 2021 Room's box keeps terminating after only a few minutes

Great job , keep up the good work 🙂

@spare mirage I am using my real machine for my tryhackme tasks, because my PC doesn't support virtualization, so I partitioned it instead. So what are some of the cons of using my real machine for hacking. And how can I manage it to be on a safer side.

Well , it's recommended to use VM or AttackBox because you have some form of "isolated environment" .

My machine can't be virtualized so vm is out of the option. And attack box is limited to 1hr daily

@spare mirage was just curious to know if there are things I could do to still use it in a more safer way.

How it doesn't support virtualization , which CPU do you have 🙂 ?

Intel pentium, it was very strange for me to learn that in cannot be virtualized

Which Pentium 🙂 ?

Hp Pavilion G6

That should support virutalization , maybe it's turned off in BIOS 🙂

Evem some old Pentium 4's support virtualization , you should be good 😄

Maybe I should snap the BIOs and send to you

Feel free , setting should be called VT-X or something along those lines

Try to look in System or Configuration tab

I try to use Telnet but the system tell me that the connession is closed by foreign host

Can you provide a screenshot 🙂 ?

When I try it tell me that there is a network problemi

And I can’t give you the screenshot

I try again

No it doesn’t work

You need to verify to upload images 😄

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

You need to send a request 🙂

GET / HTTP/1.1

Host: telnet

Hit enter twice 🙂

I type get but the response is this

First connect via telnet then issue those commands

And there's a space in the first command GET / HTTP/1.1

How do I Connect via Telnet?

You have done that step (in recent the image sent)

Use telnet command like you did already 🙂

You may need a host section too

Read the task, it probably says

The task tell me to use Telnet the ip and the port

Enter host header below the first line of the request

Host: telnet

Then hit enter twice

Also Get? So I type get but if I type get and press enter it give me the same problem. How can I type the get Line and the host Line?

Press enter once

Ok by typing get and also host?

When you type both hit enter twice

Ok

I try

No it doesn’t work

Dunno maybe I’m missing something i’ll try later

Hi, not sure if this belongs here but here we go:
i’m currently doing day 5 of AOC and I have to use burp to analyse the requests. When burp is intercepting a request and I click forward to go through, the attack box starts to freeze. I then waited for a couple of minutes and now the attack box completely shut down.

Is it a problem due to the free attack box capacity (which i understood is less powerfull than the one for the subscribers) or would this be an issue from my computer ?

Turn off Interceptor until really needed . It will block all request 🙂

I turned it off when i didnt need it, but now I want to analyse the request i'm making (im following through with the video) but it froze and then shutdown the attackbox

To be more precise, it froze when I pressed Forward after doing the request on the website

Press Ctrl+R to send requests to Repetaer and analyze and edit them there 🙂 . You can also view request history in HTTP History tab and send requests from there to Repeater . I don't think you need Interceptor at all for Day 5 🙂

Ok thank you.

Do you know if that issue is caused because of the limited power of the attackbox and would be fixed if I had a subscription or if it's caused by my PC not being powerful enough (it is a computer i use for gaming)

Well bunch of requests would pille up over time . With Interceptor on , you need to manually forward each and every of them , it is enough to just forward request you're interested in 🙂 . That may cause to seem like the app/AttackBox crashed but instead they're just waiting for you to manually forward dozens of queried request 😄

The thing is that it wasn't "waiting". I did see that if I wasnt forwarding request, the webpage would not change. This is not the issue here. My issue is that there was one request at some point that when I forwarded it, the attackbox was not responding anymore (couldnt switch between firefox, chroomium and blur, box wasnt reascting to any clicks, etc)

Well , it can also happen for an AttackBox to crash sometimes , that's also a possibility 🙂

Ok, thanks for the answers

Gave +1 Rep to @spare mirage (current: #4 - 1863)

In the "Search Skills" Room via Cyber Security 101 - Start Your Cyber Security Journey - Search Skills (Task 4) "What does BitDefenderFalx detect the file with the hash 2de70ca737c1f4602517c555ddd54165432cf231ffc0e21fb2e23b9dd14e7fb4 as?" The answer when scanned viva Virustotal is not the correct answer (I have found the answer) but the hash that is submitted gives a different result to the expected answer. The hint is Use virustotal.com but as explained the result is not correct? Am I missing something or is this answer not valid/need updating?

Answer will need updating.

