#pre-security-legacy-path

Hi, I had a doubt regarding the https://tryhackme.com/room/packetsframes Room.

I have a conceptual question here.

In the First Task, there is some information mentioned as follows:

This process is called encapsulation which we discussed in room 3: the OSI model. At this stage, it's safe to assume that when we are talking about anything IP addresses, we are talking about packets. When the encapsulating information is stripped away, we're talking about the frame itself.```

I'm confused regarding the analogies being given.

If we put an envelope within an envelope. wouldn't that be the same as a Network Layer **Packet** inside a Data Link **Frame**?
The analogy seems to mention the opposite.

Secondly - in the last line - it mentions that stripping the encapsulating information away means we're talking about the frame?
Shouldn't that be the packet instead?

generally i think every protocol in different layers has it's information and it adds this is as envlope so when passes lower layers like network layer it will add another envelope

Hey guys i'm on the Windows active directory basics room and i'm blocked on a very simple thing its dumb i know but honestly i don't know what to do when they say i have to connect to an account via RDP.

install remmina
use remmina to connect to ip with default rdp port and credentials
????
profit

So my question is : Do i need to use OpenVPN to connect to the THM.local domain for access to the "philip" account ?

Oh okayyy

well think the attackbox has a few rdp clients you can use to connect too but yeah you are better off using the vpn

on your kali linux vm

yeah i will do that

so little recap: boot my kali vm + install remmina (rdp client i guess) + connect to thm vpn + and then connect via ad credentials

well okay thanks for the help shadow !

yuup that is the path to do it

and no problem

Hi, friends. I am having issues with the "Linux Fundamentals Part 1" room, or rather, with the virtual machine. My username is "root" instead of "TryHackMe" and it seems I have different folders/files to what the room apparently expect me to have. Could someone help me? I am not sure whether I should have done something differently or it's simply bugged.

you are supposed to start the machine in task 3

you don't need the AttackBox for now

That fixed it, thank you! ❤️

Gave +1 Rep to @spice leaf

Hi, I've been working through the pre-security pathway but I have come up against a problem. On Windows Fundamentals 1 and 2 I cannot get the machine to connect. The machine loads and the screen turns blue as it appears to connect to the Windows machine before switching and presenting me with the following message. "The TryHackMe remote server is not currently reachable. Please check your network and try again". It attempts to reconnect but the issue repeats. I have tried switching off and on my VPN to see if this is the issue, I have ensured all previous machines are closed but unfortunately the issue persists. If anyone has any suggestions I would be greatly appreciative. Thank you.

Hello everyone, I am on the Pre Security path >> Linux Fundamentals >> Part 2 >> Permissions 101, and when I try to find the answer to the 1st question "On the deployable machine, who is the owner of "important" ?", I can't find any "important" file/dir. Neither can I answer the following questions because there no "user2" when trying to switch user with sudo command. I don't know if I was expected to do that I didn't or is this part bugged ? Thanks for your help !

see task 2 for what you missed to do....

the machine you are currently interacting with is most likely the attackbox

you need to interact with the target machine

which you connect to using ssh

the instructions is in task 2

Indeed I missed it. Thanks !

Gave +1 Rep to @potent wedge

no problem

Hello everyone, I am on the Pre Security path >> Linux Fundamentals >> Part 3 >> Task 4, I already deploy the machine, connected to the target machine and I launched the Python3's "HTTPServer". BUT when I use the following command "wget http://10.10.27.194:8000/.flag.txt" to download the file as asked, nothing happens. Did I miss something ?

Have you started the directory in correct machine/directory?

I am connecting with : "ssh tryhackme@10.10.27.164" (ip address given on the upper part on the page)
After password input, i'm getting : "Welcome to Ubuntu 20.04.5 LTS (GNU/Linux 5.15.0-1021-aws x86_64)"
Then I input "python3 -m http.server"
It's giving me : "Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ..."
That's when I input the following command : "wget http://10.10.27.194:8000/.flag.txt"

Are you using the attackbox or VM?

Is the changes of IP a mistake?

I think I clicked on Attackbox and from the look of it I am on the web-based Kali machine.

Can you take a screenshot of the window?

the IP 10.10.27.194 comes from here :

which windows do you want ?

The one you're working on.

Use a new terminal window (one you're not SSH in to)

Ok that was my mistake I should have used the wget command in another terminal (ie the deployed machine, not the target one). Of course....

thanks !

Gave +1 Rep to @tight ingot

No problem!

Common mistake.

Happy hacking

Well to be fair, it should have been said : "Download the file http://10.10.27.194:8000/.flag.txt onto the TryHackMe AttackBox from the deployed machine"

I know it seems obvious for the insiders but not really obvious for those starting like me

The screenshots are what help me tell the difference.

hello

is there need to know how to programm well

I just have basic knowledge of javascript

is it good for me to jump in THM pathways ?

for 90%+ of rooms you will need 0 programming experience

man I targetting for the oscp and pentesting

is there any need for it in the way ?

well buffer overflow exploitation is one of the areas where scripting in python or ruby will help a lot

ehat about the AD

cause I think OSCP has deleted the bufferOverflow part in the exam

active directory is mostly graphical but commands for powershell

so learning the windows administration is a must

so I didnt waste my time the last 3 months

?

yeah if you are going to mess with active directory

so do u suggest me getting toward the THM pathways righ away

I have basic linux knowledge with a CCNA cert and knowledge about windows admin

?

yeah go for it but you might need not just tryhackme but some other sources for information too

such us ?

here is an order to do the paths in if you wanna follow something:
#pre-security-legacy-path 
#974406074444685322 
#junior-pentester-path 
#878393611929129000 (optional)
#pentest-plus-path (optional)
#web-fundamentals-path 
#soc-level-1-path 
#offensive-pentesting-path 
#red-teaming-path 
#791764435991658556

have you heard of searching the internet using a search engine

man do u fell me here

I know there is a lot of it in intternet

but what should know first

and what do i let it for advanced leels

levels

tryhackme will help you learn and know what to search up more information on later... just you gotta be ready to read more sources on the same vulns and exploits

thanks a lot

thank for your time

you're welcome

Hi guys, I'm new to this major I need to start from the scratch, but I don't know how

Do this path

If I'm new not only to Hacking, but also IT, where do I start? I'm just fresh right out of collage

This path is the correct one to start with, I recommend supplementing it with reading articles and learning to code

I see. Do you recommend getting any certs, then?

Cets are for proving you skills, first you have to earn them, for general it, CompTIA A+ is useful, Networks+ and Security+ expending on it, if you want to do anything specific, it warrants different certs, what do you want to do?

I want to get into hacking but I have no IT knowledge pretty much

For penetration testing the oscp is the golden standard for entry level, pentest+ is good too and cheper but less marketable

Red teaming and working in the gov is what interests me

Then check what certs job in the government requires

HELLO

https://tryhackme.com/room/extendingyournetwork

What layers of the OSI model do firewalls operate at?

