#room-bugs

good luck! also just a general tip, maybe default to the room-hints or room-help for a while, sometimes things that seem buggy are intentional!

(also ensure you read the entire documentation in case you miss a step and look like a goose )

Ok, thanks for the tips, yes, pretty new to THM. I found that sometimes you need to type singular/plural correctly to get it right, things to pay attention to.

got it now 🙂

this depends on the answer tolerance really. if your answer is 90% correct it will accept it

https://tryhackme.com/room/vulnnet1 - The person who finished first - Zmiller2020 - Doesn't have any flags / tasks completed on the scoreboard

@twin bay It's a caching thing. They didn't actually get the blood points -- they were just the tester for that room. The graphs aren't resetting properly

I was wondering how they managed to root the box in 6 minutes 🙂

Hello, I had a problem in blue room , I found all flags but when i submit them it says they are wrong

any suggestions?

Screenshot?

sure

You need to verify to post images btw

!docs verify

the flag is in the screenshot

can i share it?

considering it doesn't work its probably not correct, so maybe spoiler it and share it 🙂

Yes, we can delete it after 🙂

ok

!docs verify

Follow the steps in that link ^

well, you are correct you need to copy the flag{} parts too

(most CTF's and flags on THM will have similar structures)

I tried wwith {

Use the TryHackMe answer formatting as a hint on how your answer should look.

Symbols will show up in the answer format.

i tried with spaces too

Look at the answer format.

Remove your answer.

It should say "Answer format: [symbols]"

Got it

thanks 🙂

Happy hacking!

I think this room is bugged https://tryhackme.com/room/uploadvulns. I'm on Task 11 I tried accessing my uploaded payload through the ||admin|| page and it always returns "Module not found", despite going back one directory level ../dir/file.extension

https://tryhackme.com/room/uploadvulns this machine worked fine few hours ago, now it crashes instantly or almost instantly once you start running a gobuster attack on it, even with 2 threads or something pitiful like that. Few hours ago it could handle 200 threads just fine

I have rebooted that machine 4 times now, to no avail. Reconnected to THM network via Openvpn, cleaned my host file 4 times, nothing is running except openvpn and gobuster. No burpsuite, no proxy no nothing

hey, I think there https://tryhackme.com/room/linuxprivesc in "Weak File Permissions - Readable /etc/shadow " is a problem. Root user password *321 cracked by john and accepted pass is different *123

Refreshed?

yes

Okay

Often people report answer tolerance as a room bug

I can show images, can I pm?

oh you mean this is a tollerance..

It's not

But refreshing was a way to check

In "CC: Pen Testing"
One question is for the flag to make a ping scan with nmap.
But "-sP" is not accepted

-sP has been deprecated for years -- how old is your nmap?

v 7.91

Its still in the man page

That's latest. It should be in the man page as an aside saying that older versions of nmap still use this

Googled it. Search in man page of nmap does not show a hit for "-sn".

That is the latest version of the man page

I see. My version is from 2019. Doesnt get man pages update, when using "apt upgrade"? Im confused.

They should get updated, yes

Yes. this one is not in my man pages. Okay, will have to check, why they did not update.
Thanks for your help.

How odd. Np 👍

whut ?

Refresh

Answer tolerance

owo ok ^^

In room "Cyber Scotland 2021 " task #4 doesn't work (used site repairshop.sbrp is not available)
What can i do with that?

Follow the instructions to add the site to your hosts file

https://tryhackme.com/room/attackingkerberos
In the attacking kerberos room, mimikatz gets deleted everytime i start a machine in the room

@twin tapir room go borky

I was doing that during the week

Was working fine

It'll maybe be usable for ~30min to an hour but then disappears from downlaods folder

happened two or three times already

mimikatz will exit and not in downloads folder anymore

That’s usually because you did something defender didn’t like and it turned back on Real Time Protection because #windows

so they hydra part in hackpark
task2 - the command they give you doesnt work and to fix it to make it work you have to change it entirely to where what the room gives you it hurts you more than it helps

I am in remux the termux room i choose wrong answers on purpose but it marks it as correct then refreshing page changing my answers to correct one

Answer tolerance maybe?

How far off the correct response were you?

It's 100% answer tolerance.

https://tryhackme.com/room/bashscripting - Task 5 - previosu project - Should be "previous"

In the powershell room, Task 4 Question "How many ports are listed as listening" the machines says 22 but the correct answer is 20

Works when I remote in

Task 4 Question "What is the path of the scheduled task called new-sched-task?" Answer is \, they want /

[ERROR] ssh protocol error

Receiving this when trying to bruteforce SSH with hydra in room https://tryhackme.com/room/basicpentestingjt

Hello, Can someone help me with a room that i do? The room is Linux Agency

This channel is for reporting bugs with rooms

Fixed. Thank you for reporting. 🙂

https://tryhackme.com/room/bpvolatility - Task 3 - On a normal system the grep statement above should return no output. - No visible grep statement in task or in previous solutions

Learning Linux Part 1 room issue: Start machine button starts the attack box rather then starting the machine. Plus, the attack machine is blocked. Part 2 room is working without issues.

Are you sure?

Didn't start the attackbox for me, just didn't provide the in-browser access like it should

Ok, it did. Just took an extra minute

Weird.. that’s didn’t happen for me

I'd argue the bug here is a site bug - It didn't show the in browser access until I clicked a button along the top

Okay, I’ll try again. Thanks @eternal summit

https://tryhackme.com/room/zer0logon

• Task 3 - On line 9, we supply the the DC_Handle - Only 1 the should be there
• Task 3 - As expected, most of the field nmes -> field names
• Task 3 - about sloting it into the PoC -> slotting
• Task 3 - save you the painsteaking effort -> painstaking
• Task 3 - The hint for the first question refers to Task 2, Figure 3 - Task 2 - Impacket Installation has no figures

@viral cobalt fix it fix it fix it

all has been updated

hi
I am on OWASP Top10
and machine is very slow
when I use a command it lasts 2 min loading and finally cannot laod
then I refresh it loads and executes the command instantly
I don't knopw why it happens I have good connection

What box? There's like 9 in that room

Task 5

but I've done another web-based machine before and it's the same

it's so slow

The in-browser launches in split-view now, instead of above the tasks. This is a fairly recent change that has been implemented. In appearance it launches in a similar way as the AttackBox would. 🙂

Okay, got it. Thanks for letting me know!

You're very welcome. 😎

Yeah, except it's kinda bugged RN and doesn't show up immediately

You gotta click another button first

Is it Learning Linux 1? I will try it and see if I can reproduce the problem.

Yep, I repro'd it a bit ago

I've also pinged skidy somewhere to see if it's intended

Mine worked. That's strange.

So if you've previously exited split view, it doesn't display the VM

Just the button to show split view

Like that

I don't know if that applies to fresh accounts

I'm now adding the AttackBox. It will show the selector at the bottom between the two.

But I'd class this as a bug for this room for sure, seeing as it's confusing if you are expecting a machine to appear.

When you hit the Show Split View, is the instance still deployed, or does it redeploy?

I exited Split View, and it still shows the VM's active machine information.

Yeah, it shows it. I just doesn't provide access

Remember, this is a lot of people's first room with in browser access

So if you need to do something special (click the Show Split View) button, it should be listed.

Beyond the blue button Show Split View ?

What do you mean?

I thought the appearance of the Show Split View button is pretty clear to get back to the split-view.

That's above the video though.

And it's not "getting back" if it never enters split view to start with

it never enters split view if you weren't in split view previously (Eg with the attackbox, or another room)

I click deploy, it does not enter split view.