Thank you - Thought I was going mad 😂

Gave +1 Rep to @quaint sparrow (current: #1 - 3211)

Hey , I've noticed that the dark mode isn't updating the font color for some of the texts in THM. how do I reach out to the team and let them know about this?

https://tryhackme.com/r/room/networkservices2

• Task 3
  original: In order to do a more advanced enumeration of the NFS server, and shares- we're going to need a few tools.
fixed: In order to do a more advanced enumeration of the NFS server, and shares, we're going to need a few tools.

also in the mounting NFS shares section theres a random line break after 'You can create'

• Task 5
  this whole thing is a bit wonky so heres corrected

2. The process of sending mail can now begin. The client first submits the sender's and recipient's email addresses, the body of the email, and any attachments to the server.

3. The SMTP server then checks whether the domain name of the recipient and the sender is the same.

4. The SMTP server of the sender will make a connection to the recipient's SMTP server before relaying the email. If the recipient's server can't be accessed, or is not available, the e-mail gets put into an SMTP queue.

5. Then, the recipient's SMTP server will verify the incoming email. It does this by checking if the domain and user name have been recognised. The server will then forward the email to the POP or IMAP server, as shown in the diagram above.

6. The e-mail will then show up in the recipient's inbox.```
i saw more but it would be a lot of text

In order to do a more advanced enumeration of the NFS server, and shares, we're going to need a few tools.
For further clarification, you can remove the first comma:)

In order to do a more advanced enumeration of the NFS server and shares, we're going to need a few tools.

oh true, i did not know if they were separate for a reason (first time on this topic)

https://tryhackme.com/r/room/owaspjuiceshop
using the site's dark mode makes some text hard to see
highlighted text also has this issue like in task 1, but in the opposite way since the highlighter yellow makes it hard to read the lightened text

(i meant to put this image)

is this intentional in the hydra room? http responses are not notably different from incorrect and correct user/pass entries. confirmed the video walkthrough shows a different response code.

You're probably forwarding requests to wrong endpoint 🙂 . Make sure that your endpoints ends with / 🙂

thats denoted just before the username entry correct?...http-post-form "/:username=^USER^...

those were responses i got using the webpage login screen, not a burp request

What is the answer of the first exercise of the Junior Security Analyst Intro

?¿

please help D:

||triage specialist||

On Extending Your Network, Task 6
On the first question I can’t put in the THM{}. I’ve completed the simulator, it just says the answer is too short and to make sure I spelt it right

Do a copy and paste

Still doesn’t work

What's your answer 🙂 ?

Room: File inclusion, task 5 question #2 Which function is causing the directory traversal in Lab #4?
Does not take answer file-get-contents but instead takes file_get_contents

Linux Privilege Escalation Task 6:

Q: How would you use Nmap to spawn a root shell if your user had sudo rights on nmap?

I know how to do this already from my own real world experience, so I knew what it was looking for.

However, in that task, and the tasks before it. It doesn't go over this with the learner at all.

I think that it likely should or it's going to have to force a user to look up an answer and not learn anything.

Unless I am missing something?

In PHP, function names should follow the correct naming convention, which in this case is file_get_contents with an underscore 😄

Wouldn't the user not learn something with some self-research?

I appreciate the platform and the value it brings, but I’ve noticed some areas for improvement that could enhance both the learning experience and the platform’s overall credibility, especially considering it is a paid product.

From a learner’s perspective, it’s important that lessons and exercises are structured in a way that provides all the necessary information to complete the tasks. Unless it is explicitly stated that the purpose of an exercise is to encourage research or exploration, the expectation is that the material will include everything required to succeed in the lesson. For paid content, learners expect a streamlined and comprehensive learning experience, and gaps in information can undermine the perceived value of the platform.

For instance, there have been cases where troubleshooting an issue, such as a DNS misconfiguration, required knowledge or commands that had not yet been introduced in the curriculum. This left learners relying on external “tribal knowledge” or workarounds that didn’t fully address the root of the problem. While independent research is an important skill, the platform should clearly indicate when such an approach is intended, or ensure that exercises are self-contained with the necessary resources and guidance.

From a business perspective, addressing these issues through more rigorous quality assurance and lesson design improvements would not only enhance the user experience but also strengthen the platform’s reputation. As consumers, we want to feel we are getting value for our investment, and improving these aspects represents low-hanging fruit that could greatly benefit both the users and the company.