When i Type the answer Layer 2,Layer 3 as shown in the answer syntax i still get an error

can someone help me

?

because that's not the answer

ok

Thank you i got the right answer

i dont know if that is still pre security pathway, but i think so. last questions on task 6 windows fundamentals 1 "what is the account status?" i dont have an idea. https://tryhackme.com/room/windowsfundamentals1xbx

Look at the properties of the user.

omg, lol. thank you.

yay I finished this part wope wope

nice

hello

i'm trying to start the HTTPserver with the Python 3 but after launhing the command i get no return such as 127.0.0.1 - - [04/May/2021/14:26:09] "GET /file HTTP/1.1" 200 - my cursor is still blanking as you can see in the screenshot, as if the syste is waiting for input command

https://tryhackme.com/room/linuxfundamentalspart3

hello

that's fine

i found it

thank you !

done it also today woopwoop

Hmm, complete beginner optional? I think this path is a very important path, never skip the basics

it is marked as optional as it contains very little new info if you do junior pentester( which is a lot newer and more polished )

Quick question for linux. I seemed to have lost the initial part to linux commands (tryhackme@linux1:~$).

If you lose it, how do you go about getting it back? Forgive my random jarble on it. Just trying to learn it haha.

The issue here is that you entered the cat command without giving it a file to display. The program will then keep repeating whatever you write to it. To stop it, hit CTRL+C and you'll get the prompt (tryhackme@linux1:~$) back 🙂

Suh weet!! Thank you sir.

Gave +1 Rep to @wide arch

amazing

Congrats

thanks

When did you start doing this

yesterday

well no today

just very early 12pm lol

And you finished it so fast

yeah the course was pretty easy for me

i liked it

Nice

lets goo

nice !

yay

Nice

Two certs in a day

hii
I'm still stuck on the same problem of that wordlist in jr penetration walkthrough
user@rain berry$ ffuf -w /usr/share/wordlists/SecLists/Usernames/Names/names.txt -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u http://<ip address>/customers/signup -mr "username already exists"
this is the command which is mention in the walkthrough of authentication bypass
i have download the file of username.txt from the link you provided and modified the above command by changing the -w (location of my file)
then when i run the command it shows the output came when we run "ffuf -h" with a encountered error message of >> stat <location of file> "no such file or directory "
please help me out

Are you sure that is the correct username?

yes

hii, im stuck on the windows fundamentals room. part two, task 2: q1 and 3. really don't see the answer

Hello, I am a total novice in Cybersecurity, what to do?

Start by completing this learning path.

The answer is not in the task. You have to do a research on the options that task showed so that you can have better understanding and a deep knowledge about it

yeah i got it! Thanks

No problem

Congrats bro

Why

The hell do you need my phone number and full name?

@minor perch

Why do you need my private info for signup stuff

?

They're not needed, you can leave them blank.

,

Anyone has the liat of paths to follow from the easiest one

?

@potent wedge has ine, pre security is the first path you should do

If you want shadows recommendations it is in this order
#pre-security-legacy-path 
#974406074444685322 
#junior-pentester-path 
#878393611929129000 (optional)
#pentest-plus-path (optional)
#web-fundamentals-path 
#soc-level-1-path 
#offensive-pentesting-path 
#red-teaming-path 
#791764435991658556

the optional ones are optional due to not teaching a lot of new concepts if you do the previous paths but are still worth looking into

I see, good to know

what's pentest+

that's the

comptia thing?

It is a certification, you take a test that is held by CompTIA and if you pass you get te certification, useful for job hunting, especially government jobs.

yea gotcha

Happy to help!

hey im new, can i ask u a question ?

we do need a bash scripting if we planning to do pentest path ?

or in general in ethical hacking i mean

For the most part no you do not need programming or scripting for hacking

ah okay its just a plus thanks!

oh yeah for some stuff knowing programming and scripting is going to help you protect or attack it... just you can get very far with very little knowledge in this nowadays

yeah it was on my learning list anyway thanks for time :))

I’m at Linux fundamentals Part 3 task 8, there’s no apache2 in /var/log?

I tried looking in both Linux machine and attack box

Ah okay! I got it now. Thank you

Gave +1 Rep to @trail flame

Stupid me haha sorry

Hey guys I am stuck in the intro to offensive security first task itself even though I transfered money when I submit the transfered amount it is coming the answer is incorrect

Please someone help me

Its not the amount.

There is a message above that with a flag

Thank you so much .i cleared the room. I thought it was money 😅

Gave +1 Rep to @tight ingot

Been connecting via kali VM and openVPN. Getting in to some windows things and wondering which RDP client are people using to connect to windows machines from within their kali VM?

xfreerdp and remmina tend to be the most commonly used ones

remmina is easier for most people as it is a graphical application

xfreerdp is a terminal based rdp client where you need to specify everything in the command

@potent wedge - I appreciate you!

follow up looks like xfreerdp comes with the current kali release so thats a win

Hi everyone. After leaning ccna and operating systems what should I learn else?

wish I asked what pathways to take. Thanks for this info!

Gave +1 Rep to @potent wedge

you're welcome

Hey @glossy plank it depends on what your end goal is, I think TryHackMe’s Jr Penetration Tester learning path is a great choice - many fundamental tools and resources recommended in it - lots of transferable knowledge no matter what path you choose to take as a career

thanks

Gave +1 Rep to @mystic arch

Hi guys, I'm new to cyber security and I want to learn more about it can you guys help me with some resources or how I should plan to learn, I'm starting with the free version of THM so is it beneficial or I've to get the pro one

!docs free-path

You can follow this guide of free rooms for beginners

When doing the Windows Fundamentals part 1 I get the same issue as with the Linux Fundamentals part 1. Launching the machine and only getting a white screen

@bitter dome wants the ip of the target machine and wants to look into this

if jabba is still up that is... he might have headed to bed

sent it to you in a dm 🙂

oh sorry shadow can't do anything about it... this is jabba:s realm of having to look into problems and fix them

haha that's fine. If he's still up he can contact me 😉

You also tried to switch off and on the machines sometimes or not?

I did, in fact for the entire windows fundamentals i had white screen machines. Tried different browsers, no extensions, …

The attackbox itself works fine; it’s just those linux fundamentals and windows fundamentals machines I’m having trouble with

It's advised we don't ask this, try and keep them running.

Im having a hard time understanding what account status means on the 4th question of the Windows Fundamentals 1 :: Task 6

If anyone know what it means, I'll appreciate if you share it

nvm just got it

It could be for a different room, 🙂 could you please delete this flag though. 🙂

Absolutely! That was my first thought. I was just super curious. Thanks again.

Hi, I have the same problem. 've been looking at various sources and I think it says the opposite here. When we encapsulate, then we put Packet envelope in the Frame envelope. But the tryhackme rooms say otherwise. And in decapsulation the Frame envelope should be first and the Packet envelope is inside.
I noticed the same problem further, in the Extending Your Network class.
Task 5:
Take, for example, a layer 2 switch in the diagram below. These switches will forward frames (**remember these are no longer packets as the IP protocol has been stripped**) onto the connected devices using their MAC address.
I think IP isn't stripped from Frame as frame is first in the process of decapsulation.