You'll probably have to video that one 😄 It worked for me. 😄

If I click deploy, it does not enter split view

This is because I previously exited split view on another session/room etc

Okay now I see the issue. It's a room-state problem. Question is how often that would occur.

Enough to cause confusion

It happened to someone earlier, it happened to me

When a room deploys it should reset whatever value determines show split view

It's a deviation from the expected behaviour, and it's something that new users are more likely to hit than experienced users given how often In Browser access to target VMs is used.

That should probably solve it.

Or reset it on terminate.

Waste water valve, or separator valve, cant make up my mind

hint contradicts the task

I am playing startup ctf on tryhackme but when i found suspicious.pcapng and i tried "file " command to check type of content but it shows me empty

I'm in the ccpentesting room, and there's a minor bug in the answer acceptance on gobuster question 5: how to specify username. It allows "-u", when really the arg is "-U", and -u specifies the target url.

same for the next one, regarding password (-P) allowing -p whch is proxy

That's more of a platform bug TBH

Room creators get precisely 0 control over the answer tolerance

ah. So Perhaps not an easy fix, then. I noticed a while ago that answer comparisons seem to be case insensitive, which usually doesn't matter, but this is the first time I've noticed that it's actually meaningful (but again, minor)

In the Attacking ICS Plant #2 (Attacking ICS 2h) Room there is a Hint in the second flag. Specifically, it says "Open the feed pump, the outlet valve and the separator vessel valve while keeping the waste water valve closed." but the task is about letting the oil flow ONLY through the water valve.

The Hint should be corrected to this "Open the feed pump, the outlet valve and the waste water valve while keeping the separator vessel valve closed."

Thanks for catching this. I'll update the hint accordingly.

For the Intro to x86-64 room, the R2 VM has no login information or rdp access

It has login info

Ah.

Yeah sorry I was only looking in the task with the machine

For anyone who had issues with https://tryhackme.com/room/enterprise: We've doubled the resources that it deploys with for all users so it should be much more smoother. We increased the resources before the room was deployed but there was a bug on the back-end where it didn't exactly apply these (:

https://tryhackme.com/room/iosforensics - Task 5 - that we discussed in task 8 - It's safe to assume that someone currently doing Task 5 has yet to reach Task 8.

nmap xmas scan. Free room, free machine, scan takes longer than free availability.

wat

is the pastebin link broken in KaffeeSec - SoMeSINT or am i just doing it wrong?

It should be updated @north gyro you may have to refresh the room /re-deploy the box...but I'm working very closely w/ the creator on this to get it resolved over the next day or so

thanks, just glad I'm not doing the same thing over and over expecting a different result

scratch that, i was just doing it wrong

its fine, just needed to try harder

Ah no worries

sometimes a bit of a fresh air/a break does wonders

Appreciate you reaching out though

Hello, I can't complete the tutorial room at All Rooms. When I press Join Room, it just redirects me to another one that's complete but it doesn't completes this one. https://tryhackme.com/room/tutorial -> not complete
https://tryhackme.com/room/howtousetryhackme -> complete
Joining room of tutorial redirects howtousetryhackme

https://tryhackme.com/room/sysmon -> Configuration preferences will vary depending on what SOC team so prepare to be flexible when monitoring. prepare to be flexible when monitoring. - Duplicated sentence.

It's an experiment we're running at the moment where certain users will land on either one of those two rooms purely on 50/50 basis atm (it's a tiny part of how we're trying to keep users engaged and making the site more approachable for everyone and anyone). If you've completed one of those rooms & are familiar with how things work I wouldn't worry too much (:

In room https://tryhackme.com/room/passwordsecurity Task 5, question 3 are 2 typos

it's haxxor style.. leave it alone 😛

if so why is characters written correctly at the beginning @loud breach

I'm just kidding

Don't worry. Me too

If you could link the completeness of the one to the other would be awesome, or just let us Join both rooms independently. It hurts me a bit seeing that uncompleted.

New users will be signed up to the one that the data/results shows as the most useful but that's good to know @nimble osprey

I think there is a port mistake on this part.
It's work on port 5001. isn't it?
somesint room

@oblique hemlock https://tryhackme.com/room/passwordsecurity - Task 5 - numberOfCharachtersInSet - Characters (Twice)

You spelled it Charachters twice 🙂

Room: HackPark
Task 3

I guess that "undefined" is not intended, right? 🤭

That's probably not so good...

wait how'd i get pinged

-undelete -a

Up to 10 last deleted messages (last hour or 12 hours for premium):

none...

@wheat fractal I saw someone ghostping you but I can't say who because no logs

ahh okay, it's all good.

I can't use the exploit of ||icecast|| in the ice room. I have installed on my host machine(windows) and on my vm kali linux and both don't work and my anti virus turned off. is there a other way to get ||reverce shell||?

Check your firewall. Make sure the VPN is running directly in the kali VM.

There's no other way, because the room is designed to showcase that vulnerability

Oké

spelling mistake in Password Security, ripes should have an 'n' in it

When did you encounter the word ripes, did you encounter this in the room today?

today

sorry hadn't refreshed it since yesterday, guess it got fixed

No worries. I fixed it yesterday. 🙂

I got very stuck on that

But now the room solution has to come fruition 🙂

Hello, simple url mistake on a link in the OWASPTop10 room on task 26, the link is pointing to ".../myprofile." instead of ".../myprofile" if ever you think it is worth fixing as it is a "reward" page

A screenshot describing where would go a long way

Oh ofc that's my section of the room LMAO

lol

A patched box is soon™️ for that ty for the reminder but bare with

Updated -- please refresh (:

np, is it ok if to tell you guys here if there are minor things like these?

Please do (:

Appreciate you taking the time to do so!

okidookee

new room - pyLon, Image seems odd

Also just overall odd wording / grammatical errors

@north gyro I think this is you?

source code is also on your GitHub which Im not sure is an issue or not?

sorry, i know that there was grammatical errors, i just didn't want to change it in case it affected the release, first room you know

ah no, you can change anything about a room at any time: In the queue, ready to be public, or public

the github is fine, I dont think it will lead to any hints though.

but at least you know what youre up against

well someone has solved it, did i expect anyone else to be the first, no

https://tryhackme.com/room/pylonzf has been made private and locked for the time being. Working w/ the creator to get this out back into the public ASAP (: If you catch wind of people having the "This room has been locked" this is why. Apologies for the inconvenience this causes.

minor thing in somesint, task 3:
Here is a guide on google dorking does not link anywhere

Well, if you can just change it after its been approved, that's kinda asking for trouble, if you ask me

Yeah, but you'll get complained at if you break stuff

It's rude to not ask the tester if it's public though smh

At least with you it's always the testers telling you to fix stuff

After a room is submitted to the test queue, it is advisable to coordinate any suggested changes with the assigned Room Tester/Lead Room Tester. Same goes for after a room is released and made public. Collaboration is valuable. 🙂

Again, if you break stuff we'll complain at you and try to get it fixed

or in some cases, the room will just be made private till it's fixed

Thanks, that's why I didn't change it

You're welcome. Thank you for submitting content to TryHackMe. 🙂

can room testers see changes? sort of like a version control type thing?

Unfortunately no

Not yet, it's on my wishlist. 😄

Phrasing mistake on OWASPTop10 Task 30; See yellow marker

Fixed. Thank you for reporting. 🙂

ISO27001 room
Grammatical issue

That's a private room atm

They're recently trying to fix it up

it came up when i went to learn

is that a bug

It was set to public quietly the other day 🙂

from intro to research

that switch is for saving a file not opening one

Task 12 in room https://tryhackme.com/room/wireshark instructions are outdated. Latest version of Wireshark isn't showing SSL on its list of Protocols, instead you can now find the RSA setting on the TLS

I'm using the Wireshark on Kali 2021.1 btw

Is it?