My challenge is determining where to submit this kind of feedback so that it can be reviewed in good faith by the appropriate team or room administrators. I’m sharing this feedback because I genuinely like the platform and want to see it succeed. However, as a professional in the field, I recognize that these gaps could lead others to question the credibility of the product if they go unaddressed.

My intention is not to criticize harshly but to contribute ideas that could improve the experience for everyone.

[Rewritten for clarity through ChatGPT so you don’t have to dissect my ramblings]

#feedback-and-ideas might be the channel you are looking for.

The room you're discussing is actually free.

My point stands in general I think though I may have been incorrect in my assumption that particular room wasn’t free it’s still an over all experience that I’m referencing that I feel could be potentially improved upon.

That concerns me because I like the platform and if I’m able to see holes on a professional level that means that many people will as well and it tanks the products credibility when proper QA isn’t considered on some of these lessons.

TryHackMe have a QA team in place to review all rooms before they're released.

But yeah, some of these rooms on the website require the user to have a look and research for themself, the greater majority of this field is self research, you'd get no where if you don't.

It's like being a Doctor, THM isn't the "We're going to teach you everythin you need to know"

It certainly can considering it's age.

It's not a new room.

Also the link is given for the user to use to research, for the answer

Not sure if this is the correct channel but ... Phishing Analysis Fundamentals -> Task 4 -> "Review this Knowledge Base (KB) article from Media Temple on viewing the raw/full email headers in various email clients here. " The link behind "here" is dead.

Hello in:
Gobuster: The Basics
Task 2: Environment and Setup

The DNS configuration mentioned (upadate of /etc/systemd/resolved.conf) did not work on the Attackerbox I had to edit: /etc/resolv.conf
and change the var nameserver to my attckbox IP.

Hello, in room Snort Task 2, there are a couple of command lines examples that are not readable when the website is in dark mode, the font seems to not update to a lighter color.

Hi , some rooms are not working, for ex. Snort challenges I can't click on submit to verify answers

Tried on other devices same

Some users also reported problems with Snort room recently 😦

I discovered what I suspect is a bug in the Linux Privilege Escalation room, task 6 (Sudo). Given the task is about using sudo and other applications to run arbitrary commands, I suspect that the file "flag2.txt" should have a umask of 640 (o+rw, g+r, u-). Otherwise there's isn't any reason to use sudo at all--just a quick find command to locate the file and then running cat (or vim, or anything) as the normal user.

(Note: this is right after resetting the VM, I hadn't run anything else)

Coda: Same thing with task 8 (Capabilities)--the flag can be read without using the escalation.

the snort room the script is completely blacked out in the view

idk if its supposed to look like that or not, but i cant remember other boxes looking like that in other rooms

I think it's a bug with the dark mode, I noticed it on a couple other text boxes as well in a couple rooms. As a workaround, you can probably just highlight it until someone goes in and updates the dark mode CSS .

im using the lightmode for that exact reason

highlighting it fixed the problem and its there tho, just black font of a dark background

is the introductory Hydra room meant to not give any points?

Also the room clock is set to 0, although you have 2 minor challanges to complete:

Another dark mode issue, this time in room Network Services 2 (/r/room/networkservices2), task 6.

I think that each room created before those features were added will display 0 . You should receive only 16 points from that room since it only has 2 question 🙂

i noticed similar issue in Local File Inclusion - Task 3, 5 . Happens in darkmode only.

Room Link: https://tryhackme.com/r/room/fileinc

ohhhh

I got a issue with the machines, when ever i start them up they just turn darkblue...

Windows Fundamentals 1 - Task 3 "The Desktop (GUI) - Question 3 "Besides Clock and Network, what other icon is visible in the Notification Area?" This question/answer is very poor and does not reference this anywhere within the room text/explanation. I think this may need some including in the room text as you need to go outside of the module/room to find the answer

Some answers can be answered by research, or just looking in the area needed.