Can someone explain how this is not an error? The explanation @thorny mulch did not solve this for me.

linux fundamentals part 3, i use "python3 -m http.server" than i cant do anything else

and I can't get the .flag.txt file

You need to do the wget on your own machine,

(not on the ssh one)

so i should use 127.0.0.1?

it's saying connection refused

I've solved it, need to relog again with the provided credentials...

does anyone know how to use gobuster

Isn't it

gobuster *flag* -u *url* -w path/to/wordlist.txt

Obvious for dir you replace flag with dir

understood

I was in pre security first module

The gobuster command was: gobuster -u <url> -w wordlist.txt dir

What was the use of dir in this

https://github.com/OJ/gobuster#dir-mode

On the next level pre-security! I hope I do well on this course, good luck to anyone who is already on it you rock!

Done

Hello, can anyone help? Does anyone know why I can't access the learning path? is it now not accessible?

The Windows fundamentals 1 box doesn’t seem to be working for me. Launching it yields Connection does not exist

connect through an RDP client

or just read contents

hello I am getting the following when trying to access the lab machine for the linux fundamentals -1 class I get a connection error, the requested connection does not exist
can anyone please suggest how can i access the lab

Confirming, that I also got the same error message when trying to connect to that machine.

There is a some kind of an issue with that machine, It'll surely be fixed soon.

How to get started into bug bounty?

For beginners guide??

Pls anyone help me

@opaque hazel If youre a beginner, I wouldnt worry about bug bounties right now

Learn BurpSuite. THM has an in-depth course on it or you can learn it yourself. But yeah, like Vuitton said, you should really learn the prerequisites before attempting cause it's gonna help you a lot

Started this pathway. I am curious to hear from other people, do workplace people acknowledge certifications or skills from THM?

Was just wondering if anybody ever got picked up by doing these courses?

just started today hi everyone

Maybe as a means of

"I do this in my spare time"

You really can't certify what we do on THM because there is no exam conditions.

Thank you

Gave +1 Rep to @tight ingot

Started this pathway today and I learned a lot

The networking and intro to LAN helped a lot compared to other resources I was using to learn networking fundamentals

Hi, folks, is there someone knows the answer for the 3rd question of 3rd task on the Intro to Digital Forensics plz. I am not looking for answer just want to complete it. I think there is bug, actual answer that maps shows it does not match with designated answer.

Are you referring to both items?

On which part are you having a challenge?

3 rd part

finding the location of kidnapper

What command did you use against the image?

no it is not about image

I solved all questions related to image

it is about where the image has been taken

physical location of the image

using exiftool

on that task 1st question is who is the author. found it.

2 nd location of image taken, not found

3 rd model name of camera, found

Aahh... got it.

I Googled for || 'find location coordinates' || instead of using Google Maps as it gives out an error.

so u got the street name?

Yes

If you still can't make it work, dm me.

I got it, but not solving that)))

how many letter does it consists I mean just first part?

Or simply, you can find a site that lets you find a place by putting in the coordinates - lattitude and longitude.

|| 4 ||

I usually use it with cereal))thanks anyway

Happy to help

Hello, man. I don’t know if you figured it out yet, but a fix for me was that inside the longitude it gave West or North. You have to substitute those letters, and put the degree symbol in replace of it.

@warm nymph, yes , I did, but it did not work by doing what it says on instruction. I found it somewhere else.

i am here: Windows Fundamentals 2 task 2: What is the name of the service that lists Systems Internals as the manufacturer? i did kind of look after everything, but i could not find anything that's alike the answer (answer format: 10). and this: Whom is the Windows license registered to? that's the second question from the same task in the same windows fundamentals 2, and I don't know how to learn that either. pls help
https://tryhackme.com/room/windowsfundamentals2x0x

what learning path did you guys take after this one?

and what made you decide to take that

#pre-security-legacy-path 
#974406074444685322 
#junior-pentester-path 
#878393611929129000 (optional)
#pentest-plus-path (optional)
#web-fundamentals-path 
#soc-level-1-path 
#offensive-pentesting-path 
#red-teaming-path 
#791764435991658556

based on how they are laid out to teach you stuff... technically you can do soc level 1 before junior pentester if you are aiming for blue teaming instead of red teaming

Thanks. Ya I’d prob do SOC 1 first since there is more jobs on blue team even though red is more fun

Gave +1 Rep to @potent wedge

hi guys when i prompt ($python3 -m http.server) in dployable machine and launch the command (Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...) then it stops in this line icant type commands anymore pls help

Use another Terminal window to WGET the file from.

(One that isn't signed in to the SHH sessions)

thanks man it worked

Gave +1 Rep to @tight ingot

there is a problem in linux fundem3 task6 when i type crontabs -e it gives me "@reboot /var/opt/processes.sh" can someone help me

so what's the issue?

normally when i enter in nano i should see the cron task to know when it will launched but i only see in the first line "@reboot /var/opt/processes.sh"

yes, and that is exactly what you should be seeing here

it tells you when it will launch

but the the date column is empty

the date isn't known in this case

i answed 0 but its false

it is false, yes

Can't progress through the Windows Funamentals 1 room because I can't get the "Attack Box" to connect, Hoping someone here could help me out.

Were you able to figure it out?

No, I gave up.

I'm checking it out now and it looks like you're not using the AttackBox in this scenario, I think you're just exploring a W10 VM

First task allows you to RDP into the VM but I see nothing related to the AttackBox here, besides having the option to launch it

Hey, thanks. Yeah, I actually figured it out shortly after I had said I gave up. It just crossed my mind that's what I was doing wrong while surfing the web for completely unrelated things. Haha, thank you.

Gave +1 Rep to @long kindle

No worries haha! Good luck

hey, I am doing Linux Fundamental.Part 3 Room. There I need to ssh to a remote machine with proveded credentioals. But each time I put a password, I get a response "Permission denied, please try later". Meantime I double checked the password is correct. Any tips, mates? What did I wrong?

Probably use the the wrong ip.

Did you start the machine on task 1/3?

Any luck? Might help to post a screen shot of the command entered

Yep, thank you, already solved 🙏

Gave +1 Rep to @clear tundra

If you look at the crontab through crontab -l it shows you at the bottom when it will run?

I mean a lot of the rooms don't explain everything, a big part of it is researching which is explained in the section before the room.
reading relevant books, or searching for relevant information after doing a room has been a big part of helping to learn IMO, especially the networking rooms.

most IT jobs are just about how well you can google

EDIT: I was thinking about the section in the complete beginner pathway for that researching comment, my b.

If i have learned Pre Security，what step shou i do?

That are your interests? Do you prefer swords or you're Hero of the Shield?