Not in the Kali version it ain't

Room: Game Zone
Task 3.

I think is missing a to from there 🤭

https://tryhackme.com/room/hardeningbasicspart2 - Task 2 - Yey/Ney - GPG is based off of the OpenGPG standard - It's based off OpenPGP, not OpenGPG - But Yey is the expected answer.

This is further shown in Task 3 when they say This is where GPG comes in. GPG is actually directly based off of the OpenPGP standard.

Guys I just wanted to say the room Internal is broken... something is wrong with it.... you can't access the WP Login for example

I woud send screens but I can't for some reason

It's not broken

3 hours wasted... whatever

You probably just need to add something to /etc/hosts

!docs verify

Follow that link to be able to post images.

Did you read this?

omg lol

ahhhhhhhhh ffs i didn't

well now i feel stupid and that cost me 3 hours so ..... yay

https://tenor.com/view/facepalm-really-stressed-mad-angry-gif-16109475

Always read the instructions 🙂

lmao

ok well thanks for the help

Np! Happy hacking 😄

🙂

https://tryhackme.com/room/attackingics2
||flag1 available before performing task||

https://tryhackme.com/room/hardeningbasicspart2 - Task 14 (Intro) and Task 2 (Quiz) are swapped around - Task 2 should probably be between Task 12 and 13

there is a bug in the room i am in

Which one?

network services

enumerating ftp

Why do you think there's a bug?

asks how many ports are open and there is only 1 open

Scan again after like 5-10 minutes.

ive already scanned like twice

...

this shouldnt be happening

There is FTP and HTTP running, HTTP just takes a while to start

that shouldnt be happening

It's a known issue. It's not a big problem, and I also told you the fix for it yesterday I'm 90% sure.

i know that, but still how am i suppose to learn properly when the boxes i am attacking aren't even giving me the correct info?

They are. It just takes time to boot.

This is a known issue.

ok, as long as its known

and they are working on it

thanks

It's an incredibly minor issue, that's been known about for a long time. It's unlikely to get fixed.

@eternal summit gotcha, thanks man

ey guys, any idea?

im unable to se the website

Did you start Django? also I think this belongs in #room-help

yes I did

they say "It might take around 3 minutes to boot properly"

and doesn't work

I'm guessing you probably need to build the webapp in Django to gain access to it, not sure. Someone who's done that room can probably help you in #room-help

i will ask there, thank you so much

https://tryhackme.com/room/tmuxremux
This room has tons of grammatical errors and a few spelling errors. They aren't major but they make the room harder to understand than it should be.
Since there's so much text I've put my corrections in a pastebin file. I only got through Task 2, I can fix the rest of the room if needed.
https://pastebin.com/trLdUCTU

Minor typo in johntheripper0 room. Task 6 "there is a change" should be "chance"

Fixed. Thank you for reporting. 😎

no prob. I'm amazed how fast you guys are

The problem is here: -oN flag specifies the file you write to, but you put the IP

It sees the IP as the name of the file

Room: Pen Testing
Task 16

Hehe, it doesn't look like it is case sensitive 🤭

Hmm must be answer tolerance

yeah, I figure that this is needed but mentioning "Case sensitive" has nothing to do with the answer, in this case. I thought the answer was intended to be case sensitive 🤭 that's why I reported it

Hi guys, I'm having problems in Enterprise... can someone help?

This channel is for reporting bugs with rooms, not for asking for help.

Hey,

In room: "Google Dorking"
(https://tryhackme.com/room/googledorking)

The Website "ablog.com" is down.

Its only a Bug-Report 🙂

Where is that referenced?

Task 4 - First Question ("Where would "robots.txt" be located on the domain "ablog.com")

I don't think you're meant to interact with the site.

It doesn't tell you to, it's applying theory

Yeahr, its only little bit thinking 😄 - Thy for help

I am trying to do a gobuster scan in https://tryhackme.com/room/rrootme but at the start I did the scan with too much threds so it crashed so I terminated this and tried to lower more and more the number of threds and every time it crashed I tried 5 and it crashed. what am I doing wrong?

I don't know whether to report this..
I'm doing metasploit room rn ...while looking for write-up provided by @Mr.Holmes#3066 it redirects to dashboard ...just want to clarify whether it's intended or mistakenly submitted ...

That was part of a CTF IIRC

To me?

Who else?

The title looks like a CTF flag, correct?

Yes

Exactly.

So it is not a problem ryt

@fossil relic Can I delete those now?

Which ones?

Oh that

IIRC Dark said he deleted them after the event

no idea how they are still there.

Gone now 🤷‍♂️

Room: networkservices2
Task: 6
accepts wrong answer

That's answer tolerance, refresh and it will give you the correct answer

strange, shouldn't it give an error saying wrong answer ?

No -- it's there to make sure you don't type out very long answers, make a typo, then have to do the whole thing again

cool, thanks

@hazy tiger Hey, just did your History of Malware room, all good, except "PERVADE" becomes "PREVADE" in the last paragraph and question of the ANIMAL section

Sorry? I'm not sure I understand what you mean 😄

it's a typo is all, the R and E have swapped order 🙂

Whoops! Good spot 😁 Refresh and they should be updated, thanks :D

Yup, all fixed 🙂 my day job means I spot all of those little things.

Hello people I have a problem, my good answers are not counting at all 😄 my dashboard showing 0 answers today.

#site-bugs as that's a site issue

Thanks

@north gyro Grammatical discrepancies with the room information at the top.

Being able to analyse a file and determine its contents is important, once you extract the hidden file in the image there is further work to do.``` Has run-on sentences. 