Right click on the right side of the clock 🙂

Thank you

For Task 5, Question 3 of https://tryhackme.com/room/enumerationpe. Hint says to use ||/opt/snmpcheck/snmpcheck.rb MACHINE_IP -c public | more||, but on AttackBox I just get this error:
```internal:/usr/local/rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/rubygems/core_ext/kernel_require.rb:85:in require': cannot load such file -- snmp (LoadError) from <internal:/usr/local/rvm/rubies/ruby-3.0.0/lib/ruby/3.0.0/rubygems/core_ext/kernel_require.rb>:85:in require'
from /opt/snmpcheck/snmpcheck.rb:47:in `<main>'

Might be old rooms that haven't been updated to work with dark mode, I try and report every issue I see. 🙂

Weird Question - i finished Investigating with Splunk challenge. Got info that i did 100% of the room, but on my dashboard i got only 50% of the challenge finished, dunno why. Anyone got a solution for it or something?

Try to leave the room and re-join 🙂

did it already, reset my progress aswell

Been 2-3 days they need to fix it. Doing other rooms in the meantime but they need to look at it quick

Just wanted to report that the images for What the Shell? are no longer loading. When loaded to a new window, I received: The image "https://i.imgur.com/rN7YkJJ.png” cannot be displayed because it contains errors. Same error for the other images.

Image loads fine for me in FireFox, check if you have any extensions that could be interfering.

In
https://tryhackme.com/r/room/burpsuiterepeater task 8 Extra-mile challenge
"""
As we know the table name and the number of rows, we can use a union query to select the column names for the people table from the columns table in the information_schema default database.
"""
belonging to a Union Select attack
would say this probably is not number of rows but rather number of columns ?

Hi! I am loving the dark mode so far.

I just encountered a dark mode issue in Wireshark: The Basics | Task 2 room. Although, in the same section, there is another table with perfect text contrast.

The "Pre-perquisites" (yes, it is misspelled in the room) for Intro to IR and IM (r/room/introtoirandim), task 1, doesn't lead to the Intro to Defensive Security room, the URL is wrong so it leads to room search instead. IDK is that room was removed, or renamed, but the closest matching room I found was Defensive Security Intro, r/room/defensivesecurityintro.

Same as before. #room-bugs message
Wireshark: The Basics | Task 2 - Colouring Packets Text is not readable.

Can you try to leave the room and re-join

Tried to leave the room and join but no difference , clicking on submit answer does nothing

Can you tell us which question and what is your answer 🙂 ?

Snort Challenge - The basics , nothing works from task 2 , only stuff working is introduction and conclusion

And Snort Challenge - Live attacks , beginning works but it stops working from Task 2 , question : what is the used protocol/port in the attack?

Quite odd tbh

Only 2 rooms not working , the rest is fine for now

Can you please me with a room link , just to make sure , I'm not looking at the wrong room and tell some of your answers for some of the questions 🙂 ?

Tryhackme.com/r/room/snortchallenges1

Task 2

No question works when clicking on submit

Team needs to review the configuration or algorithm idk

Same for the rest

Other tasks

And the following room

Maybe some of your answers are wrong , can you tell me some question and your answer on it 🙂 ?

Just to make sure

Hey man 100% it's the site , not answers

For example, task 2 , first answer is 328

On snort challenge - the basics

Usually if i get a wrong answer id get a notification

Here the 2 rooms are just bugged

The submit buttons are simply unresponsive

That doesn't seem like the same answer that i got

Another issue in Intro to IR and IM (r/room/introtoirandim), task 5, I believe this should be a heading like Insufficient Determination of Incident Scope.

Don't mind the red color, I added that to highlight what should've been a heading. 👍

The AD basic room Task 4 just denies Phillip of access in power shell even after delegation

I just do as admin

Start cmd.exe as admin and run powershell from there

That’s what I did but the goal is to delegate to Phillip

Doesn't seem like you did that , seems like you just opened powershell as normal user

The picture is the bug showing how the delegation didn’t work. I used admin then

you need an admin cmd/powershell to be able to run that ps module. If phillip is an admin you should be able to right click on powershell > run as administrator > type in phillip user/pass and be able to run that

you need to have the right permissions to be able to perform password resets, you can't do it for a different user without those

In the cryptography hashing basics room anyone know how to get a attackbox? The VM just loads a blank screen. It says I can SSH in but I have no option to start an attack box to do so.

You can start it in any other room where it is available 🙂

