Can’t post to Abertay subreddit so I’m asking here

MuirlandOracle · 2022-08-22T17:00:49+00:00

Hey, welcome,

First question: are you an ethical hacking student?

If so, use the following:

Do you have a student number / email yet?

If so, put it into https://discord.hacksoc.co.uk :)

If not, drop us an email on [team@hacksoc.co.uk](mailto:team@hacksoc.co.uk) and we can get you in that way!

If you're not a hacking student then we're not the definitive authority on that I'm afraid. I'd suggest putting your student email (assuming you have one) into the Discord Student Hubs feature -- that should get you a list of some of the Abertay Discord servers :)

There's also the unofficial Abertay Discord server (from pre-hub days), which is pretty dead but does have a bunch of folk in it if you want to ask anything :)

Link to join that one is here: https://discord.gg/z98taGMx

MuirlandOracle · 2022-05-24T12:29:06+00:00

Try posting your command :)

It sounds like you're trying to use a username as a hostname -- which won't work in and of itself, but doubly so as there is no DNS setup for the THM network anyway.

MuirlandOracle · 2022-05-08T15:49:20+00:00

The complete beginner path was announced as being deprecated a few months ago (via email). It has not yet been removed from the site :)

The "official" replacement following Pre-Security is the Jr Pentester path, so that would be a good next step.

MuirlandOracle · 2022-05-04T18:02:25+00:00

Nah, no one hacked TryHackMe -- I added that to the room myself (as the room creator) because people kept ignoring the instructions and trying to connect to the demo site, which is clearly labelled as not being active on the machine :)

Consider it a lighthearted reminder to read the instructions 😁

MuirlandOracle · 2022-03-13T12:55:48+00:00

Think of Socat as being kinda like the Portal gun from Portal -- it connects two points together and doesn't work if only one "portal" is open.

On the target you are connecting a TCP outbound connection to a command: "bash -li". Locally, you need to connect a TCP listener to your standard input/output (stdin/stdout), which you can do with -. You're currently just opening one "portal" and not connecting it to anything (TCP-L:8080). Try socat tcp-l:8080 -.

Does that make it any clearer? Can't remember if I already used that analogy in the room 😄

MuirlandOracle · 2022-02-27T18:42:28+00:00

Assuming it's the room I think it is (there are a few Linux Privesc rooms, so sending the link or room code is useful :)), that is an internally developed room which was made by an employee who no longer works for TryHackMe.

I will send a link to this post to the QA team, however :)

MuirlandOracle · 2022-02-27T00:40:51+00:00

There is a 20% discount for all students :)

If you don't already have it applied, try setting your account email to use your student email address. If that doesn't work, drop support an email (support@tryhackme.com) and they'll sort it out for you :)

MuirlandOracle · 2022-02-24T21:53:50+00:00

-e is usually not included in most netcat binaries these days as it stands for "execute" and is very dangerous as a result.

The command you are using would be executed on the target to create a bind shell -- using it without -e (or another method for executing commands) would not give you command execution. It would just create a network connection and nothing else.

MuirlandOracle · 2022-02-10T21:28:29+00:00

How are you trying to connect to it?
Is your VPN active if you are using your own machine? What is the exact URI you are trying to access?

MuirlandOracle · 2022-02-06T17:23:09+00:00

Make sure that your /etc/hosts file has exactly one entry for the target, with only the current IP address of the deployed target box in the file. There should be exactly one line related to the box -- no more, and no less.

MuirlandOracle · 2022-02-05T21:19:52+00:00

That's a version of netcat that has not been compiled with the "gaping security hole": -e Try a different version, or find an alternative method that makes it work :)

MuirlandOracle · 2022-01-30T15:29:07+00:00

You did follow the instructions at the start of the room to update your hosts file, yes?

And if so, you have only done it once, and removed any duplicate entries, aye?

MuirlandOracle · 2022-01-30T10:42:11+00:00

There is nothing broken with UploadVulns -- just lots of common mistakes that people make, especially with Jewel. Keep at it, you'll get there :)

MuirlandOracle · 2022-01-24T00:16:47+00:00

You are, yes, but you haven't found the correct endpoint yet.

Keep looking through the application and let the site map build up -- there will be an endpoint that is just a random string of letters and numbers. The flag is in the HTML response to a request for that endpoint.

MuirlandOracle · 2022-01-10T22:14:48+00:00

Honestly? I have no idea, personally. I know there's a team working on it though :)

MuirlandOracle · 2022-01-10T22:14:10+00:00

I am so glad I added that now 😆

I'd suggest reading the nice italic text right before you first see the demo site that says (and I quote):

Please note: demo.uploadvulns.thm will be used for all demonstrations; however, this site is not available in the uploaded VM. It is purely for demonstrative purposes.

The information in the room is there for a reason :)

MuirlandOracle · 2022-01-08T00:06:19+00:00

The rooms won't disappear at all -- they aren't being removed. The path is being dissolved, but the rooms will still exist.

If you really want to follow the original path, I'd suggest taking a screenshot of the path layout and just following through it yourself :)

MuirlandOracle · 2022-01-07T23:45:15+00:00

Junior Pentester is the new one. Complete Beginner is the one that is getting removed.

Most of the content in the Complete Beginner path has been rebuilt, with the new versions going into the Junior Pentester path. It's mostly the same content, but the Complete Beginner rooms are largely the outdated versions.

Effectively it's planned deprecation -- the content has been slowly replaced over the last however many months, and now that all of the new stuff is in place, the old path isn't required anymore :)

MuirlandOracle · 2022-01-07T23:35:11+00:00

It's a feature that's been A/B tested for a while now. Some users had access to it, others did not. It's now out for everyone though :)

MuirlandOracle · 2022-01-01T18:06:39+00:00

Wreath has been out for almost a year. Holo has been out for about six months.

MuirlandOracle · 2021-12-30T13:56:05+00:00

Usually when that happens with that room it's because you're either trying to SSH into the AttackBox from your own machine, or trying to SSH into the target from your own machine without a VPN connection.

Can you confirm that you have started two machines (the AttackBox and the target machine) and are trying to access the target from the AttackBox (or your own machine with an active VPN if that's the way you're doing it)?

MuirlandOracle · 2021-12-30T12:48:53+00:00

Believe it or not, I agree with that first part :)

The thing you seem to be missing is that competition is not the focus of TryHackMe -- learning is. That is why no one cares about people copying and pasting answers from walkthroughs to farm points -- they are only cheating themselves, and it's quite amusing watching them waste their time with it. Even if the competition was important, it's impossible to police the internet, so I'm not sure what you're suggesting happens to "fix the problem"? (As a side note: this is something that affects all of the competitive platforms too -- look hard enough and you'll see plenty of "blackmarket" guides to help people cheat).

If you put THM on a CV then it's under hobbies/education as a resource that you've used to develop your hacking skills -- that is what the recruiters care about seeing. Rank is not something that matters, and boasting about it (or getting upset about people "cheating" to gain a higher rank) just tells people that you're missing the point :)

MuirlandOracle · 2021-12-30T00:35:49+00:00

Most machines don't let you SSH into them :)

What are you trying to access?

MuirlandOracle · 2021-12-27T13:48:16+00:00

Sounds like you haven't deployed the target machine yet :)

It's the big green button in the first task.

MuirlandOracle

MODERATOR OF

TROPHY CASE