Hello there, a little bit stuck with introduction to linux. can someone help pleasse?

nvm... i'm a dumbass...

what kind of help you want ?

im supposed to pay for this to unlock the room right?

if you want to do the entire paths and path rooms yes... if you just wanna learn you can stick with only free rooms without losing to much

am i gonna learn the basics tho?

like the important ones

for the most part yes... for the lacking stuff you can find it in other places using search engines or youtube

if you can't afford a subscription to tryhackme you could wait for the next community giveaway of vouchers

oh alright then, thanks alot

Gave +1 Rep to @potent wedge

when does this mean?

kinda randomly but the giveaways of sub vouchers that give you a month subscripiton for free happens in #community-announcements

got it, thanks alot

ill just do the free ones for now and then do the paid ones later

when i probably win one

that works right?

yuup that works just fine

great

thanks alot <3

take care and be safe

Hi All. I am currently going through Linux Fundamentals 3, but I can't figure out if this is supposed to happen in the terminal. When I go to start the webserver using the python3 command, I receive the following which appears to be correct. But then the command line essentially disappears. Anyone have any idea how to get it back or what I may be doing incorrectly?

Tryhackme@linux3:~$ python3 -m http.server
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/). . .

I found the answer. That was step 1 (as others have pointed out). Step 2 is to open up a new terminal window for the AttackBox and use the wget function from there. Since you have turned the VM into a web server using the python3 command, the AttackBox and VM can communicate and you will receive the file.

Yeah.

But check out the syntax of the file.

so am i

i'm also new to kali

it's been like 15 days from download

what book would any person recommend to read that tells us a lot about hacking and about kali linux

the most im

i mean

if anyone lnows let me know

Try the THM Linux Basics - contrains a lot of basic information about how to use and which commands there are and how to use them. From there on, you can check the other basics courses of THM and get your adventure started slowly but steady.

I'm currently reading linux basics for hackers from no starch press and it's been a great addition to the Thm linux rooms!

Hi, i'm on Linux Fundamental 3. I have a problem with the question 3 in Task 4. I can't seem to download the .flag.txt file as it keeps saying Error 404: File Not Found

This one was tricky for me too. You need to have two tabs going - one for the http server and one to grab the file from the server. If you're still stuck let me know and I can try to give another hint 🙂

Hi can someone please help me, I'm on take 6 practical network simulator and for some reason my network log isn't loading and it won't let me finish

Are you using a modern browser with javascript enabled?

Actually I guess you are seeing as though you had no problem with Task 3...

I has a question

Pre security pathway using the attack box for windows ad started both machines trying to rdp and it was giving me a cant connect error

Do I need to use openvpn through the attack box aswell?

No.

Which room?

Windows fundamentals my bad

You don't need to RDP in?

That machine boots up a split screen machine.

Okay so I’m not crazy and but I was like hmm

have you booted up an attackbox?

And pressed the green start machine button on task 1?

I attempted rdp in the target machine for fundamentals 1 and it said can’t connect after accepting the certificate

Strange

If you click here you should switch machines if both are open

Yea I think it’s user error but same thing happened to someone else

Or maybe u don’t even need it for the fundamentals

you dont need to rdp in

Okay cool! Thx I was overthinking it

It's fine!

RDP is an option for that room.

I do it when I used my VM, but not the attackbox.

Thanks I just ended up using someones laptop to do it because I've been using an iPad. So it works on a laptop and now kinda wish I had a laptop lol

Gave +1 Rep to @wary lily

Finished this room.

Hey im having an issue ob the linux fundamentals part3

when running wget in it it continually loads then just connection timeout

If you're talking about part 4, this one is tricky - you have to have two terminal tabs open, one for the http server and another to get the file from the server.

The instructions aren't super clear if you have no idea wtf you're doing (aka me when I did this room, took me awhile to figure it out 😅😅)

How are they not clear?

They literally tell you to use the attackbox.

Well, considering this is the second time in a row that someone has asked this recently, I don't think I'm the only one who was confused. I think it would be more clear if it said to use two tabs in the terminal. For folks that are new and still getting used to the interface "use the attackbox" is still confusing.

Also it's kind of rude to be snippy about someone being confused on a site that's for beginners - nobody needs to be made to feel stupid around here, that's the opposite of what the site is trying to do.

I wasn't being rude.

excuse me why can't i use the windows virtual machine in pre security pathway? i get this message:

"CONNECTION ERROR
The TryHackMe remote server is not currently reachable. Please check your network and try again"

are you using OpenVPN or attack box?

AttackBox

did you tried switch the thm server?

on network

How’s that done

I guess its on profile picture and network

Do you guys take notes when doing rooms? Specifically this one because I feel like it has a lot of reading compared to some others.

Yes, taking notes is essential, there's tons of information to digest and you need to have a way to refer to it when things come up again

I take mine in google docs and summarise it

I was wondering how everyone else does it

taking nnotes is byg time yes

all the way

I use Obsidian, I think it's unbeatable in functionality, but everyone has their own method and preferences, there's also Joplin, cherrytree, Notion, OneNote and many other alternatives

notion and obsidian appear very similar in design, obsidian looks like vs code to me.

What makes it good in your opinion?

The notes are stored in markdown files, which if needed can be opened in any text editor.

With a simple style sheet, I have like 9 different colours in order to colour-code my notes, there's a lot of useful plugins, you can link to other notes or headings within the same note.

Files are stored locally and not in the cloud, which on one hand means you're responsible for keeping your own backups, but on the other, it could potentially help with keeping notes confidential if the given employer allows usage of Obsidian. I like that you can nest folders as needed.

I really haven't used Notion much, but I've heard that the export function isn't great which would make migrating your notes harder.

Export function is alright, but you need the paid tier for bulk export of PDFs. I think it'll do bulk markdown exports on free

Thanks, I'll have to check that again. I helped a friend recently migrate to Obsidian, we couldn't find how to export in markdown, but there's a script on GitHub that takes the default bulk export and converts it to markdown, a bit clunky with some things but it did the job.

Gave +1 Rep to @warm epoch

Thanks I will be using obsidian from now on 😄

Gave +1 Rep to @spice leaf

notion blue screens my laptop anyway for some reason so I am more than happy to make the switch there

give it a day or two to get used to it, here's a few examples from my notes and a demo I had made for my friend when raving about Obsidian 😁

Thanks

Windows Fundamentals 1 task 6
What is the account status?

how can i find it i dont understand

nvm

I take notes in an actual notebook made of paper 😆 I have a set of glitter highlighters and a color code system that makes it really easy to find things. I find that the act of writing something down vs typing it will help me remember better even if I never look at it again. I also write down everything because I have a terrible memory heh

Nice

Finally reached 80% on this path! I think I'll be finishing this up today.

Completed the Pre-Security Path!

reach out if you need any assistance.

Congratulations

Thanks!

Gave +1 Rep to @abstract sparrow

Windows Fundamentals 1 task 6
What is the account status?

When I click on properties of the accounts, there is absolutely nothing about account status

idk if you still need help or if you found the answer, but which question are you trying to solve?

It's one of the check boxes, it might not even be checked.

I found it but thanks!

Gave +1 Rep to @fathom gust

Yeaah I was looking for a title saying Account Status or something like that, THM is making it a little bit difficult which is fun

and Thanks! 👍

Would you be willing to send these examples to me haha? Or just, how do u make the drop downs in the first image, and the blue orange purple note, warning examples haha

For the drop downs, basically you make a new folder, another below it and different notes in the folder, depending on your needs, you can nest folders as much as you want.