for room nmap01, Task 4, second last question, the regex filter is buggy that simply accept computer as answer even though the correct answer is computer5. Tried reset progress and the bug is reproducible.

Yeah , i think that answer verification logic looks if most of the answer is correct but it doesn't look for a 100% match 🙂

Alright. But I do suggest make the verification filter stricter for this question (not sure achievable or not, just a suggestion😀 ) since the answer range includes computer1 up to computer6, accept computer as answer doesn't seem reasonable though.

Awesome thanks!

Gave +1 Rep to @spare mirage (current: #4 - 1953)

Well , yeah , you're right 🙂 . Same happens in OSI room where it asks for a specific layer but since the logic works the way it works even if you input just layer it will accept the answer , instead of using the correct one, ex : layer 1 , layer 5 , etc. 😄 .But if the logic would look for a 100% match many users will probably become stuck with incorrect answers because of small typos and stuff , so I completely understand why this works the way it works 😄

the same room nmap01, task 7, question 1: "Which TCP ping scan does not require a privileged account?" the given answer is "tcp syn ping". However unprivileged user can use both SYN and ACK ping, just that they will fallback to Connect scan. This answer confuse me a lot, question 2 is similar too. Official documentation states the same thing too: "only the privileged user root is generally able to send and receive raw TCP packets. For unprivileged users, a workaround is automatically employed whereby the connect system call is initiated against each target port."

It doesnt matter the system doesn't acknowledge any answer

Tried resetting and exiting but same thing

I'll send an email to support

I won't accept wrong answer

Forget it, you don't understand

Thanks for trying

🙂 ?

I explain that the problem is technical but you don't understand it

Problem is that answer you gave isn't correct

Forget about that, when you answer a question in general and click on submit what do you get?

You get woop woop if you're correct, and a red message if incorrect

In the 2 rooms I mentioned none of that works

Hello discord mods.
I believe this hint should be for the second question check it our in Snort room Task 8

Ok , maybe there's a bug with that but I just want to tell you that the system won't accept wrong answer anyways 🙂

I know man, I've just been telling that there are bugs in both rooms

I don't expect them to let me give wrong answers

Ok then , my bad 🙂

Another dark mode issue, this time in Introduction to SIEM (r/room/introtosiem) on task 3, Log Sources and Log Ingestion. The logs are pretty much not visible on dark mode.

No problem , thanks for your help, I've raised a ticket via email

Gave +1 Rep to @spare mirage (current: #4 - 1968)

Small dark mode issue in Intro to Detection Engineering (r/room/introtodetectionengineering) task 6.

On https://tryhackme.com/r/room/pythonbasics im on task 7 Loops, and I got the flag: THM{LOOPS_WHILE_FOR} , but the flag says its incorrect when I enter it in, please help... ;-;

I have this problema

You need to hit eneter twice after specifying the host header don't wait for a connection to time out

Ok

Thanks it finally worked

Glad to hear that , keep up the good work 😄

Now I have this problem

Is the target machine still alive?

Make sure that you're using the correct machine 😉

I think the problem is with the server

It’s unusual maybe it’s a bug

intro to lan's question's (What is the range of a section (octet) of a subnet mask?) answer; 0-225 or 0 to 225 gets the error message

The target machine is alive

It's 255 not 225 🙂

ah thanks

Gave +1 Rep to @spare mirage (current: #4 - 1979)

Hello, guys. I have a big issue here. I'm trying to connect to OpenVPN, and it connects successfully, but it only works with the IP of the "OpenVPN room" to test if you are connected or not. Up until this point, there is no issue. The big and strange problem is that when I try to access the IP of any room except the "OpenVPN room," it keeps loading in the browser and I cannot access it. Any fix, please?

Try to run this cmd sudo ip link set dev tun0 mtu 1200

i tried and nothing happened

Which room for example ?

Maybe it doesn't have open web server or it is on non-standard port

owasp top 10 2021

That room doesn't have web server on port 80 , I think

so, what can i do

It has loads of webservers.

Add correct port and make sure you're using http:// protocol

i will try that and let u know

ty bro

Anytime buddy 😄

Anybody know how to connect correctly to the VM Machine from Intro to Malware Analysis Room through OpenVPN access.

I tried connecting with the credentials shown in the task instructions, but it wouldn't connect when I tried to connect through ssh with the command:
ssh ubuntu@<ip-address>
and input the pasword 123456 as shown.

Is there some other service I have to connect with?