Something like this reads better.
```This room contains steganography and may be difficult. If you are finding it difficult to overcome, read the hint for flag 1.

Being able to analyse a file and determine its contents is important. Once you extract the hidden file in the image, there will be further work to do.```

noted, and reflected, thanks

<3

Room: John The Ripper
Task: 11
Instructs to use python3 to run ssh2john.py python3 /opt/john/ssh2john.py This throws an error with missing python modules.
python /opt/john/ssh2john.py However utilising python 2.7 instead works as intended

any known issues with 'what the shell'? room is just spinning when I try and load the page. thanks

@weary veldt that's a problem with your antivirus. Add an exclusion for the tryhackme.com domain

Hi guys
Is there any known problem for the room "Mal: Malware Introductory"?
I've logged in over RDP and I'm in the task folder (damn slow...) but when I look in the properties it shows no MD5 hash as it should
In a picture there are 3 hashes and I got none

Hey hey! Wireshark 101 room - task 5 is saying to continue to task 5 not task 6 🙂

The HackPark room is blocked at this stage...keeping this loading state eternally

#room-bugs #room-help

Can anybody fix the broken room?

#site-support Room linux fundamentals 2 task 11 completely bugged

wat

I did what i needed to do, set the variable, but i can't execute shiba2 still

#room-help
The room is not broken

I think it is, but if it is not I'll accept it

Maybe it is some problem in regard to the room + webattack?

It is not broken.

If you would like help with it, please use #room-help
Otherwise, provide some evidence that it's broken here.

I'll do, i even ran the command in the hint, but nothing

Shiba2 won't execute

Screenshots. But seriously, the room isn't broken. Please move to #room-help if you'd like help.

I re-did the same procedure, but now it worked

You can break the binary if you run a command that ends in >> $USER

Ah, i see

Thanks you, thm staff the best & most prepared. Is there a badge for the "premium" users? my levels aren't counting up in discord too

Re-verify with the bot

I'm not THM staff, just a discord moderator

It's okay. I'll re-verify then

In "corp" I am unable to log into the Administrator account using the password. I got the second to last answer right that asks for the password so it should be correct. Im trying to login like I did for the other account for task 3 which worked.

It's expired but you can definitely log in.

I checked the guide and tried copy pasting the command (subbing in the target ip) but its not working and Ive tried multiple times to login, copy pasting the password and typing the password.

Some RDP clients don't work well with it

It worked for the login for the earlier question

Its also the RDP client suggested by the attached writeup and pre installed on the attack box.

If you have a windows install anywhere, try the real MS rdp client

Same issue, can login as the other account but not the administrator

Just “almost” finished this Room. Docker method worked perfect on my Kali VM. And I will try to use OpenVas more now to test as Nessus is not working good on my machine (takes forever to load plugins)

But I could not finish the room because first question on Task 7 is not accepting my answers. Funny because it accepted the scan end time which is right under the scan start time... any tips on why?

Oops forget about. Just noticed I was missing the comma. Rubber ducky effect. Tell someone your problem and then you find right away 🤣🤣

thanks, will give it a try. strange it's just the one room though

Hi, my room pyLon is suffering an issue that i think is related to lack of resources for free users, but i cannot confirm it, is someone able to DM me in regards to this?

It's because of the plaintext payloads in the room, iirc. Wreath is the same.

VM in room https://tryhackme.com/room/relevant crashes while I'm doing directory search using gobuster, happened 3 times already

@somber vessel that might be intended? I’m not sure

boop CMN or get access to #creators-lounge and ask there

thanks its done, turns out the problem was the vm, not the resources

Room: Network Services - Task 9. Question-1: How many ports are open on the target machine?. Issue: I found that the answer is ||2|| but my scan says it's not true

Wait like 10 minutes

It'll open another port.

Solved. Thanks!

In Network Services 2, Task 6, answer 9, the suggested .txt file is not under the listed file path on the Attackbox. The file path should be "/usr/share/wordlists/SecLists/Usernames"

@dusky junco ^ seclists on the AB

Epic

No it's something you should fix lmao

Oh i know 😛

oh

Does anyone knows if the HackPark room will be available again? I notice that it's still looping in a loading state.

Skidy is aware

it's a bug.

https://tryhackme.com/room/rpmetasploit, task 7, says autorout instead of autoroute after solving?
||run autorout -s 172.18.1.0/24 -n 255.255.255.0||

Refresh

that solved it, thanks!

https://tryhackme.com/room/howwebsiteswork Task 1: The question "What term describes the way your browser renders a website?" is misleading. Suggestion: For a website request, which part does render the page?

https://tryhackme.com/room/malresearching - Task 4 - I've written more about how malware detects it is in a virtual environment and the possible routes it can take to escape on my blog. - The link takes you to https://oldblog.cmnatic.co.uk/posts/so-you-want-to-analyse-malware/ which is a 404 page (I suspect it should take you to blog, not oldblog)

https://www.tryhackme.com/room/easyctf - Task 5 - I'm unable to run the Python command, it doesn't work, after 2 hours of searching, i've look at the writeups and made the exact same manipulations and i keep having the same message File

I'm running from the attack box

here is the message, unable to go further than this even with python 2 or 3

"46635.py", line 25
print "[+] Specify an url target"
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?

python3 won't give that error

what error are you getting when using python3?

@sonic willow root@ip-10-10-125-37:~# python3 46635.py -u http://10.10.56.192/simple --crack -w /usr/share/wordlists/rockyou.txt

File "46635.py", line 25
print "[+] Specify an url target"
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?

the .py exploit i got it from the internet and from kali too

okay let's move over to #room-help, this isn't a bug with the room

asking this for a friend: he's doing the nmap room and he keeps getting ports filtered especially on FTP. I try myself and I don't get this, I get the expected outcome. Any reason why his nmap scan is not working?
He's connected to VPN etc

VM dies after an hour. It's a known issue.

Thanks

If he extended the room it would be okay?

@eternal summit He did restart the room and it still wasn't working though?

No.

I'm not gonna troubleshoot via a game of telephone like this, but filtered means it isn't getting any response at all which is bad

Okay, but I just found it weird how I launched the room up myself and it worked straight away. He restarted the room and ran the same command and it is filtered. Very strange I thought

https://tryhackme.com/room/bof1 - Task 8 - With the sample python code, the closing " should be after the closing bracket - Not after the entire statement

Thanks!

https://tryhackme.com/room/yara
In Task 9 the Loki tool has to be used to can a file for vulnerability. Tried using the tool that is present in the VM that is provided in the question and something does not seem right. The tool throws errors

Tried running command with sudo as well. But still getting the same error

eh it’s just complaining about one line in a file it should be fine

the virtual machine in metasploit room (Windows Fundamentals module) is down

https://tryhackme.com/room/rpmetasploit

also the blue room

https://tryhackme.com/room/blue

is it in maintenance?

out of service for any reason?

Room machines can't be down as they're not shared.
@lucid oasis people seem to have trouble deploying these VMs atm.

yesterday this VM worked

today is different

I just pinged skidy, I'm sure he'll look into it when he can

ty 😄

Thanks for the ping, I think I know why - just passed this onto Ashu - looking into it now

Hey, can you explain the problem a little more? Do machines shutdown, or are they not deploying at all for you?

hi @lucid oasis 😄

People have been reporting that they don't get an IP

it show this message but it doesnt start

It displays 'starting machine' then just nothing

Yep

its the only module that it happens I think

I've tried networking fundamentals and is all good

Do you know if it happens on the furthernmap room?

no it doesn't

it works in nmap

should be ok now

let me know if they're any issues

Hi guys, the hackpark room, it keeps loading and it is part of learn path
never finishes loading

