#recent-threats-module

What is the flag that you obtained by following along?does anyone know the answer to this question?

I don't know lol!

which one of the rooms???

its intro to defence system

i dont really know about the room

this channel is for the rooms in this module: https://tryhackme.com/module/recent-threats
so which one of those are you in @rugged sphinx ??? if not you will have better luck in #room-help

🥳

The PoC that we used has the capability to establish a reverse shell upon exploit - what binary is being used to accomplish this?```

what exactly does that mean

Proof of concept exploit ,what binary is used during this exploit to get the shell

for example a type of binary it can be base64?

my problem is that i dont understand the question to be able to respond

"what binary" means what program

Binary being a compiled program

ah ok

thx

Binary file can mean other things in other contexts. Binary isn't a term that will always refer to an executable.

hello, i've got a question about room cve2022-26134 (Atlassian, CVE-2022-26134)
I couldn't find the log files on '/opt/atlassian/confluence/logs' using the attack box machine, there is not any file named atlassian in /opt folder. Could you please help?

i thought so but let me show you,

I just started the attack box again, there is a confluence platform which i can reach from http://IP:8090 but I couldn't see the log file

😦 I searched nearly all directories manually

I couldn't send screenshot

You have to verify first to do so

!docs verify

@jaunty gorge thanks I verified 🙂

Gave +1 Rep to @jaunty gorge

as you can see, there isn't any folder or directory named atlassian or jira 😦

Of course you are not finding it there, that's the attackbox, so if you are going to look for that log file, you would have to do it on the target machine, since Confluence is on that machine

I have not done that room, but Task 4 is only explaining how you could detect that vuln if you are looking for it on your own install of it, so it's just an explanation, so you doesn't actually have to go there

omg I'm such a dumb 😦 I just thought I could do everything through attackbox

thank you very much I'am trying to learn those things

Not an issue 🙂

@jaunty gorge hope I can do it, thank you for your kind response

@jaunty gorge can I ask one more question please take it about my inexperience, I think I have to create a vm and install a vulnerable confluence on it to simulate this attack and then use attackbox to exploit the vulnerability, is it correct?

No I don't think so, but I could be wrong since I haven't done that room. If you struggle too much, you could look for a writeup about that room.
Or check out #993824238865748008 since that's the channel where you most likely find the answers you have already asked 🙂

thanks again for your patience 🙂 I'll try my best to solve it

Gave +1 Rep to @jaunty gorge

Hey, I'm having some trouble with the basic pentesting module. I'm at the step to crack the ssh passphrase but every time I try to crack the hash file after put in ssh2john, JtR tell me (no password hashes). Do you have any idea why isn't working ?
thx by advance for help

oh yes sorry I read wrong the title

did you ever figure this out? I'm stuck too

Still?

Just go through the steps in the static website.

hello
can anyone help me
i want to start ethical hacking

Please don't spam the server, ask in one channel and wait, I sent a reply.

I already told him, no mini modding pls 🙂

Hey,
on Burp Suite: The basics, I do not understand if it talk about FoxyProxy or BurpSuite? And which right click menu is?

That's talking about burp.

If we must right click on the Options, I can't

No, it's talking about the options in the right click.

Go to Intercept > Right click,

Oh okay! I just found it

Thank you

can someone help i don't know how to solve this part I have stuck here for a long time

which room and task???

is in Jr penetration tester, Introduction to Web Hacking, Walking An Application, Viewing The Page Source

ah lets move to #junior-pentester-path or #room-help then as this channel is for some other rooms that are in the recent threats module

Okay

i changed the full name to my actual name in my profile but the certificate won't change it. How can i get it with my name ?

If you already have a certificate, changing the name will not update the certificate. Future certificates will have your name. If you want your name on your existing certificate, I suggest using a graphics program to change it, such as Paint.

sad news robert... paint has been removed from windows since a decently recent version of windows 10

Paint 3D?

that not paint.... that is just its successor

Windows reversed the decision to remove Paint.

phew that is some good news

this also means we can probably still create bmp files in paint that opens cmd

ayo???

thats a new concept for me

think there is a hak5 video on said thingy

Hi, just downloaded ParrotOS Security to my VMware. and trying to run a vpn. but it says "could not find the commando run" how do i fix this? im pretty new to this

maybe try grabing openvpn, save your VPN key to a location of your choice on the box as name.ovpn then use the command 'openvpn name.ovpn' to connect to the environment.

when running in a VM i used openvpn. youll need your ovpn file from tryhackme.com/access

you can use the UI or CLI. load the config and you'll connect.