For the notes, warnings, etc., you can use the built-in callouts feature:

https://help.obsidian.md/Editing+and+formatting/Callouts

Or a plugin called Admonitions.

Ahhh

Thanks!

hello guys, I'm learning Linux Fundamentals part 3 - Can NOT access the file "access.log" in /var/log to find out the IP address, answer for Q. Probably, I need root privilege, so I've tried sudo with "tryhackme" password, it doesn't work.

Can anyone help me, please?

Have you SSH'd in?

Or are you trying on the attackbox?

I'm in ssh tryhackme

tryhackme@linux3:~$ cd /var/log/apache2/
tryhackme@linux3:/var/log/apache2$ ls
access.log error.log error.log.2.gz
access.log.1 error.log.1 other_vhosts_access.log
tryhackme@linux3:/var/log/apache2$ cat access.log
cat: access.log: Permission denied

this is what I've got

tried to sudo it:

tryhackme@linux3:/var/log/apache2$ sudo cat access.log
[sudo] password for tryhackme:
Sorry, try again.
[sudo] password for tryhackme:
tryhackme is not in the sudoers file. This incident will be reported.
tryhackme@linux3:/var/log/apache2$

ls

Which logs are there?

ryhackme@linux3:~$ cd /var/log/apache2/
tryhackme@linux3:/var/log/apache2$ ls
access.log error.log error.log.2.gz
access.log.1 error.log.1 other_vhosts_access.log
tryhackme@linux3:/var/log/apache2$ cat access.log
cat: access.log: Permission denied

SERVER logs

you need to cat out the access.log to get the ip address yes, the first access.log you don't have permission for, however that's not the only access log in there that can help you find the ip address

I remember trying the "cat access.log.1" and I got the answer

btw this section is about subnets (https://tryhackme.com/room/introtolan task 2), and shouldn't this highlighted part be 192.168.1.0?
https://media.discordapp.net/attachments/1112261561680142436/1134242194107142275/image.png

https://media.discordapp.net/attachments/1112261561680142436/1134242194107142275/image.png

hmmm

not sure why it wouldn't embed

You mind explaining your question?

I didnt quite get it-

ofc, I'll reexplain it

so can a network address be any number?

for example, if a network address was 192.168.1.35, can a device connected to the network have a host address that's the same as the network address but the last octet is different? (such as 192.168.1.20 or 192.168.1.0 or 192.168.1.40 or 192.168.1.100 or 192.168.1.255)

You need to verify your account to be able to post screenshots

!docs verify

Folks here won't simply click on links shared

It will depend on how the network is divided. You may need to look up subnetting for this. Also, the network address is always the first address in your network or subnet. In your sample, if the network address is 192.168.1.35, you cannot have a host address of 192.168.1.0 or 192.168.1.20 that is a part of that network. The subnet mask or CIDR notation will need to be considered here. Same goes with a host address that has a last octet of 255 as it will be the broadcast address for a network or subnet as the case may be.

thank you, that clears it up

Gave +1 Rep to @brave cobalt

! Verify

hey , i have an issue to respond to a question

i cant add screenshots i guess

it's the question "When will the crontab on the deployed instance (10.10.122.65) run?"
i am connected to the linux3 and used the command "crontab -l" but found no specific cron job entries

ss would be helpful

hm i used it and put it on a text file

I have to look for something ?

ss means screenshot. i dont exactly remember the task and the context man

so i said a screenshot would be helpful

ah u mean screenshots xD

tried to restart and get new one,but still stuck

crontab -l gives you that output?

yep

the answer is literally in front of u

just look closely

at the output

on the second screenshot ?

yes

tried reboot , startup

try @frail swallow

did u add @

omg

20 min of my life xD

its okay happens to the best of us

thanks buddy

Yw

haha yeah this happens a lot

the answer should be changed to "on reboot" tbh

Anyone can help me out here with the Windows Fundamentals Part 2 ?
i just don't get it

omg this is so ...
Fundamentals Part 2 Question 1 : ||PsShutdown||
Question 3 : ||C:\Windows\System32\control.exe /name Microsoft.Troubleshooting||

I don't know how to check the account status in Windows Fundamentals Part 1, help?

Go to users and right click properties

actually, no need anymore... searched the answer in this server, ended up finding the solution within the Local Users and Management app

Hello
I have a problem with Pre Security path
How The Web Works
HTTP in detail
Whenever I try to view a tab, it shows either a "White page" or "Security error"
tried from Tor browser, Firefox, Chrome.
Any solution?

Now I have just started "How websites work" Room and I'm getting redirected to other page "https://static-labs.tryhackme.cloud/sites/howwebsiteswork/html_editor/"
Please help fix the platform like it was 2 days ago.

There seems to be an issue site-wide as other users are reporting similar issues as well.

indeed, please keep an eye on #site-support for now 🙏

Thank you for your reply.
How will they deal with it? Is it going to be solved? It's impacting me.

reported.
Thanks.

Hey friends

Is there anyone going with this pathway ?

yes me

Hello Friends, What flag do you get when you ping 8.8.8.8?
What flag am i looking for exactly Because when i ping 8.8.8.8, i got a successful connection to the IP Address

Ping that in the static website on the task

Thanks

Gave +1 Rep to @tight ingot

Can anyone help what is pre security pathway where should i get started ??

Click in Pre-security, start with the first exercise

I'm up to subnetting and the example for host address confuses me. It says, Purpose: An IP address here is used to identify a device on the subnet, Explanation: For example, a device will have the network address of 192.168.1.1 and Example: 192.168.1.100

Why is the Explanation saying network address is 192.168.1.1? Wouldn't network addres be 192.168.1.0

when I go through https://tryhackme.com/room/linuxfundamentalspart1
The deployed linux is different from the screenshots. it has accesslogs.txt and fodler1 folder 2 folder3 folder4 but no Documents folder like the tutorial.

If you could verify your account and send screenshots, assisting you will be easier.

!docs verify

You'll need the CIDR notation or the subnet mask to determine the host and network portion of the IP address.

Hi guys,

Where to get the credentials url for the Pre security certificate which is received from tryhackme, I need it to upload in LinkedIn.

Please guide me where to get that....

Credentials url?

I think he is referring to the certificate of completion.

Hello
I have a problem with task 3 (Enumerating SMB) from network services
When i do the nmap scan the attack box shows 5 open ports none of them is SMB

What could be the problem?

which ports showed?

22,80,111,389,3389,5901

There are six

I deployed the telnet machine and i still have the same issue

The machines are different.

You need to launch the correct machine for each task

If you go to the learning path, pre-security in this case, there should be a section in the lower right hand side of the screen where you can download it if I remember it correctly.

Thanks I verified, this is a screenshot of what it looks like, whereas the guide says it should look like screenshot two and all the tests/flags require it to look like number 2

Gave +1 Rep to @brave cobalt

Issue shows up at Interacting With the Filesystem!

