Room Banner

Love at First Breach 2026 - Advanced Track

Go deeper into TryHeartMe's web of lies.

hard

1337 min

Team room

7,421

User avatar
User avatar
User avatar

To access material, start machines and answer questions login.

Task 1Intro and Rules

Welcome to the Advanced Track of Love at First Breach! You've proven your skills in the preliminary rounds, and now it's time to test whether your passion for security runs deep enough to crack the most challenging defenses we've prepared. In this track, the hearts we're targeting aren't made of chocolate. They're hardened systems, encrypted secrets, and vulnerabilities hiding in plain sight. The competition heats up from here, so grab your favorite caffeinated beverage, fire up your terminals, and let's see if you can make these systems fall head over heels. Good luck, and may your exploits be as elegant as they are effective!

What is a CTF?

A Capture The Flag event is a competition where you and your team will have to solve cyber security challenges in diverse areas of knowledge. The challenges are completely practical and will allow you to put your skills to the test. Each challenge has one or more flags you'll need to retrieve to score points.

A flag is a string of text hidden in each challenge that will serve as proof that you've achieved the expected goal. Flags for this competition will follow the following format:

THM{some_text_here}

Who Can Join?

Anyone! This CTF has no limits for participants.

Where Are the Challenges?

The advanced track of this competition will run from February 15th at 16:00 (GMT) until February 16th at 16:00 (GMT). The challenges will be made available in this room when the competition starts.

Read the Rules of the CTF! 

We'd love to say that everything is permitted during your search to stop the attacker, but you can't go berserk here. Remember, you can attack the target machines, but not the TryHackMe platform.

This means:

  1. Do not attack TryHackMe's infrastructure.
  2. Do not attack other users' machines; only use your IP and/or the target machines' IP.
  3. Don't share flags with other teams.
  4. Don't ask for hints during the event.
  5. Do not brute force flags on the TryHackMe platform.
  6. The maximum team size is 2.

If you have questions or need support from us, please join our Discord channel and open a ticket.

Search for a Teammate

While playing solo is definitely possible, you can find a team mate by going to the event's matchmaker here.

Answer the questions below

I have read the rules and joined the Discord server.

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machineMachine info
Status:Off
Target machine - Task 2Machine info
Status:Off
LOVELETTER.exe 
From
TryHackMe
To
You
 
Points
300
Category
Forensics
Difficulty
Hard
My Dearest Hacker,

This Valentine's Day, an employee at Cupid Corp received a heartfelt e-card from a secret admirer, but romance wasn't the only thing in the air. Initial findings reveal that multiple attacker-controlled domains are tied to the campaign, each serving a distinct role in a highly sophisticated, multi-stage payload delivery chain.

The threat actor behind this operation appears to be exceptionally meticulous, with infrastructure configured to serve payloads only to genuine targets, specifically Windows users, effectively staying under the radar of automated analysis tools and casual investigation. However, it was eventually discovered that this specific campaign points all domains to MACHINE_IP.

Your mission: Trace the full attack chain, reverse-engineer the payloads, and recover the stolen data before the trail goes cold.

To get started, investigate the email in this archive to identify the infection's origin.

Zip password: happyvalentines

Forensics
With love,
Chief Inspector Valentine 💕
Answer the questions below

What is the value of the flag?

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machineMachine info
Status:Off
Target machine - Task 3Machine info
Status:Off
Cupid Cards
From
TryHackMe
To
You
 
Points
300
Category
Boot2Root
Difficulty
Hard
My Dearest Hacker,

Spread the love this Valentine's Day with CupidCards - the web app that lets you create personalised Valentine cards! Upload a photo, add a heartfelt message, and generate a custom card for that special someone.

Boot2Root
With love,
Chief Inspector Valentine 💕
Answer the questions below

What is the first user flag?

What is the second user flag?

What is the third flag?

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machineMachine info
Status:Off
Target machine - Task 4Machine info
Status:Off
St3alMyH34rt
From
TryHackMe
To
You
 
Points
300
Category
Red Teaming
Difficulty
Hard
My Dearest Hacker,

This Valentine's Day, someone is waiting to be swept off their feet. Break through the barriers and reach what's most desired.
Prove it with the Administrator flag, and remember on Valentine's day outbund traffic is not allowed.

Use this credential to access via RDP:
User: andrea
Password: Cupid@2026!

 

Red TeamingWindows
With love,
Chief Inspector Valentine 💕
Answer the questions below

What's the Administrator flag?

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machineMachine info
Status:Off
Target machine - Task 5Machine info
Status:Off
Chains of Love
From
TryHackMe
To
You
 
Points
300
Category
Web
Difficulty
Hard
My Dearest Hacker,

NovaDev Solutions is a software development house known for building secure enterprise platforms for clients across multiple countries and industries. Recently, NovaDev Solutions rolled out a new customer interaction feature on their website to improve communication between clients and developers.

Shortly after deployment, NovaDev began experiencing unusual traffic patterns and minor service disruptions. Internal developers suspect that something in the latest udpate may have exposed more than intended.

Web
With love,
Chief Inspector Valentine 💕
Answer the questions below

What is the flag.txt?

Cloud Nine
From
TryHackMe
To
You
 
Points
300
Category
Cloud
Difficulty
Hard
My Dearest Hacker,

This Valentine's Day, Cupid has gone digital with Cupid's Arrow - a revolutionary web application that lets users shoot virtual arrows across a world map to forge connections between people. But Cupid has had a change of heart.

Tired of playing matchmaker, the legendary deity has gone rogue and twisted their own creation into something sinister. What was meant to spread love is now being weaponized to break relationships apart. Couples worldwide are mysteriously drifting apart after their locations are targeted on the map, and Cupid is watching gleefully from above.

Your mission: Investigate the Cupid's Arrow application, discover how this fallen angel is manipulating the system, and find the flag hidden in Cloud Nine - Cupid's secret administrative sanctuary where all relationships are controlled.

Can you outsmart a rogue deity and stop this Valentine's Day catastrophe? Or will you fall victim to Cupid's corrupted arrows?

http://54.205.77.77:8080/

CloudWeb
With love,
Chief Inspector Valentine 💕
Answer the questions below

What is the value of FLAG1?

What is the value of FLAG2?

What is the value of FLAG3?

Swiper
From
TryHackMe
To
You
 
Points
300
Category
Mobile
Difficulty
Hard
My Dearest Hacker,

Swiper is the app that really said "who needs a match when you can just bombard someone's profile with poetry?" Forget flowers and dinner, nothing says romance like a stranger reading "I must be a snowflake, because I've fallen for you" from someone they've never met. It's not stalking, it's literature. Find a person you like based on a 5-word description and share your favourite love quotes, no dating or chatting required.

Download the APK attached to this challenge and analyse it to answer the questions below.

MobileAPI Hacking
With love,
Chief Inspector Valentine 💕
Answer the questions below

Get a premium membership. What's your premium subscription ID?

Figure out who is the user whose email is [email protected]. What is their password?

Login as the user you found on the previous question. What's the flag in their private quotes?

Thanks to everyone for participating. We hope you enjoyed the event and found love! We will leave the CTF room open for the week so you can finish the challenges, but points and the scoreboard will be disabled.

Here are the top 10 winning teams. Please ensure your emails are up to date so we can contact you for your prizes:

1st - KimJongs Men

2nd - The babychus

3rd - Love at First Breach

4th - water boy

5th - hackermens

6th - AllByMyself1

7th - valgrind

8th - Nevada

9th - Cosmic Sorcerers

10th - SploitMeBaby

Until next time, my dear hackers!

Answer the questions below

GG, well played!

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information see our cookie policy.