Thanks! Worked with "sudo openvpn filename"

What in the flying fuck, thats insane

Do you have any sources for this? thats nuts

https://www.pentestpartners.com/security-blog/breaking-out-of-citrix-and-other-restricted-desktop-environments/#gainingacommandshell

mspaint.exe section

https://www.youtube.com/watch?v=Nwc2g4eGvTs

Thank you! @paper coyote @timber sluice

Hello, I'm stuck on the question:

"Consider the desk in the photo above. In addition to the smartphone, camera, and SD cards, what would be interesting for digital forensics?"

which comes from "Intro to Digital Forensics"

I tried all the words
6 letters from all over the room and none of them work... can someone help me please?

a computer that you often place on your lap is called a what???

Never thought this would be so frustrating. 🙁

Maybe I should add this as a hint. 😄

I think so, it's caught so many people out.

Thanks @timber sluice; I added a hint. 🙂

Gave +1 Rep to @timber sluice

Thank you @wicked pendant for the information. 🙂

oh haha.... so shadows message became a hint... neat

Heads up the atlassian room task git repo is no longer public

Hi

well saw this module for 1st time here

please , has anyone here solved the great escape CTF practice ?

I've a problem concerning the first flag , I wanted to brute-force the /.well-known ; I tried ffuf , gobuster and dirb tools ; still couldn't find the .txt flag !! any help

hay, i have a question for the task 7 of module Burp Suite: Repeater ...It works well the ""500 Internal Server Error" ? because me he doesn't works..
ty for futur answer

well weird how this channel is just general support now and not just for the module that it is named after

aaaand we are back baby with new recent threats room

Dear all, can u help me with the generation of new cert for a new computer that i added in to the system under section CVE-2022-26923

i keep getting this error

Hello

How is everyone

I am new here

And bored

when i try to export a jpeg or smt as a packet byte in wireshark i cant save it

Was it an HTTP session? File→Export→Objects→HTTP

c

doing well! Thanks for asking

Gave +1 Rep to @hasty pike

Can't seem to get the .rtf exploit to fire in https://tryhackme.com/room/follinamsdt.
Opening the .doc (or .docx), it's not editable (Word Activation error), so impossible to save-as .rtf to complete the zero*-click variant. (renaming the file/extension to .rtf doesn't work either)
(screenshots here: #room-help message)

Walking An Application

Answer the questions below

What is the flag from the HTML comment?

What is the flag from the secret link?

What is the directory listing flag?

What is the framework flag?

Hey 🙂

For one, we do not just give out answers to questions.
Also, please do not spam that messages over multiple channels.

Hey everyone, I'm having trouble understanding a question, can someone help me out?

Try to reach out in #room-help channel 🙂

You could use Google and some AI to learn rather than just filling up answers my friend.

@inland phoenix Please slow down — spam isn’t allowed.

@unique tusk Please slow down — spam isn’t allowed.

@arctic zinc Please slow down — spam isn’t allowed.

🥳

meep shadow has done nearly all the rooms in this module

Meep-meep

PrintNightmare task6, anyone can help me with this task?

hi team

can anyone help me with Task 7

Ask

hey brother...thanks...its done

this was fun

Alright, no worry

Which question?

can i dm you?

Sure, but if you ask here others can join in to help as well. 🙂

When i search for "Event ID" it return nothing

PrintNightmare Task 6, I have tried searching in win Event Logs viewer, but i can't find anything. Please help me, thanks in advance.

hi in spring4log how do i get a reverse shell using the webshell?

Which questions are you stuck at? You have to look at right log folder to find them.

spring4shell room?

i stuck in the optional one

i used bash in encoded url format and nothin

Ask in #960592067137011752 as this channel is for recent-threats module. 🙂

okay thanks

Gave +1 Rep to @burnt parrot

uhhh it's in this module tho

Ah, my bad. Didn't saw that.

spring4shell still does not seem to have been exploited a lot in the wild

Check your log source and use filter for EventID!