The screenshots are just examples.

Ah you're right, thank you

Gave +1 Rep to @tight ingot

it's cool, common miss-conception, I think it's to stop users form using the screenshots to answer

Thanks, normally it says "Note: The screenshots below are examples only" but didn't see it on that page so got confused lol

Gave +1 Rep to @tight ingot

I'm doing an nmap scan on task 6 (enumerating telnet) but the remote host doesn't show any open ports and i re-scanned the host for port 23 and it tells me the port is closed

Any help?

What is your full nmap command?

Nmap --top-ports 1000 [ip]

Was this the command based on the instruction? If not, you might want to add -p- to ensure your scan captures ports 0 to 65535.

Hi Team,

When I click on the view site, it opens on the same browser window. The split option. But I want that to open in a new tab. Is there an option?

It depends on what you are viewing. If its a static site, it is only available via that option.

Okay

When i use metasploit on enumerating mysql it doesn't show me the right results

My RHOSTS, PASSWORD, USERNAME, RPORT are correct

It doesn't return any useful result

Why does it return Access denied?

I tried to use metasploit again to exploit mysql but it returned Access denied again

What room are you working on? What metasploit module are you using to enumerate mysql?

Network services 2
Task 9: Enumerating MySQL
I used auxiliary/admin/mysql/mysql_sql

When i type exploit the remote host won't give me access

All done 👍

Hi guys, im doing linux fundamentals 3 and using ps aux to find the weird file, I can see whoopsie, but i cant do anythin with it

iirc you have to cat down into the file cat ../../file

OWASP 10-2021
insecure design
I'm trying to find the password resitting bypass i tried to manipulate the url, i entered very long passwords and entered some shell commands but i didn't get any useful results

Any hint?

I looked it up on youtube, there is supposed to be a flag in the file list, but it doesnt appear when i run the command, others have had this issue, and it is fixed with a reeboot, but alas i rebooted 5 times and it didnt fix the issue. i typed the flag in that i saw on YT and moved on , hopefully no more issues like this occur

Ahh dang :c sorry

all good, thanks for trying to help, I had already cat that file it was in wingding format

ah, yeah I think I was miss remembering rooms as well

i nano'd thinkng the flag was inside, but it's not

yeah I'd have to go back through the room I've forgotten

looking for the apache2 file for logs, But it doesnt exist

more issues with the linux fundmentals machine not havig the files required to finish the task

You'e in the wrong VM.

You need to SSH in to the machine.

i launch the box though

But you didn't SSH in to the user.

it said look on the deployable machine, so i didnt ssh in to the tryhack me box, but when i did, it still doesnt exist

thanks for your assistance in this matter however

cd /var/log

Then ls

You didn't do the step previous.

what step previous?

ls? it only says task3

#pre-security-legacy-path message

thanks , i had to cd in to the apache2 log, it would not produce it with the command

hi,
i'm in the room "linux fondamental part2" and i try to connect the tryhackme account with ssh tryhackme@IP MACHINE but the pswrd tryhack don't work.
I've try a lot and i think it's a bug machine. Can I have help plz?
i've see in a forum a people have the same probleme than me

You're using the wrong ip.

You need to start the machine on task 2.

Hi, I'm trying out to answer task3 of linuxfundpart3 / my trouble is that the attackbox logs me as root and there is no tryhackme user. I terminated all the machines I could have open before, logged out the website, loggedin again, and start the machine from task2 of linuxfundpart3 (as a solution given by Scrubz above) So, I saw the IP changed from before. But the new machine, with the new ip, still has the same trouble... could someone please help ? thanks

Reply to myself, and may help others /// when on the attackbox terminal you have to ssh to the ip given on task2 -- there is the tryhackme user

Do you ssh in to it?

Can you verify and share screenshots?

!docs verify

yeah it's ok by this way, thanks @tight ingot for helping poeple here.

Gave +1 Rep to @tight ingot

im doing packets and frames on network fundamentals and i cant understand this piece of info, if anyone could someone help me understand this if possible cause im abit lost on it

I’m new too but from what I understand You are question is acting as syn and my answer is ack and when you reach back out after this it would like syn again

Hello. I am at Linux Fundamentals Part 3 and on Task4. While I run the the python3 webserver I can't execute the wget command. I have tried using the & command. I have tried open 2 different terminals., one that is running the webserver and the other that is running the wget command(which gives me 404 error). I have tried run the command under the web servers without prompt(which doesn't make any sense ofc).

Every packet has a sequence number so the computer knows the correct order of packets to construct the file/img/page etc properly. In the handshake phase it establishes that number. When it starts to send data it uses that number and every time it increase it . Actually in handshake phase syn/ack it should increase the ins +1 and in the last ack should increase 5000+1 ( probably it is a miss type from tryhackme) . Hope that helps ! Also dont forget google has lots of content about these.

Hello, I'm studying network fundamentals. Reading about packet and frames, in task 2, the article seems to confuse the TCP/IP model and the TCP protocol itself. Please correct me if I'm wrong, but what I understand is that the model is one thing and the protocols are another even though they have very similar names. If that's the case, I think there's room to go into more detail about the differences.

Can you clarify what do you mean by confuse the TCP/IP model and TCP protocol? Also, you are supposed to supplement THM material with external ones.

[edited]
From the article (https://tryhackme.com/room/packetsframes, task 2):

TCP (or Transmission Control Protocol for short) is another one of these rules used in networking.

This protocol is very similar to the OSI model that we have previously discussed in room three of this module so far. The TCP/IP protocol consists of four layers and is arguably just a summarised version of the OSI model. These layers are:
Application
Transport
Internet
Network Interface

Very similar to how the OSI model works, information is added to each layer of the TCP model as the piece of data (or packet) traverses it. As you may recall, this process is known as encapsulation - where the reverse of this process is decapsulation.

One defining feature of TCP is that it is connection-based, which means that TCP must establish a connection between both a client and a device acting as a server before data is sent.
[...]"

Paragraph two, list and paragraph three are describing the protocol suite, while paragraphs surrounding it and the article main motive it to introduce the TCP protocol.

I thought this could lead to confusions without prior knowledge because their differences are not contrasted enough. Supplementing materials for the most part make sure to distinguish these.

Thanks, this helped me! Just wanted to add some non-answer help, for those looking to understand the answer a bit better, for whatever reason, I didnt really understand what was being asked for question 1, and got a bit intimidated by 3. 😅

To find the answer for question 1, go to service tab under system configuration, then look at the manufacturer column, this is where the answer will come from. You can either scroll until you file "system internals" or you can sort them until you see the answer.
For question 3, think back to previous room, windows 1, what system folders were talked about that were critical to funciton of machine? now, what program do we want to execute? so the first part is that directory and file, the second part is much more straight forward, what are we trying to do, and on what system?