If you're referring to this room , that machine should be accessible in split-screen view 🙂

https://tryhackme.com/r/room/intromalwareanalysis

hi im new and i tried to connect on the vpn try hack me with open vpn but there is an error and i dont know how i can make for cancel her

2025-01-12 03:14:30 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2025-01-12 03:14:30 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.

Try to change server and re-generate a file 🙂

i already do that

but in the EU 2 and 3 file there is nothing so i tried on 4 and its the only one who works

i have to connect my kali linux too ?

open vpn is connected

You should run VPN only only on your Kali VM if you want to use it . Don't run VPN on both Windows and VM at the same time . Sometimes those VPN server may be down for some reason ( maintenance,etc. ) , so that may be the reason why EU-4 is the only one working right now 🙂

im using kali on windowd only i dont have vm my computer is really bad x)

this is not good ?

How do you use Kali on Windows without a virutal machine 🙂 ?

i cant past screen shot

check u dm

No , I don't recommend that . Install Kali on some hypervisor like VirutalBox or VMWare 🙂

hmm can i uninstall all i have on my pc and re upload this to vm ?

No , you don't need to uninstall/install anything . Kali comes with all necessary tools pre-installed anyway 🙂

how can i delete every thing i have installed

bcause now i have ubuntu kali and other on my computer

Go to Control Panel and delete it from there

👋 Looks like the whois entry for the domain used in https://tryhackme.com/r/room/webosint has been updated; The phone number contained is not the once that T2:Q2 is expecting.

Which question causes the problem 🙂 ?

ty for responding. I'll check it out

Gave +1 Rep to @spare mirage (current: #4 - 1998)

on Vulnerability Scanner Overview room task 6, I can not seem to find any high severity vulnerability 😦

https://tryhackme.com/r/room/vulnerabilityscanneroverview

Try to ask here https://discord.com/channels/521382216299839518/522158539129618453 🙂

TY

Yeah but the room tried to get me to do delegations and use those commands in ps, making it a problem

Thanks for the explanation though

Gave +1 Rep to @obsidian flame (current: #214 - 34)

hmm it could also be that the host doesn't have the ps module, so worth giving it a try to import them see if that works

it could be installed on the host but not imported in that user session

I don’t have a computer rn
The picture of Phillip’s ps shows unauthorised error though so it probably has the module

This

I’m sorry about the eyesore

no worries, what i am saying is to run as administrator, input Philip's credentials then run the module. I don't think you can run that module without your session being an elevated one. run as administrator is slightly different than asking you to run the command as the Administrator. would you like me to expand on it or did you get the gist

You will be able to upload images after you verify . Follow instructions from the link below 🙂

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

yes I know but I don't want to link this discord account to my tryhackme account I had created a discord account for that but alas you have to check your phone number to be able to talk so I'm going to use this account to talk on the discord but I don't want to link it to my tryhackme account.

I get it now. Probably would work

What's the problem in Task 5 ?

In fact there is no problem I'm an idiot

You're confusing me buddy 😄 . Open up the file the Task tells you to open . First line will tell you the log rotation frequency , 2nd line should tell you number of rotations . I can fire up the VM and provide with a screenshot if you need to 🙂

Yes it's ok I just understood I thought it was linked to an error but not at all it was just me

So , everything is ok now 🙂 ? Have you found the answer 🙂 ?

Yes

Oh ok , my bad then 😅 . Keep up the good work 🙂 .

THanks

Gave +1 Rep to @spare mirage (current: #4 - 2015)

all done

Yeah so this is what I'm talking about

@spare mirage

https://discord.com/channels/521382216299839518/522158539129618453

@spare mirage in the room Content Discovery in the junior penetration tester path Task number 9, the wayback machine url has changed since the last incident on internet archive, but the task still wants the old url.

Link is provided in Task text 🙂

Just copy that to answer box

oh sorry my bad

yeah i figured it out prom the new link on the website

Yes , when you click it will redirect to new one , but you can answer the question by copying the link provided in the Task 🙂

thank you ❤️

Anytime buddy 🙂

Hi, experiencing automatic VM termination (not attack box) (within 10- 15 minutes of deployment) multiple times. Room - windows incident surface

Additionally the Dashboard counter Continues but RDP fails, also the RDP screen shows shut down screen.

And for that reason reconnection also fails.

I also had this happen twice last night. I was working on the silver platter room when it happened.

