We want to make the entire process of both teaching and learning cyber security a lot easier. As a student, you can join rooms on different areas of security, learn practical skills about these areas, and building an amazing skillset.
We know that it can be a pain to set up teaching material and keep track of users' progress. Creating rooms makes it easier for anyone (both casually and professionally) to teach cyber security classes. With a click of a button, you can make your own material available to students, and easily check up on how well they are doing with the class. TryHackMe is perfect for setting up CTFs, Workshops, Assignments or Assessments with our user tracking functionality (see below).
Rooms are a virtual space where you can easily allocate tasks to the users. You can create rooms for challenges (CTF's) or to run a particular workshop or training session.
The process to start allocating tasks to users is below
Completing rooms gets you a certain number of points. A breakdown of how questions are scored as as follow:
|1st to answer||200 points|
|2nd to answer||180 points|
|3rd to answer||175 points|
|4th to answer||165 points|
|After 4th||150 points|
If the room type is a walkthrough room, you only get 25% of those points added to your account score. Challenge room’s receive 100% if the room has been released during this month.All points you get are added to your ‘All-time’ score, however not all points are added to your ‘Monthly’ score (which is reset to 0 on the last day of the month 23:59 GMT). You only get 100% of a room's monthly points if a room has been released during that month; you get 25% of challenge room points if its not released in this month. This stops new users being able obtain large amounts of points as they have more rooms to solve than older users - by monthly points only being awarded if a room is released this month, everyone has a fair chance to be number 1 on the ‘Monthly’ leaderboard and everyone has an equal chance to be number 1 on the ‘All-time’ leaderboard.
Every question answered gets you an additional "wiggle" score, where there is between 0 and 20 random extra points added. The wiggle is not awarded to the three users to answer the question, this helps keep first blood points worth it.
You have the ability to deploy virtual machines attached to particular rooms and tasks. These machines can only be accessed using a VPN connection. In this case, users need to download an OpenVPN configuration file from here. Once a user deploys a machine they will be given a internal IP address which they will be able to communicate with using the OpenVPN connection.
Our OpenVPN configuration will only route users traffic if they're trying to access one of the machines on our network, all other traffic is routed through their own connection. To reiterate, when a user is connected through our OpenVPN connection only traffic for 10.*.*.* networks are routed through the VPN.
We know that having to set up an environment to get started can be a tricky. We provide you with your own Kali Linux machine with all the tools you'll need that you can control in your browser. No complicated physical labs needed, you just need an internet connection!
Check it out in the Kali room to deploy your own machine
To create a room, visit here and click a the "Create room" button. You will be greeted with a screen asking you to enter the title, description, and image.You should also add tags to make it easier to classify your room under a particular topic.
Creating the room successfully will show something similar to the image below
Now that you have the room created, you can manage the room by assigning tasks to it, and changing the different options. Once you access the page and select your room, you'll be shown something like the following.
You can see that you can easily change the title and description of the room. Additionally, you have access to several options such as:
When uploading VM's that allow SSH access, please ensure the following:
You also notice that you can change the room code; you can do this if you only want certain people to access the room. In addition to this, users can add writeups to the room(which will show up in the write up section above). As a room owner, you can choose whether you want to accept/reject this write up
From the above you can see that you also have information on what users have joined the room(with this, you can also kick people out of rooms so that they don't have access to the rooms). Additionallyyou can edit tasks that have been assigned, and also delete the room
To assign tasks to the room, you go to this link. Here's what it will look like:
You can see that you can pick a particular room to assign tasks to by selecting the correct check box. Once this is done, you can also assign a deadline by which you want the tasks to be complete(this is useful if you are running an assessment or a workshop). To attach the material to the task, you select the correct radio button(which will generate a drop down list will all your options). You can thengo on to add a title and description. The description usually contains instructions on how to complete a task, or surrounding material regarding the task. Once this is done, you can add questions, answersand even hints. While this functionality is important, it is also possible to not attach questions, or not attach any answers to questions. It can also be seen that you do not have to attach material to tasks;if you are creating a room that is more theory based, you do not need to assign any material to it. Once this is complete, you can create the task. You can then enter the room by checking the hacktivites pageor entering the room code(like the image below).
Once you enter the room, you can see that users are able to deploy the machine you uploaded.
To add more tasks, or edit the tasks, follow the steps above. If you have any difficulties, email us on email@example.com
There are two different types of materials that can be uploaded:
Go to the upload page to start uploading material. From the image below, if you want to upload non virtual machine files, select the downloadablefile option. Continue to select the browse option to select the file. After this, fill in the title and description, and click the upload button.
Depending on the size of the file, it may take some time to upload. Once you successfully upload the file, you will receive this message.
Once your "downloadable" material has been successfully uploaded, going to this page will show your file.
The same process for uploading .OVA or .QCOW2 files applies as above. However, when you click the upload button, the following will appear.
You need to stay on this page until the uploading completes; VM files are usually large, so this may require leaving the page open for some time. Once the uploading is complete, you should receive the message shown below. The VM file needs to be converted to be compatible with our infrastructure, and this may take some additional time
To check the conversion status, you can visit this page.
Once the machine has successfully converted, you will see that status showing successfully conversion with a green dot in the status area of the table. Now that the material is ready to use, let's look at creating a room!
Many rooms have virtual machines (VMs) you can deploy from the cloud. You then get given the machines IP address and you can get hacking straight away! Deploying VMs requires you to have a subscription with us; however we have certain rooms you can use for free to get started. This can be done using a credit/debit card or via PayPal.
The subscription is $10 a month and has the following benefits:
We do not store any credit card details and subscriptions can be cancelled at any time.
When you have subscribed and deploy a machine it will look like so:
If you're having problems with your OpenVPN connection and the videos on the access page do not help. Email us with a screenshot of your OpenVPN client and we can provide support.
We will blog about anything such as room writeups, current security news, TryHackMe events and much more. Go over to the blog page to view all the posts.
If you have any questions or problems please contact: firstname.lastname@example.org or join our discord server.