What is the flag that you obtain by followin along For practical example of defense security

I’m stuck in that question I thought the answer was red

Yeah it is red, but make sure you take note of the IP address for the next question. You have to continue through a few questions related to that SIEM alert to get the flag for the question

You can use resources outside of THM for the time being. Most of these are available in the Internet, but not in a gamified format. Still, it will be useful. Also, if you can wait it out or make use of the free path for now, THM usually offers a discount or promo around end of Novemeber or early December (during their Advent of Cyber event).

Gave +1 Rep to @brave cobalt

There's also a free path.. let me look for it..

https://tryhackme.com/r/resources/blog/free_path

This can keep you pre-occupied until the promo becomes available.

Gave +1 Rep to @brave cobalt

Hello…
New to this board. But hopefully I can provide some valuable feedback. If you’re interested in continuing without “losing out” you can use skillsforall and they have a free Cisco basic networking course. You can jump into the OSI model section if you feel you have a good grasp on the previous modules. In addition, if you want to reinforce this, because I personally found the Cisco course slightly confusing, you can watch networking vids on YouTube from “practical networking” channel. IMO these should be enough to cover the same stuff and more as the THM modules.

Gave +1 Rep to @ruby ocean

Don’t sweat it. It happens to the best of us. TBH I finished the Cisco course but didn’t really understand the OSI and TCP/IP concepts either. But once you see the visuals and also use the packet tracer labs. It’ll start to click better.

hello, any tips on installing kerbrute

Hey there. A quick google can find you their GitHub with installation instructions on the readme there’s only a few THM rooms that use this tool and it’s definitely not included on the pre security path.

Just wondering if anyone could tell me when to use a php reverse shell. What is a indicator when say using nmap or look at a website that someone would understand they need to use a php reverse shell when uploading a file

well there are a few indicators

then again php is still the most common backend for websites so knowing how to exploit it is good as in most instances it is what is being used

Okay so it’s more of a rule of thumb or better yet that trying a php reverse shell at first has a good chance of success.

yuups

and if it does nothing it is probably another way in

Okay thanks, I was working through the rootme room and after hitting some walls I looked it up and I saw that everyone in the write up was using a php reverse shell. I just couldn’t understand why and why they are saying this

Gave +1 Rep to @potent wedge

Done!

for some reason the root.service file doesn't work... we are supposed to put the machine for the kali vm ip in htere right?

Which room is this?

i got it to work... it was the priv esc room in the vulnuniversity

Finished 🎉🏁

I had to let that one sit for a while too. 🫥

can someone help me

What room? What task? What are you stuck on and what have you tried? We need a bit more information to be able to properly help you

You probably also shouldn't spam across multiple channels

Ah, looking at this further you are not asking for actual help... ah well

yo guys is someone online i have a question

Just drop your question here. There are lots of helpful folks who'll respond to you provided it is THM related and/or not illegal

ok

ive got my answer anyway

I can access tryhackme with android. But in room Linux fundamental, I can't access my keyboard in virtual machine, I can't type any command.

anyone have issue where when the split screen is a cmd there are no controls above the cmd screen? for instance what is networking/ task4/ view site, there should be controls above the cmd

#room-help message

What browser are you using?

Chrome, in Linux fundamental 1 task 3. It just a terminal and no option to open android keyboard when starting machine.

If I remember it correctly, you only need to run some commands in Split View screen

thanks for the response, I was able to expose the text box and submit button by inspecting/ then deleting the navbar node so it allows me to get passed it 🙂

Gave +1 Rep to @brave cobalt

I also do some reading and easy tasks in my mobile and it seems to be working fine in my case.

Is your browser up to date?

Not yet, I'm updating it now.

Ok, now my browser is updated.

Thanks for the help, I just changed the input method in the navigation bar that appears on the left of terminal machine.

Gave +1 Rep to @brave cobalt

Hey yall. Quick question as I work my way through this pathway. But I’ve been wanting to ask how many of you successful learners are able to retain all this info. Do you all take notes? If so, how would you recommend this being done? Or do you just spend countless hours on thm and this help with retention?😅
Thank you in advance

Taking notes and practicing what you learned are good ways to retain information or in the case of the notes you can reference it later even if you have since forgotten it. Notion and Obsidian are two popular note taking apps and as for how to take notes just do whatever you want, there is no given right way, if it works for you then it is your right way

Much appreciated for the answer 🙏🏼.
Currently I am able to retain what I’ve learned. I’m just a little concerned as I continue to work my way through the pathway. Because often times gotta do outside research to supplement thm. And feels kinda overwhelming to think about how I’ll manage to retain it.

Pen and paper 👍

What are good paths to do after this one

There is a recommended path here:

#general message

Thanks! That list is very helpful.

Gave +1 Rep to @brave cobalt

I do not understand crontabs at all, can someone help me

I posted in #room-help but I’ve hardly gotten any help

Trying to find the crontabs and find when they will run

You would use the command “crontab -e” to view the current cronjobs

Each asterik correlates to a value. From left to right ——> the first asterik correlates to minutes, then hours, 3rd asterik is for day of month, 4th month, and 5th finally day of week

I did that but I have no idea what to do with it

Could you elaborate a little more on what you’re trying to do?

I assume you’re doing the 3rd linux room?

“When will the crontab on the deployed instance run?”

Yes Linux fundamentals part 3

So if you look at the photo it gives a value of 0 minutes and */12 for hours. Which would mean that every 12th hour “time wise” or at every start of the machine, the cronjob would perform the backup

The asterisk value would correlate to everytime at boot. And the 12 would correct to every day at 12…

So everytime at book and at 12.. the system would perform the backup

Ok I somewhat get it now

I encourage you to play around with it so you can better understand. It’s a little difficult to explain it. It’s one of those things you gotta play around with.

For example. Schedule a cronjob for 2 min later. Something easy like echo hello to a new file

Cronjobs are confusing and are one of those things you have to play around with to better grasp it. I didn’t want to give you answer as I thought it might not “help”. But it was at “@reboot”

Yeah I found that line several times I just didn’t get it

Once you play around with it you’ll get a better idea of how it works. I was surprised at how confusing reading about it can seem. Hope this helped.

It did, thanks

just finished this path, gonna finish up intro to cyber sec and then do jr pentesting

Nice! I started today. Almost at the linux part.

the linux section is fun

Is the question Task 8 for Windows Fundamentals 3 still correct with the documentation? I'm quite certain I have the answer but it's not accepted and the asterisks are formatted differently as well. I don't want to spoil the answer lol

What task?

The bitlocker task

I found the actual answer now, it isn't mentioned in that way in the documentation, not sure if that is what you're going for or that the Windows docs have changed

It really is! At part 3 of linux now.

One message removed from a suspended account.

One message removed from a suspended account.

Write down your notes! 🙂

Windows fundamentals.... i forgot how boring Windows actually is 😅

Are you guys studying at Conestoga?

hello

good day

I am doing the Pre-Security learning path

i'm on the first windows room but the VM machine won't connect

it keeps reconnecting

Can you share a acreenshot of it? You'll need to verify your account to do so.

You'll need to type /verify token <discord token found in your THM profile>.