Hi,
Could anyone help me with my copying issue?
I use THM attack machine for all my tasks but a lot of times I can’t copy data/text from the attack machine to my host(mac). It’s really hard & non productive to type out file hashes 🥺

I’m new to this all, kindly help me.
Example room - Wireshark: The Basics

Check this post by @novel carbon 🙂

https://cdn.discordapp.com/attachments/521771811768107008/1313628477307617401/clipboard.gif?ex=6786381b&is=6784e69b&hm=28bfc76b21f129fb56554b4fe397ffaa6a590ef9d5ec47bdd1a78b6f967f122c&

SUPER!!! Thanks KGB!

Don't say thanks to me , say thanks to @novel carbon 😄

Gave +1 Rep to @novel carbon (current: #19 - 502)

for threat actors, attribution is often difficult
but for that GIF, attribution is straightforward: it comes from Jabba and is one of the Pinned Messages in #general
#general message
🙃

Oh my bad then 😄 . But I am still thankful to you and Jabba 😄 .

Gave +1 Rep to @novel carbon (current: #19 - 503)

not sure if this is a room bug but the challenge room called grep seems to be bugging out. This url is supposed to display like it does in the walkthrough https://grep.thm/public/html/upload.php but it does not. Rather it just stays blank. Walkthrough timestamp: https://www.youtube.com/watch?v=C7y6dr0kQAg 8:06 . I have exact same url but I just get a blank page.

i was doing the "File Inclusion", on the 5th task, first question. i copy pasted a "wrong" (according to what i was getting "File Content Preview of ../../../../etc/passwd0x00") answer but it accepted it. idk how to explain it better without screenshots but i was not seeing /etc/passwd/ with the answer i gave lol

Hi,
I think that the Aurora EDR room is currently not working correctly. When i try to run the batch script to spawn the events, I get multiple errors and none of the events i need to complete the room. Checked videos for method and i end up with another result. Could i get some help with this please?

Yes mate

You can get all the best guide you would be in need
@ocean quest

Try to use URL-encoded payload %00 instead of that hex one 🙂

I also tried that

and /.

or maybe i did it wrong, w/e lol

Okay

I think I can get you something else

Can you provide a screenshot 🙂 ?

Yes I can help you out…kindly DM

Task 2: Question 2

I got the right answer , make sure that you remove the country code before the phone number +1 in this case 😄

https://tryhackme.com/r/room/whatisnetworking

hi the view site button doesnt work

Failed to load resource: the server responded with a status of 429 ()

Which task, they all work for me, tried different browser, disable extentions?

Identifying Devices on a Network and Ping

They work for myself.

I'm using Firefox

lemme check diff browsers and dis extensions laso

also*

Do you have av blocking?

checked an acc with no extensions didnt work
checkd with edge browser didnt wrk
but with firefox it works

was using chrome browser

guess now llbe usin firefox)

thx for help

Hello Team

I have issue with room the machin is not starting

https://tryhackme.com/r/room/summit

Click on the link under Connection Details paragraph in Task 1

you mean on this one

https://10-10-158-149.p.thmlabs.com

Yes but be aware that it can take up to 15min for the machine to fully boot up 😄

504 Gateway Time-out

Yes , that's ok , leave it running for 10-15min then refresh the page 🙂

If the machine still doesn't start after 15min terminate that instance and start a new one 🙂

same issue

Are you trying to load this URL in the attackbox?

i just open the link

the machine did not started

So what populated the IP?

I cliked on start machine an did not pop up nothing

Green start machine button, and NOT the attackbox?

yes

maybe I need to open the vpn

Don’t you see in the left you have to wait for a bit.

nothing

I cannot attach the screen shots hear ?

You need to verify first.
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

You don't need to use VPN for this room

I tried different Browsers same issue

Share the screenshots if you can

In dm

You can verify to upload screenshots directly to Discord 🙂

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

I open in Edge

now I am doing the task

CI/CD and Build Security room isn't feasible with information given.
Do you know if an update will be carried out ?

What do you mean?

https://tryhackme.com/r/room/cryptographyintro
Noticed this old info in the 2nd task, also not sure if its completely accurate
https://csrc.nist.gov/news/2023/nist-to-withdraw-sp-800-67-rev-2

https://tryhackme.com/r/room/catregex

task 5 the answer on github wont even fit.

so i am incapable of completing the room

Match all lines that start with $, followed by any single digit,
followed by $, followed by one or more non-whitespace characters

^$\d$\S+

I did too now 🙏
The numbers were different yesterday (!?) - I had copy-pasted, so not just 🤪
😅 🤷‍♂️

Is everything ok now 🙂 ?

Hello everyone,