Seem I do something wrong, can I dm you about this room?

??????

that no look like english to shadow

@winged grove Everything you need to get the answer is here in this image. Also question 1 (in task 6) was updated with a slight hint.

and module completed

took a while to type out the thingies from the event viewer logs

in the printnightmare room that is

New room added to the module: CVE-2022-26923 🥳

ah that answers shadows question if this module will get regularly updated with new threats and how to exploit and mitigate them.... the only question now is when threat is old enough to get removed from this module

mmm that's interesting

guys

anyone else getting 500 interal server error in the west coast?

That was because of Cloudflare outage 😄

Hey all --
I am having some issues with the initial exploit for Print Nightmare. I am following the instructions exactly as they are written. What am I missing?

Here is a glimpse of the logs on the SMB Server I am hosting with impacket --

Ah. I figured it out. For those seeing this in the future -- I failed to modify my smb config file before doing the exploit

GG

Hi

Hey all -- I did video walkthroughs & explanations on every threat/room in this module. If you get stuck or would like some extra learning, I hope you find these helpful 🙂

CVE-2022-26923: https://www.youtube.com/watch?v=a-bCbIqGMCg
Spring4Shell: https://www.youtube.com/watch?v=iWdO9C5Aw_g
Log4J: https://www.youtube.com/watch?v=QDNPsupvAME&t
Dirty Pipe: https://www.youtube.com/watch?v=VfBTEpk2oz0&t
Pwnkit: https://www.youtube.com/watch?v=w5nBnvmYlf8&t
Print Nightmare: https://www.youtube.com/watch?v=FGivGdziLuA

So I followed the directions exactly to a T with the Log4J / Solr room video and a connection is never received on the netcat terminal window

Session is still live, I closed everything out and terminated then created new sessions and new attack box session and get the same result following the instructions

why arent they marked with green things even though i completed them?

"green things"

you're being redirected to the newer versions of those rooms and those old ones are just left not completed

couldnt remember the name for that

green checkmarks

#site-bugs message

ah yes

ah ok ty

Gave +1 Rep to @wicked pendant

wdym?

that's... pretty much self-explanatory

bad english pays off

those rooms have been remade by the site itself

still dont understand

there is an old room that is about metasploit and burp suite... but they have been made outdated and scrapped and therefor now redirect to newer rooms... the reason you are not getting the green checkmerks is because the pentesting tools series is looking for those old rooms being completed when you have just completed the new ones

aaaaaaaaaaaaaaaaaaaah

and no there is nothing we or you can do to complete the old rooms sadly enough

gotta wait for thm staff to do something about it

oh

so icant do them

sed

ty

no problem.... hope this helps

should be fixed sometime in the future

i does

wordlistctl doesnt work the right way for me i think?

fixed

Hello, I'm doing the machine 'Blue' ( easy ).
That machine is vulnerable to smb-ms17-010 and when i go to metasploit to run the exploit i get 'FAIL' messages. Tried few times. I gave up and went to the writeups and apparently it's mentioned that sometimes it might be needed to restart the machine but i did it already 3 times. Any ideas?

i had the same but it worked for me

did you look up on yt

in the 2 places i read, it says to restart the machine

i'll go ahead with the 4th 😄

try to watch a yt vid on it

You need to set the LHOST.

and see if you did the same as the yt vid

yes, that's done

To your tun0 ?

Blue can be bad for not working.

hmmm to the destination machine

No, that's RHOST.

ohh sorry, LHOST, that did not touch it

let me check options in a sec

set LHOST tun0

in the vid i watched, they don't do the 'set exploit windows/x64/shell/reverse_tcp

and works at the second

What's your LHOST?

i have a LHOST option AFTER i set that exploit

and it points to my local IP address

192.168....

Nah

Change it to your tun0.

ok, running now

ohh ohh works

niice! Thank you guys !

Happy Hacking.

Going forward, when trying to catch rev shells etc, always set it to your tun0.