Thank you, getting the screenshot now

Gave +1 Rep to @brave cobalt

Let me try and spin up that VM

thank you

apparently all the windows vm are not loading for me

I tried the other 2 rooms as well, same thing

would it be a browser issue? I'm using chrome

Tried it just now and works fine for me.

mmmmm

I'm not certain as I haven't used Chrome for THM-related activities.

which browser did you use?

if thats okay to share

I'm using Firefox, but it seems to be a network connection from your end. To which VPN server are you connected to?

i use nord. but even after disconnecting and trying it still doesn't work

also, i was using the VM, not the RDP

Are you using Nord on your host on top of your THM OpenVPN? If so, it is a probable cause of the issue.

okay

retrying without plus with different browser

i think something is wrong with my computer. same issue

the linux boxes run fine, just the windows

That is odd.

Also restarted and the same issue. Also with a different browser

so its definitely my computer, I used my phone which is also on vpn and it worked

so need to find out why my computer not allowing it

yes

can you please tell what exactly i need to do for verifying myself 😅

@brave cobalt

Hi, is anyone else having issues with the VPN connection to tryhackme being very slow?

/ verify and your discord token found on your profile

Is this room outdated?

currently logged in as root and it doesnt accept root as an answer

Nope, your answer is wrong.

You're in the wrong machine, did you deploy the machine on Task 1? 🙂

yes of course

upon checking theres only one machine for this room

Linux fundamental 1?

@tight ingot hey you again, hello there

yes

Can you send a me a screwnshot of the row at the bottom of the attackbox?

hold on

Can you click where it says "linuxfundem"

oh my!

there you go, thanks @tight ingot

Gave +1 Rep to @tight ingot

🙂 use that machine for this task room only 🙂

I see.. okay!

hello guys, first message on the discord for me, started out recently. did anyone beat the osi model split screen game in under 19 seconds ? "(Can you beat our staff high score of 19 seconds?)" personally got 22s seconds on the second try, might be something im missing, seemed like i was moving instantly...

https://tryhackme.com/room/osimodelzi

Attempt number 3.

Last attempt 🙂 @waxen charm

oh wow

guess it's doable 😄

thanks

How do I fix the already running instance of my attackbox. I cant deploy a new one. I already terminated it but still cant deploy a new one.

Which room is this? Usually, only one attached VM can be run for each room at one time.

I managed to figure it out by turning it off on the split screen instead of using the button

Why is it asking me to connect to myself? 10.10.84.81 is myself so why is it asking me to get a file on myself?

it says ensure that you are connected to the deployed instance 10.10.84.81 which is the (attackbox myself) and get some files on it? Get some files on myself?

Start the webserver of my own attackbox? Why? To get files on my self? I would understand if its asking me to start a webserver of a remote machine instead.

10.10.84.81 is the IP address of your target.

How are you connecting to THM - via VM or Attackbox?

attackbox

10.10.84.81 is my attackbox

Can you do ip a on the Attackbox and share the result?

aaah.. that is not the Attackbox, but the target VM for the room.

what should I do I'm confused

You will have to use the Attackbox (by clicking on the blue Start Attackbox button that you can find on the top portion of your screen). You will then use it to connect to your target (after starting the HTTPServer module).

Can you click on the Start Attackbox to see where it will re-direct you?

opens up my attackbox

The one with root@10.10.x.x at the prompt?

ahh I see it now

That's it then.

this is my own IP in which where I need to dump the files with

thanks sir/ma'am!

Gave +1 Rep to @brave cobalt

Glad I could help.

could I start sending commands now or should I wait for it to finish serving? @brave cobalt

its not responding at all

It only means it is now serving the file and can be fetched from the Attackbox via curl or wget

You need to run the wget from your Attackbox.

If I remember correctly, the .flag.txt file should be in the tryhackme user's home folder. Type cd ~ before you run the python server.

there is no flag.txt on home dir of tryhackme attackbox

ah there is but its a hidden file

Can you Ctrl + C on the target VM (to stop the python http.server for now)?

And then type cd ~ to return to the tryhackme user's home directory

okay hold on

And then type ls -la to list all files in the current directory

i need to be on the home directory of tryhackme and then run the httpserver right?

ahhhh

okay it should be not on /home dir

thats why it cant retrieve the file

hold on let me try

ah finally

thanks again @brave cobalt !

Gave +1 Rep to @brave cobalt

You're welcome.

how do I determine if a process is "out of ordinary?" What is the indicator that it is an unusual process?

Also how do I view the flag of a process? Can I just cat command on a process?

I vaguely remember this question as it is very tricky to answer if you have no idea. However, I would suggest to check the processes run by root.

It is. Previous lessons did not teach the user on how to actually find out if a process is an unusual or not.

okay thanks for the tip

Gave +1 Rep to @brave cobalt

how do I get the flag out of that process once found out?

@brave cobalt how do I output the flag out of a certain process?

@brave cobalt found it. I forgor to connect to the target attackbox

Windows Fundamentals 2 > task 7:
For the ipconfig command, how do you show detailed information?

why does the answer has to be in capital letters? if you're looking it up with ipconfig /? you will see lowercase, only in the refered link the capital letters are used

There's a command you can use that Will display all inform

Informa

Yea there is a specific option you can use for more detailed ipconfig response 🙂

@molten panther

you have followed all the path of tryhackme

well the later half shadow has only done about half of but yeah

i want some guidence i am confused which path to follow

well shadows list there is going in the order shadow recommends to follow the paths

shadow is your name just asking

yes ello ello shadow is shadow a person that refers to themselves in third person

If you want shadows recommendations it is in this order
⁠pre-security-pathway 
⁠introduction-to-cyber-security-… 
⁠junior-pentester-path 
⁠complete-beginner-path (optional)
⁠pentest-plus-path (optional)
⁠web-fundamentals-path 
⁠soc-level-1-path 
⁠offensive-pentesting-path 
⁠red-teaming-path 
⁠cyber-defense-path
[02:10]
the optional ones are optional due to not teaching a lot of new concepts if you do the previous paths but are still worth looking into have you updated the sequence of this path?

have you updated the sequence of this path?

well yes as shadow added the newly released paths to it... though the order has mostly stayed the same:
#pre-security-legacy-path 
#974406074444685322 
#junior-pentester-path 
#878393611929129000 (optional)
#pentest-plus-path (optional)
#web-fundamentals-path 
#soc-level-1-path 
#soc-level-2-path 
#security-engineer-path 
#offensive-pentesting-path 
#red-teaming-path 
#791764435991658556

can you send the updated ones

as for now you are working professional or student

the last message is the updated one

can i dm you

no please

ok

if you wanna post pictures use the /verify token command

I just started the advent of cyber as a beginner in this field and i hope it's very beginner friendly

I'm having some trouble using wget to obtain the file http://ip:8000/.flag.txt

I set up the server using python3 -m http.server

Then I opened another terminal and I'm using wget http://ip:8000/.flag.txt and i'm connecting fine but it's saying that the file isn't found

any advice?

Nvm figured it out

So the issue was that i wasn't doing python3 -m http.server from the proper location. So when i connected, there was nothing to find

very helpful, thank you