i currently try to solve the Lab Work in the "Incident Respone Fundamentals". Unfortunately the task site doesn't load in the wright way. Can somebody please help me?
Thanks 🙂

is it possible to reset the site?

Can you share the room link?

Sure, https://tryhackme.com/r/room/incidentresponsefundamentals

i only see the Katie Smith Email and nothing else

Maybe your page?

What are you browsing on?

chrome, i will test it in a other browser

ah on firefox it works

Thank you for your quick help 🙂

That's ok

If you click this (Right click) it will open it's own window.

ah i see, thank you for the tip

I think there's a bug in the room Incident Handling with Splunk. I'm in Weaponization Phase, i found the email address but it won't let me input it, there's a character missing in the answer. I've searched online for the answer and it's the same I found, but still it won't let me type it.

Can you provide a room link 🙂 ?

Yep, got it now, TYVM

Hello, I don't know if it is a bug or just I don't understand what I'm supposed to do, but I have a problem with Task 8 Challenge in Networking Secure Protocols on Cyber Security 101 Pathway. I did everything that is mentioned to do, loaded ssl-key.log and nothing changes in Wireshark. I spent about an hour looking at giberish packets. Then I surrendered and check out HINT, which pointed me to packet 366. And I carefully searched for any thm{} flag or password and haven't found. Uploading ssl-key.log whatever it should do - it doesn't

Now it's working as it should, I noticed the difference just after hitting OK this time

.

Hello I need help, I am currently at Linux Fundamentals part 3 of pre security and it seems like my machine won't work, i entered the ip adress of the room but it seems like i cant enter my password for some reason i try typing but it wont type

Hey 👋
You are typiong, you just can't see it:) this is a security mechanism when trying to authenticate in the terminal

Hello everyone I had a question what would yall do when you answer a question hit submit and it gives you an error or the submit bottom won’t work

holla

in cyberlens i first did using vpn got an error so i tried it with attackbox and still the same issue

[] Started reverse TCP handler on 10.10.226.206:4444
[] Uploading the MSI to C:\Users\CYBERL~1\AppData\Local\Temp\1\EkGWFYFXoMKS.msi ...
[] Executing MSI...
[] Exploit completed, but no session was created.

i tried the manual method also using msfvenom but still the same issue

Hello! I am currently at Linux Fundamentals 2 and here I should enter the password "tryhackme", but it always says "permission denied, please try again". How could I solve this?

If you're entering it with quotations, don't.

Also it's case sensitive, so if you're unintentionally capitalizing any letters, don't do that either.

Using the wrong IP.

Thank you. My bad, I used the wrong IP.

idk to report this to #room-bugs or #site-bugs but this color scheme in dark mode makes it hard to read. btw the room is the common attacks room

anyone

You're using RDP or ?

Hello everyone I had a question what would yall do when you answer a question hit submit and it gives you an error or the submit bottom won’t work

It would probably mean that you entered the wrong answer.

But when I hit the submit button wouldn’t it tell me I’m wrong

But your right thank you

hit ctrl + F5 to force refresh and try again

if it does not work after that it is check if the answer is correct

Ok thank you

The method wherein u establish connection using a reversshell command and establishing the connection

Idk the names

I used metasploit for gaining access then msfvenom payload to escalate privs 🙂

i also tried metasploit and did completely with it like how tyler the author of it did

but still i got the same issue

Can you provide a ss ?

ROM bug

here i cant send i think

You can but you will have to verify first 🙂

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

in the room with burp suite : the basics, at the task 7 clicking on the last Burp Suite underlined before the questions, it shows a pop-up not in the right place ^^'

successfully verified thank you

Gave +1 Rep to @spare mirage (current: #3 - 2149)

i have uploaded the ss

Hm , I didn't take this approach . Since this user has Install Elevated privilege I used msfvenom to generate .msi add user payload . Then I transfered it on target and run it .

that also i did

i will see if i have ss

i dont have the ss of output

but the reciever was not able to recieve

both had same port numbers also

No , I haven't used rev shell payload , I used widnows/adduser payload to generate a .msi executable since we already have Install elevated priv as Cyberlens user

ok

i saw in many writeups and videos they had refered this method so i used this

Of course , there're probably many ways to solve this room , but I haven't tried those so I can't confirm 😄

ok

i thought there might some issue with the room

so i raised it here

thank you @spare mirage

Gave +1 Rep to @spare mirage (current: #3 - 2150)