https://tryhackme.com/room/hackpark

ty very much 😄

Hi, I found the last room flag "intro to x86-64", but when I try to put it in the replies it won't accept it. I also looked at a write-up that solved this room, because I thought I was wrong, but it solves it the same way. Can anyone help me?

You have to do something with the last flag and you will get the right answer

@topaz thorn ok, now it tell me Correct Password

but still, what i need to enter on the field

ok I'm stupid sorry

It works

Not at all took me a while to realise as well what I did wrong with that room

thank you, I needed to carefully re-watch the assembly code to understand the what I was doing wrong, it was a little frustrating but quite a lot of fun. I know that that's beginner stuff, but I had to start somewhere🙃 🙃

There has come new statistics regarding room yara, task 11 Valhalla, in the cyber defense learning path. the latest month overrules the intended month

The link #2 in task 4 in room "Intro to ISAC" to a list of member isacs is broken. it should be https://www.nationalisacs.org/member-isacs-3

2nd link (https://oldblog.cmnatic.co.uk/posts/so-you-want-to-analyse-malware/) in task 4 in room https://tryhackme.com/room/malresearching return a 404 error

Fixed ty cc @twin bay

@wheat fractal please don't post accepted answers. ls -lah list with hidden files.

sry, my bad. And thank you very much! @eternal summit

VM in https://tryhackme.com/room/blaster does not have search history to answer one of the questions

what

Not really a bug but https://tryhackme.com/room/linux1 seems to be missing [Section 1: Using SSH] or something like that. Planning to use this in a ethical hacking class this summer with some student new to linux and this would def confuse them.

It has In-browser access

You get a shell side by side in the room

Hi @twin tapir, just done the wireshark room, and in Task 12 (HTTPS Traffic) the text says: "In order to load an RSA key navigate to Edit > Preferences > Protocols > SSL > [+], you will need to fill in the various sections on the menu with the following preferences".

it would seem that in Wireshark 3.4.4 (Latest version, was Pre-installed on my Kali) the workflow is different, and there is no SSL under the Protocols list. You can instead follow the same instructions, but enter the details in the "TLS" section of the Protocols.
e.g. "In some versions SSL is not in this list so we look for TLS instead, Edit > Preferences > Protocols > TLS > [+], you will need to fill in the various sections on the menu with the following preferences"

No SSL

It's kinda buggy: if you've fullscreened the attackbox from split screen before then it doesn't show up and you need to click a button along the top @rich cloak

Wireshark calls the protocol different things in different versions. If it was changed, you would get the other half of people complaining that they can't find it because it's under the wrong name.

would it be worth putting something in to say that?

Maybe. That's up to Cry.

Fair 🙂

yup, found it. thanks.

HackPark is working fine again. Thank's for repairing it!

There is a bug in CC Pentesting when you come to use meteaploit against the machine. The machine that's deployed is not listening on any ports and metaploit fails.

I spent some time thinking it was my metasploit but I have now successfully it against another machine, so I'm confident there is something wrong with that machine.

yes there is bug when we use metasploit exploit against the machine . i can't create the session.

I suggest moving on. You don't need to have completed this step to do the rest of the room. I just wish I could mark the room as complete.

The part after . is it intended?

I mean, it does not make much sense

It's working

That's good news!!

Thanks. Nice to get that one completed.

That room is private

On this room: https://tryhackme.com/room/hackermethodology the link to nmap room (on Enumeration and Scanning Overview section) redirect to an error 404, i think i should link to https://tryhackme.com/room/furthernmap

Fixed! Nice catch! Thanks!

Hello, I am trying to join wreath room. I am not premium but apparently I should be able to access it with a 7 day streak?
I have a 7 day streak as you can see on the screenshot

There's something up with the streaks just now @tidal path. Check your profile page? I suspect it'll tell you 6 days

Yeah -- TL;DR: the one at the top is one day ahead

Is there something wrong with the WebAppSec 101 room? When i start the machine the web server doesn't launch..
Tried to reset it without any luck. Port scan with nMap only reveals port 111 open.

I know that 99% of the time, it is not a bug in the room but now I am pretty confused about this room.

Room: Brainstorm
First task.

I have run Threader3000 and nmap and I get 3 ports open. Apparently, this is not the answer. I am this dumb? What I am doing so wrong that I am only finding 3 ports?

I even got the root flag but I can't get over this question 😄

Perhaps the room had services running in the past that is no longer running? Or that the answer simply is just set wrong..

Yeah, I'm thinking about that too. That's why I am here 🤭 I suppose this is a bug

According to writeups it shouldnt be more than these three.
It was easy to guess the answer though, even though that shouldnt be neccessary :p

try

nmap -Pn -sV -T4 IP

I think it should be a picture in the background

Which room are you attempting to find?

https://tryhackme.com/room/privescplayground

Are you on about the linux privesc room?

Never seen that one before

Try /linuxprivesc

i have that room as well

does this mean the other room has been removed ?

It looks like it, let me double check for you.

okay

Yeah, that one looks like it is gone. There's also a second alternative: /linuxprivescarena

yeah i hv both of them

how do i quit the room if its removed ?

Green Options button > Leave 🙂

no i meant the one thats removed

all i see is that not found message

i also hv some rooms that i joined months ago and found out they arent free anymore, i cant quit them as well (there is no button)

I think you can't leave a removed room, but there's no harm of it showing up in My rooms.

By the way, there's also: https://tryhackme.com/room/commonlinuxprivesc

alrightt ill check it out

You'll be able to do it with some fancy burpsuite/console JS

There might even be something for it in #site-support

oh yeah ill give that a try as well, thank you

Hello, I'm on room kafeesec , on task4, I have installed spiderfoot, but when trying a new scan I'm getting "Invalid target type" . I'm running kali linux just upgraded. Is this a known bug?

My bad, looks like the scan target needs to be set using quotes

#resources i believe.

In the room linuxmodules, on that's what she sed, the titles ("The purple gang" and "The green gang") are mixed up. NOT A BUG I guess, but a bit confusing

Mixed up in what sense?

The purple gang has modes s and y

Shouldn't the green gang have those?

Oh, I getcha

Sorry -- was looking at the actual colours

Yep. @dusky junco

Hi - Currently completing OWASP-Juice-Shop, and I'm not able to complete Task 6, Q3, remove 5* review, but when I complete the steps and get onto the page, I'm not able to see any 5*, ony 4 and below.

I've terminated the box twice, but it appears the same. At this moment, I'm not able to complete Juice-Shop

Yeaa, u r right... I wonder why I didn't noti ced that earlier? nvm, it's fixed. Thx for letting know ❤️

hi i have some problems with this room Memory Forensics when im tried to download the file i get failed i repeated 3 times get 300mb and i get failed

Do you have space on your harddrive for the file?

yeah

i have 45 go

Have you tried using a download manager for downloading it?

i dont have it

The issue might be your browser from which your downloading it from..?

Try using a download manager (you can just search on Google for one)

yeah i know it but im using linux right now

thanks bty, i will try again

There are download managers for Linux..... @coral shell

i didn't know, good

Somewhere between a bug and feedback: my VM for this room on the Complete Beginner path is suuuuuuper slow https://tryhackme.com/room/intro2windows

I've had periods where it seems unresponsive for a few minutes. Part of it requires setting up some users and then logging in and testing stuff, but it takes several minutes to get through the login flow. Looking at the task manager from the admin account in my RDP session, it's constantly sitting at 99% CPU and roughly 95% memory. I think the VM might just be spec'd too low? (I'm RDPing at 1024x768 resolution, if that's relevant)

(It also says "Windows License is expired" in the corner, IDK if that's relevant tho)

@tropic flame the room Kenobi doesn't work for me at all. I've been trying to work through it, and nothing I do works like the writeups I've read. help..?

That's the bot

Try #room-help

Thanks for reporting -- I've jottted this down to take a look at!

