Tutorial Room

beginner15 minWriteup

Getting started with TryHackMe platform basics

Learning Objectives

  • Navigate TryHackMe interface
  • Connect to the VPN
  • Deploy your first machine
  • Submit your first flag

Welcome to TryHackMe! This tutorial room teaches you the platform basics - how to connect, deploy machines, and submit flags. Think of it as your orientation day before diving into the exciting world of ethical hacking. No prior experience needed!

TryHackMe provides vulnerable machines you can legally hack to learn security concepts. You'll connect through a VPN, deploy virtual machines, find vulnerabilities, and submit "flags" (proof of successful exploitation) to earn points.

Legal Hacking

TryHackMe machines are intentionally vulnerable and exist specifically for you to practice on. This is completely legal and encouraged - just never apply these techniques to systems you don't have permission to test!

Connecting to TryHackMe

1TryHackMe Connection Methods:
2 
3OPTION 1: OpenVPN (Recommended for learning)
4─────────────────────────────────────────────────────────────────────
51. Download your VPN config file from Access page
62. Connect using OpenVPN:
7   sudo openvpn your-username.ovpn
8 
93. Verify connection:
10   - New IP address on tun0 interface
11   - Can ping TryHackMe machines
12 
13Pros: Full network access, feels like real pentesting
14Cons: Slight setup, uses your machine resources
15 
16 
17OPTION 2: AttackBox (Browser-based)
18─────────────────────────────────────────────────────────────────────
191. Click 606070;">#a5d6ff;">"Start AttackBox" in any room
202. Wait for browser-based Kali machine to load
213. Use pre-configured tools directly
22 
23Pros: No setup, works anywhere
24Cons: Limited free time, can be slow
25 
26 
27Your Network Setup with VPN:
28─────────────────────────────────────────────────────────────────────
29Your PC  ─────────  VPN Tunnel  ─────────  TryHackMe Network
30   │                                              │
31   └──── tun0: 10.x.x.x ────────────────────── Target Machines
32                                                10.10.x.x
bash
1606070;"># Setting Up OpenVPN on Linux/Kali
2 
3606070;"># Install OpenVPN (if not present)
4sudo apt update
5sudo apt install openvpn
6 
7606070;"># Download config from TryHackMe Access page
8606070;"># Save as: yourname.ovpn
9 
10606070;"># Connect to TryHackMe VPN
11sudo openvpn yourname.ovpn
12 
13606070;"># In another terminal, verify connection
14ip a show tun0
15606070;"># Should show: inet 10.x.x.x
16 
17606070;"># Test connectivity
18ping 10.10.10.10  606070;"># Test ping to a machine IP
19 
20606070;"># Common Issues:
21606070;"># - "TUN/TAP device tun0 opened" but no IP = wait a few seconds
22606070;"># - Connection timeout = check firewall, try different server
23606070;"># - "Auth failed" = re-download config file

Deploying Machines

1Deploying Your First Machine:
2 
31. Start a Room
4─────────────────────────────────────────────────────────────────────
5   Click 606070;">#a5d6ff;">"Join Room" on any room page
6   └── Room is added to your active rooms
7 
82. Deploy the Machine
9─────────────────────────────────────────────────────────────────────
10   Click 606070;">#a5d6ff;">"Deploy" button (usually Task 1)
11   └── Wait 1-2 minutes for machine to start
12   └── IP address appears (e.g., 10.10.45.123)
13 
143. Connect and Hack
15─────────────────────────────────────────────────────────────────────
16   Use the IP to connect:
17   └── Web browser: http:606070;">//10.10.45.123
18   └── SSH: ssh user@10.10.45.123
19   └── Nmap: nmap 10.10.45.123
20 
214. Find Flags
22─────────────────────────────────────────────────────────────────────
23   Flags are usually in format:
24   └── THM{some_text_here}
25   └── flag{something}
26   └── User.txt / Root.txt contents
27 
285. Submit Flags
29─────────────────────────────────────────────────────────────────────
30   Enter flag in answer box → Click Submit
31   └── Correct = Points earned!
32   └── Wrong = Try again
33 
34Machine Time Limits:
35─────────────────────────────────────────────────────────────────────
36├── Free users: 1 hour per machine
37├── Subscribers: 2+ hours, multiple machines
38└── Time extensions available

Machine Not Responding?

If a machine doesn't respond, try: 1) Wait 2-3 minutes after deploy, 2) Terminate and redeploy, 3) Check your VPN connection, 4) Try a different browser for web services.

