The following is a rolling list of confirmed issues with current THM rooms, the workarounds and expected timeline of resolution. This is a handy reference to check against in the case that you experience with an issue with a room.
Thanks to Jabba/Heiss for his help in compiling this.
Blaster
Issue: No web-browser history for the CVE.
Current workaround: The original room for this - Retro - has the CVE as expected.
Expected timeline of resolution: Indefinite.
Blue
Issue: Sometimes the Eternalblue exploit does not work.
Current workaround: This is as a result of the exploit itself. Eternal blue has an equal chance of working as or crashing the VM. Check your Metasploit options and redeploy the Instance. It may take a few tries.
Expected timeline of resolution: None as it is due to the exploit itself.
Cross-Site Scripting
Issue: Flags may not appear when using some payloads
Current workaround: You may have to try alternative payloads for that specific question. Some flags expect very specific payloads.
Expected timeline of resolution: The room is currently being entirely recreated.
JokerCTF
Issue: The lxd container does not appear in the lxd image list.
Current workaround: Redeploy the VM or use an alternate method not involving lxd.
Expected timeline of resolution: None as there is an alternate method not involving lxd.
Learn Linux
Issue: Sometimes you receive random permission denied errors when running the binary files.
Current workaround: Ensure the conditions that the binary checks for are correct (i.e. environment variables as per the task). If they are, redeploy the Instance.
Expected timeline of resolution: Indefinite.
OWASP Top 10 (Task 21)
Issue: http://machine_ip/reflected does not work
Current workaround: Just go to http://machine_ip/ and then click on "reflected"
Expected timeline of resolution: Indefinite.
Shodan
Due to the nature of Shodan updating a lot, the answers can become outdated.
If this is the case, please let us know via Reddit, the Discord or forums with the following:
- Question/task number that is out of date
- The correct, current answer
- The search query (URL of the search) that shows you this answer.
Tartaraus
Issue: Files needed for privilege escalation may not appear.
Current workaround: Redeploy the VM.
Expected timeline of resolution: Unknown.