Hey. "OWASP-Juice-Shop, Task 7, Perform a persistent XSS!" Doesn't return the flag for me
EDIT: It worked, I had alert('xss') instead of alert(xss)

In room/volatility, when I submit correct answer to this question, it doesnt accept it and says incorrect.
What process can be considered suspicious in Case 001?
I'm unable to complete the room. Just that one question remaining. Please help.

that room isnt even out yet

what

i didnt even see how many days old that room was

but anyway, can you help with that issue? i can dm you what I think is the correct answer and you can let me know? @twin tapir

Hi! It's not exactly a bug but it could save you some bandwidth/traffic fee. In this room: https://tryhackme.com/room/networkservices2 the Task 6 Enumerating SMTP
recommends to use: /usr/share/seclists/Usernames,
but in your attack box image it is here: /usr/share/wordlists/SecLists/Usernames
I guess many folks will just clone / download the git repo instead of using this local copy. I would modify the description.

Yeah, except the path provided is where it is installed in Kali

the attackbox should ideally be changed to match up cc @dusky junco

Hi

I think the VM of Attacktive directory is bugged

I did it yesterday and nmap showed the service of the VM

with open ports

I did it this morning too and it cant describe the service and the open ports changed

today

The VM won't have changed, most likely. Did you deploy a fresh machine? Using the IP you had before?

-sV and -A are redundant, -A does -sC -sV -O

this was yesterday

Yes I did

I tried too but the results are kinda the same

different open ports

Is strange because the service that nmap says is running is Oracle VB not Windows

Looks just fine here

I blame your network

maybe

Certainly not an issue with the room

ok ty for the info 😄

I tried the same as you...

I dont know why its happening this to me

#site-support

The room is working correctly

I am so stupid

I wasn't connected to the VPN

I don't know which device I was trying to hack 🤣

sorry If I was bothering you

https://tryhackme.com/room/sqlilab - Task 9 - The URL does not include the port (5000). Task 10 has this set up correctly (Visibly anyways - The hyperlink location is still incorrect)

https://tryhackme.com/room/brainstorm - it appears on task 1, that the expected answer for the number of open ports is incorrect (should be 3)

agreed -- noted for next push

@everyone

#room-help message

rust room didnt open

its just stuck at this

dont know if it's quite correct place for it

this is correct answer , but it's not "restricting" ipv4 , it's 'forcing' to use ipv4

am i wrong ?

Your choices are 4 or 6

yes

Restricting it to ipv4 means use ipv4 only

ohh i see now

@eternal summit tanks 🙂

What's up with learn rust room? I see multiple people, including me can't load it.

Exact same issue. It actually gives me 2 flags, which are not the right ones

that tag, winpea it should be winPEAS

not sure if the answer is off or if there is something wrong with Volatility, correct answer keeps getting a incorrect

Try a cache refresh

still getting the incorrect

Hol' up

@twin tapir plss help

yeah broken for me too. should be right as it matches the process id

I blame volatility

I blame you

Go fix

yuuusss fixed. sweet sweet green completed. thanks @twin tapir

Anyone else having problems with their AttackBox just shutting down? I've been trying to finish Blue for several hours now because my AttackBox keeps shutting down mid-exploit.

room is good, thanks for the good room Cry

Room : https://www.tryhackme.com/room/uploadvulns
Task : 9
magic.uploadvulns.thm not loading

it loads when i try it @dawn rover did you add it to your hosts file?

yes I did at the start of the room

wait I'll restart my machine and try again

It loads now , God I totally forgot about the hosts file

thanks @left tendon

https://www.tryhackme.com/room/rust can't access this room. It takes forever to load

known issue and have been reported.

any fixes for now?

or any different way of accessing it for now?

they will fix it whenever they can. I have no info regarding that.

Thank you

https://tryhackme.com/room/linuxmodules - Task 12 - Whetheryou're - Should be 2 words

https://tryhackme.com/room/networkservices2 In the intro: "'Learn Linux' room (https://tryhackme.com/room/zthlinux)" The room zthlinux is made private and not accessible

@obsidian kiln fixitfixit

Or wait

Maybe don't, I don't know what CMN is doing lately

Fixed. Thank you for reporting. 🙂

https://tryhackme.com/room/networkservices2 task 4. the +s should be +sx, otherwise the task fails!

i don't see a +s on task 4?

"Now, we're going to add the SUID bit permission to the bash executable we just copied to the share using "sudo chmod +[permission] bash". What letter do we use to set the SUID bit set using chmod?"

the answer to that question is a one letter answer, and it only accepts the s

yet if instead of +s the +sx is used, the assignment works, not if you use only +s

it seems fine to me, the binary should already be executable and hence have the x flag, but i'll spin the room up now and check for you

I think it's to do with setting +s over-rides it being executable (+x) but i'm not 100% the "man ls" page for this is how I worked it out when I was confusing myself with it on a challenge in the past

's'
If the setuid or setgid bit and the corresponding executable bit are both set.

'S'
If the setuid or setgid bit is set but the corresponding executable bit is not set.

yeah i'm not sure what is being asked

The issue is that it was not executable before

Suid does not overwrite the executable permission, suid is an additional digit, you could use chmod 477

Thanks for this, yes. And the room take 's' as the correct answer instead of sx, was the issue over here.

s is correct, if the permissions are correct to start

i've tried the whole thing twice, but it wasn't executable initially, apparently

https://tryhackme.com/room/openvas

Not quite a bug I don't think but when using the attack box for this room, Docker would not start without me running the following commands:

systemctl unmask docker.service
systemctl unmask docker.socket

I can then run the Docker service via "systemctl start docker.service"

Might be worth noting?

I joined the new volatility room when it first came, didn't answer anything; today I can't go in , It says me I have to buy a subscription, but I don't have any, AND the worst thing I even can't leave the room, it just stands in My Rooms

Can someone help?

Its release has been rescheduled. No worries about not being able to leave the room. 🙂

Hey @glad badger is it possible for you to relink that to the split version of zthlinux or even to the module?

I think CMN is doing something about the foundwtional Linux content this week

Oki dokes, good to know

I changed it to the Linux Fundamentals module. Good idea. 🙂 cc @versed jacinth

Dear Team, I'm practicing with this room: https://tryhackme.com/room/wireshark .
-Task 12 HTTPS traffic mentions Packet 11 while the picture is about Packet 36.
-"navigate to Edit > Preferences > Protocols > SSL > [+]" this option is now called TLS in WireShark.

is this room still bugged? https://tryhackme.com/room/csp

for reference, attack 5 and 6 require that the room machine have internet access

(which it doesnt 🙂 )

I tried a week or so ago, and yes it's broken

@heavy spade my just updated msf6 cannot seems to find anything called socks5

Ooookay, and why do you need to ping an admin for that? @grim harness

Ooh since it was his room, I thought it might make sense to do so. Sorry.

I have a feeling MSF changed the syntax. Try anything that looks like socks_proxy and set it to socks5 in there

Ah, it looks crazy at it is there. I've been doing the https://tryhackme.com/room/rpmetasploit room, and there is the instruction to find socks5

Pictures aren’t representative of text usually.
I’ve swapped this back and forth a solid 5 times now, Ill probably just add a note for both when I get a sec since Wireshark doesn’t know which they want to refer to it as

that's correct yes, they've previously had the socks5 option saying that it will be deprecated soon (when i was doing Throwback it was still there)

but that may be a solid 4 months ago

https://tryhackme.com/room/zthlinux doesnt load for me.

keeps loading

Which room linked to /zthlinux? @hardy jungle

very many thanks! 🙂 I'm sure it will help. I saw this ssl/tls misunderstanding came up in the room-help room.

Learn linux, yes linked to /zthlinux. I was already joined i already know linux so wanted to leave

If you feel like you know Linux, you don't know it at all. (it's my opinion ofc)

Well i think learn linux box just learns you things like cd and cat and ls and all the standard things

sry I got you wrong

hey, for attackingics2, the second flag doesn't seem to work

will try reseting the box