Your First Commands

bash
1606070;"># Essential Commands for TryHackMe
2 
3606070;"># Check your own IP (attack machine)
4ip a
5606070;"># Look for tun0 interface - that's your THM IP
6 
7606070;"># Test connection to target
8ping 10.10.x.x -c 4
9606070;"># Should see responses
10 
11606070;"># Basic port scan
12nmap 10.10.x.x
13606070;"># Shows open ports
14 
15606070;"># Full scan with version detection
16nmap -sV -sC 10.10.x.x
17 
18606070;"># Check web server
19curl http:606070;">//10.10.x.x
20606070;"># or open in browser
21 
22606070;"># Directory enumeration
23gobuster dir -u http:606070;">//10.10.x.x -w /usr/share/wordlists/dirb/common.txt
24 
25606070;"># Check for robots.txt (often has hints)
26curl http:606070;">//10.10.x.x/robots.txt
27 
28606070;"># Connect via SSH (if you find credentials)
29ssh username@10.10.x.x
30 
31606070;"># Read flag files
32cat user.txt
33cat root.txt
34cat flag.txt

Walkthrough: Tutorial Room

Tutorial Room Steps

1
Connect to VPNDownload your OpenVPN configuration from the Access page. Connect using sudo openvpn yourname.ovpn
2
Deploy MachineClick the Deploy button and wait for the IP address to appear. Note it down.
3
Answer QuestionsRead through the tasks. Most answers are in the text itself or require simple commands.
4
Find the FlagThe flag is usually displayed on the page or requires a simple action to reveal.
5
Submit FlagEnter the flag in the answer box. Format is usually THM{...}
1Tutorial Room Answers (Spoiler Alert!):
2 
3Task 1: Introduction
4─────────────────────────────────────────────────────────────────────
5Q: What is the first thing you should do?
6A: Read the brief (or similar - check the room)
7 
8Task 2: Connecting
9─────────────────────────────────────────────────────────────────────
10Q: How do you connect?
11A: Using OpenVPN
12 
13Task 3-4: Deploy & First Flag
14─────────────────────────────────────────────────────────────────────
15Deploy the machine, browse to the IP, find the flag
16Flag format: THM{xxxxx}
17 
18Note: Actual answers may vary - this room is introductory
19and designed for you to succeed!

Tips for Success

1TryHackMe Success Tips:
2 
3ENUMERATION IS KEY
4─────────────────────────────────────────────────────────────────────
5├── Always start with thorough scanning
6├── Check ALL ports, not just common ones
7├── Read web page source code
8├── Check robots.txt and sitemap.xml
9└── Look at HTTP headers
10 
11TAKE NOTES
12─────────────────────────────────────────────────────────────────────
13├── Write down found credentials
14├── Track open ports and services
15├── Document failed attempts (so you don't repeat)
16├── Use tools like CherryTree, Obsidian, or plain text
17└── Screenshot important findings
18 
19DON'T GIVE UP TOO FAST
20─────────────────────────────────────────────────────────────────────
21├── Most rooms have hints available
22├── Read writeups AFTER you try
23├── Ask in Discord (without spoiling)
24├── Try harder before looking up answers
25└── Learning happens in the struggle!
26 
27COMMON BEGINNER MISTAKES
28─────────────────────────────────────────────────────────────────────
29├── Not waiting for machine to fully deploy
30├── Forgetting to check your VPN connection
31├── Missing obvious clues in web pages
32├── Not trying default credentials
33├── Overcomplicating simple challenges
34└── Skipping enumeration steps
35 
36BUILD GOOD HABITS
37─────────────────────────────────────────────────────────────────────
38├── Create a methodology and follow it
39├── Learn to use man pages and --help
40├── Practice tools before doing rooms
41├── Join the Discord community
42└── Do rooms in order of difficulty

Knowledge Check

Quick Quiz
Question 1 of 3

What is the recommended way to connect to TryHackMe machines for learning?

Challenges

Complete the Tutorial

Challenge
🌱 beginner

Complete the TryHackMe Tutorial room successfully. Connect via VPN, deploy the machine, and submit all flags.

Need a hint? (4 available)

Key Takeaways

  • Connect to TryHackMe using OpenVPN for full network access
  • Deploy machines from room pages - they get unique IP addresses
  • Flags prove successful completion - submit them for points
  • Take notes and develop a consistent methodology
  • Enumeration is the most important skill to develop
  • Use hints and writeups to learn, not just solve