and that somehow worked, probably a glitch in the matrix with the visuals

all of the writeup links are broken:
https://www.tryhackme.com/room/dnsmanipulation

410 is a rare code indeed

Hey, i think the ustoun box needs a resource boost it takes like 40 mins for the intended port to show up (Free users) the service is really slow too, since the Windows machines are up for like an hour or so its gonna make it hell for users to root the machine.
I completed the box last night trying to make the video walkthrough and its making it hell for me and i know a lot of people are stuck too probs because of that so thats why im asking, thanks.

Having a problem in linuxstrengthtraining - the final flag won't get accepted.
There seems to be an extra character after the left curl bracket ({*******} dunno if that'll show in discord).
I've tried brute-forcing that last character, which naturally isn't reflected in the flag within the box, but I've had no luck.

Right curl bracket*

Try now 🙂 I removed the line return from the answer field. Thank you for reporting. 🙂

Thank you!

yes you are right , it takes 40 minutes for the intended port to show

In the yara room the answer to Back to Valhalla, inspect the Info for this rule. Under Statistics what was the highest rule match per month in the last 2 years? (YYYY/M) has to be updated

Room: https://tryhackme.com/room/uploadvulns
Task: 5
Bug: in the screenshot of the gobuster command, the mode "dir" is written without the -m switch (maybe in the previous version was a command?)

Your gobuster is outdated, by quite a long way.

3.0 released in June 2019.

oh wow my bad then, thought so cause I had just installed it, better like this then, no bug

Trying this room. Found a web page with a youtube-video on it, but the video is dead. Is the video needed to get to the next step? https://www.tryhackme.com/room/lianyu

Nope.

Ty

https://tryhackme.com/room/johntheripper0
There is a "typo" (duplicate) in the beginning of Task 3.
"in order to in order to"

Minor typo in room "intro2windows", task 4, under disk cleanup: "just adding up to the computer disk space"

shortly below that, under "command-line tools" it says windows comes with 2, but actually lists 3.

I am having a problem open vulnersity website I just says and error message and I am using openvpn and are a free to play

It doesn't run a webserver on port 80

Follow the instructions in the room

I can try again or else I am gonna show a screenshot off it

https://tryhackme.com/room/allsignspoint2pwnage

aside from the first question in task 1, and task 4, every question is missing a question mark

https://tryhackme.com/room/webappsec101 - Typing test;whoami into the "Password Strength" box as an attempt to complete Task 6 crashes the web server requiring a box restart.

AllSignsPoint2Pwnage is the slowest room on THM I think. Unstable as well.

This box (AllSignsPoint2Pwnage) should be deleted or fixed because it is OMEGA unstable and it dies after 30 min for no fucking reason.

└─$ ssh -i id_rsa kenobi@10.10.78.26                                        1 ⨯
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "id_rsa": bad permissions
kenobi@10.10.78.26's password: 

I can't use the private key in Kenobi

Try chmod 600 id_rsa

Then re-run ssh.

I tried, doesn't work.

Any errors?

┌──(kali㉿kali)-[/mnt/kenobiNFS/tmp]
└─$ sudo chmod 600 id_rsa                                                 130 ⨯
chmod: changing permissions of 'id_rsa': Read-only file system
                                                                                
┌──(kali㉿kali)-[/mnt/kenobiNFS/tmp]
└─$ ssh -i id_rsa kenobi@10.10.78.26                                        1 ⨯
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "id_rsa": bad permissions
kenobi@10.10.78.26's password: 

It stays perm 0644

uhh wut

Have the feeling I'm either really stupid orr...

I can try moving the key out of the mount 2 my desktop?

Oh

Yes, move it to your home machine 😄

Thank God, I am so smart.

Haha, yeah you are!

A performance boost for the room has been requested.

^^ See my previous post. In the meanwhile, try another room. 🙂

If I am doing a room and it asks a question which the answer is a domain name, but the domain name is now different to what the answer is, where would I go to get this fixed/updated?

The current answer to the question is a redirect to a different domain.

is this the splunk room by any chance?

yes

okay, so the usual way is to just put the room name, task and question here and explain what's wrong, but i'll let dark know since i've seen this mentioned a few times

@heavy spade any chance you could update the last question on task 2 in the splunk room please?
https://tryhackme.com/room/bpsplunk
the current answer still works, but it redirects to a new subdomain (community), people have said it's hard to find by googling

Well I wasn't reporting the issue, I was just asking where to report it at.

Also I couldn't find it in Google I guessed from the number of characters.

You were directed to here, which is where you report it

I may have been directed here, but I wasn't reporting it here, I was asking where to report it at.

Yes

I told you to report it here.

but I wasn't reporting it here, I was asking where to report it at.

I understand. But prior to this, you asked in #site-support and you were told to report it here.

#site-support message

You never said to report it here, you didn't specifically use those words, you just linked the channel and talked about bugs and said that usually it's not a bug.

Where would I go to report it?
#roombugs

Hi, in the room https://tryhackme.com/room/catregex there is a mistake with one of the answers
Question: Match every possible IPv4 IP address (use metacharacters and groups)
Answer: (\d{1,3}.){3}\d{1,3}

I actually probe these because regular expression are interesting for me but this doesnt work, I build another synstaxis according theory and it works, not the rigth

So the error was my copy -paste? or is the wrong sintax

this one works too

there are regex tester sits online, if that helps. That's usually what I do when building a regex. you can input various test inputs that should get accepted and rejected

the room actually gives you a online site the explain the hole function

the point here is that i belied that the "rigth" answer is not the rigth answer😅

I am not aware of any issue with 30 min shutdown, never hit when testing but will test again now. Part of the performance issue is with Windows Defender which is part of room ( AV Evasion ). @glad badger thanks for requesting the boost. If it still has issues I will modify the room and remove the console user task and auto login to reduces resources required.

doing the dogs cat room right now and i think theirs a small issue that im not sure if its intended

the log that im getting from LFI is very very very long

The log will be different in each box @late orchid

Depending on what you did to it before getting the LFI

i.e. if you ran a directory fuzz on it, the log will be huge

ahhh my bad i misread one of them and was like was that even me? maybe running dirbuster twice was a bad idea 😆

is the alert also intended? in burp it opens just find but in the browser i get spammed by alerts saying nice and vulnerable as well as a ton of blank ones

In https://tryhackme.com/room/bufferoverflowprep on task 4 (OVERFLOW3 ), the questions are answerable and both EIP and Badchars can be obtained to complete the task, but when I try to go on to get shell I always fail. The payload will not generate with the confirmed badchard.

Hello everyone, I have experienced this for almost 3 days every time I want to play in the GLITCH room, I have tried resetting the machine several times but the results are still the same

https://tryhackme.com/room/dailybugle

Dumping the database in this room didn't work for me. Tried with SQLMap and Joomblah.py, sqlmap said that table '#__users' didn't exist (Also the majority of the "joomla" database couldn't be dumped) and joomblah gave me some error which I didn't save.

@unique wigeon You need to wait for the web application to start. Give it a couple of minutes and the error will go away.

the newest version of metasploit doesn't come with auxiliary/server/socks5 anymore. it has probably been renamed.
room is rpmetasploit

version
Framework: 6.0.39-dev-
Console  : 6.0.39-dev-

search for socks, you should find an auxiliary module for your task :), they removed it quite recently

trying to solve the chocolate factory room now

and it says that on the server their is a missing python library

and in the script the encrypted message is missing the B'' part so theirs a error

@obsidian flame the issue is that the answer required to complete the task doesn't show up anymore, not that I need a module that doesn't exist.
though I could guess the answer with the information provided without actually finding it through the provided command

Ahh gotcha, now sorry for interfering, completed the room ages ago

Solving Bolt room but port 8*** on http don't work and load indefinitely. My vpn is connected

@dusky junco Hey qt can I get you to take a look over the REmux room? There are a LOT of grammatical errors in that one. https://tryhackme.com/room/tmuxremux

Hello guys , I have been stuck in this problem for a while now

when i enter a room and do an nmap scan port 80 shows its open

but when i try to access it on firefox it just keeps loading

@agile void what room is this happening on please? is your browser trying to redirect to https? is there something causing your browser to hang eg. burp?

What room? Every room? Does http://10.10.10.10 load?

in glitch room

yes kind of every room, some rooms work fine tho but most keeps loading

Does http://10.10.10.10 load and show your IP?

let me check

yea yea

it opens

very fast

most of rooms keeps loading then opens but after so much time idk why

Does it also show your VPN IP?

yes it shows it

Ok. Try the MTU fix pinned in #site-support but it's unlikely to help.

sure thanks

Hi, recently I cant connect to THM's machine

ping 10.10.43.126                                                    2 ⨯
PING 10.10.43.126 (10.10.43.126) 56(84) bytes of data.
64 bytes from 10.10.43.126: icmp_seq=1 ttl=63 time=260 ms
64 bytes from 10.10.43.126: icmp_seq=2 ttl=63 time=278 ms
64 bytes from 10.10.43.126: icmp_seq=3 ttl=63 time=265 ms
64 bytes from 10.10.43.126: icmp_seq=4 ttl=63 time=252 ms
64 bytes from 10.10.43.126: icmp_seq=5 ttl=63 time=260 ms
64 bytes from 10.10.43.126: icmp_seq=6 ttl=63 time=249 ms
64 bytes from 10.10.43.126: icmp_seq=7 ttl=63 time=216 ms
64 bytes from 10.10.43.126: icmp_seq=8 ttl=63 time=257 ms
64 bytes from 10.10.43.126: icmp_seq=9 ttl=63 time=239 ms
64 bytes from 10.10.43.126: icmp_seq=10 ttl=63 time=218 ms
64 bytes from 10.10.43.126: icmp_seq=11 ttl=63 time=349 ms
64 bytes from 10.10.43.126: icmp_seq=12 ttl=63 time=260 ms
64 bytes from 10.10.43.126: icmp_seq=13 ttl=63 time=243 ms
64 bytes from 10.10.43.126: icmp_seq=14 ttl=63 time=224 ms
64 bytes from 10.10.43.126: icmp_seq=15 ttl=63 time=283 ms
64 bytes from 10.10.43.126: icmp_seq=16 ttl=63 time=264 ms
64 bytes from 10.10.43.126: icmp_seq=17 ttl=63 time=241 ms
64 bytes from 10.10.43.126: icmp_seq=18 ttl=63 time=225 ms
64 bytes from 10.10.43.126: icmp_seq=19 ttl=63 time=284 ms
64 bytes from 10.10.43.126: icmp_seq=20 ttl=63 time=259 ms
64 bytes from 10.10.43.126: icmp_seq=21 ttl=63 time=240 ms
64 bytes from 10.10.43.126: icmp_seq=22 ttl=63 time=222 ms
64 bytes from 10.10.43.126: icmp_seq=23 ttl=63 time=281 ms

i've tried connecting via ovenvpn also wouldnt help

hey, I have a problem with the "owasp top 10" room at severity 7
the second to last question and the last one, it doesn't want to accept the answers. it doesn't tell me if it's good or not, isn't that normal?

Check your antivirus

@summer hatch Usually it's antivirus blocking it

okey thanks for your answer, I'll deactivate it for the room ^^

What antivirus is it?

Skidy has been working with them to eliminate the false positives

it's the basic antivirus, win def

That's weird

It's good, it's set by deactivating win def , thank you for answering me 🙂

@lucid oasis this one's new, defender getting in the way now. This is probably more of an issue than avg/avast.

Hmm that's interesting 🤔

Corp room admin pw expired and changing it is a nightmare

Can you please define nightmare in terms of the amount of time required?

If you can type the password, like 5 minutes at most? Factoring in getting it wrong a couple times

you have to type the original one in and copy and paste doesn't seem to work on remmina or xfreerdp

yep

even with +clipboard

Typing _QuejVudId6 as the password? It's 11 characters.

yep

The new password requirement can be derived from that: 11 characters, 1 special character, 1 numerical, 3 Uppercase (probably the policy has 1 Uppercase).

alright done

update if anyone needs to change windows password on remote windows machine but no gui net user username * is your friend

With xfreerdp, try adding the /p at the end with no password specified, it should prompt in the CLI.

would that allow me to change it before or after the client connects to the target machine? Clipboard failed when connected to the windows pw reset when you tried to login with the admin pw on the https://tryhackme.com/room/corp machine

Thanks for letting me know:) If you see it happening again, I'll see if I can reach out to remove the false positive.

Minor typo/run-on sentence. Room: activedirectorybasics, task 5. Should be a period between "...to and from each other <.> when attacking an Active Directory..."

STEEL MOUNTAIN ROOM: Anyone try this room lately using the path and tools laid out in the room? The procedure to overwrite the ASCService.exe file on the target w/the .exe file generated by msvenom and start a Netcat rev shell on my machine results in the screen-shot scenario below. With sc query, I can verify I am stopping the service before I execute the listener. When I sc start AdvancedSystemCareService9, it just times out. I have verified msfvenom created the correct .exe file for my tun0 ip and LPORT.

on msfvenom, did you do -f exe or -f exe-service

Hey there-

I used -f exe (I copied the output in the room)

try exe-service

it's designed for unquoted service paths afaik

and as a tip, you can use LHOST=tun0

oh very nice- I will try that- thank you. Else, I will do it manually with a Python script and server, OSCP style;)

or whatever your thm vpn interface happens to be

and generating executables w/ msfvenom is fully in scope, you only have to worry about Meterpreter/msf exploits

yes I tried to rule out Meterpreter ip conflicts as it uses my tun0 to listen on this exploit, also uses my eth0 briefly to setup a server, then it stops the service. But as long as the ports are different, should be able to use the same ip addy right?

in other words, my netcat listener and meterpreter could both use my tun0 at the same time, because they are listening on different ports- am I correct?

yes you can listen on the same interface on two different ports

roger that! thanks again - back at it;)

btw- I am in awe of all your certs!!!! Mega Kudos to you!!💯

got root! that exe-service was totally it! thanks again- perhaps they should update that screen shot in the room?

I can be wrong but I believe that the correct answer for the room hacking with powershell, Basic powershell commands, question 3 "how many cmdlets are installed on the system?", has changed...

On the box I found 6641 which is not the correct answer, I follow my method and then to be sure read a write up and with the method from it I still found 6641 and not the good answer the room requires.

after 15 minutes from boot is normal that port on 1433 on Ustoun room is still closed ? Also this box becomes unreachable after about 1 hour

took about 27 min T_T

potentially needs the licensing fix?

Yep, I'm pretty sure CMN is aware of the licensing

And I can confirm the testing team is aware of the SQL issue

Any issues with the new SSTI room ? Tried accessing the url yesterday couldnt connect, now 7 minutes after boot cant connect either.

Ignore that, im stupid 😄

@sonic willow worth adding a note that / will 404?

yeah i'll stick that on there aha

new WebEnum room is kicking an answer error for WP theme, not sure if it's me or not

I was writing the same.. it's not an error, theme was updated recently, and set this answer 0.1 forward.

AllSignsPoint2Pwnage seems to have something going on, after an hour it kicks you out even if you are a VIP and have 2 hours on the box. Not sure if that's been reported yet, but happened twice in a row.

That indicates that it's thrown its license and need to have it applied again 🙂
It's a known issue

i found that too, decrement the version that you find by 0.1

being nitpicky Thankfully for us, WPScan should say Thankfully for us, nikto

In Linux PrivEsc machine ssh is not working currently, yseterday too it was not working, also many of times the service starts after a delay of 5-6 mins. But right now after a delay of 10 mins also it is not working

Any help with knockd and ufw not working on thw thm machine i uploaded but is working fine on the machine i made

Hey @dusky junco ! Thanks for making the Web Enumeration room.

Quick feedback: Task 4 first sentence refers to Dirbuster, which probably was meant to be Gobuster.

"dir" Mode
Dirbuster has a "dir" mode that allows the user to enumerate website directories.

https://tryhackme.com/room/webenumerationv2

Hey @dusky junco Task 9 Question 2

WPScan says that this theme is out of date, what does it suggest is the number of the latest version?
which is ||2.0|| but it keep saying answer incorrect probably a bug

in the new room https://tryhackme.com/room/webenumerationv2

the room is 108 days old, try previous version till they will add this as hint thanks

Cool anytime man