Challenges, Ethical Dilemmas, and Lessons from TryHackMe
2024-1-19 11:32:9 Author: infosecwriteups.com(查看原文) 阅读量:6 收藏

I Got Banned From TryHack Me :’

Handhika Yanuar Pratama

InfoSec Write-ups

Photo by 愚木混株 cdd20 on Unsplash

This year, I can’t remember the exact date, but about a year ago, I got banned from TryHackMe. I recall achieving a streak of around 30 days with a rank below 90,000 users (top 5%). I forgot the exact number. But there it was; I got banned, haha.

Initially, I wasn’t well-versed in cybersecurity, though I’m still learning. From TryHackMe, I realized that honesty is crucial in learning.

Did I cheat?

I realized I was learning a lot about the hacking world in that short time. I even reported a vulnerability to TryHackMe based on my learning experience.

Unfortunately, my report is what got me banned. Alright, let me tell you the whole story.

The Beginning

As I mentioned, I decided to dive into cybersecurity more seriously at the beginning of 2023 — yes, a New Year’s resolution! Many friends recommended TryHackMe, and indeed, it’s an excellent site. But, alas, it’s a paid one :)

Until then, I always thought that if I could get something for free instead of going through the trouble of buying it, why not? The idea crossed my mind to search for TryHackMe materials on Google; sure enough, plenty of premium materials were circulating.

Okay, one problem solved, but another one emerged. What makes TryHackMe premium isn’t just the materials; it’s the ability to access the provided labs.

For beginners, those labs are beneficial. Especially for sceptics who think cybersecurity is all about hacking. It’s more than that, from small things like injecting scripts into the withdrawal column to display our names (XSS) to taking over someone else’s account. I won’t discuss data because some people don’t care about personal information.

But generally, the accounts taken over are strategic, allowing someone to withdraw money. I hate to say it, but nowadays, it feels like everyone is chasing after that.

Now, onto the problem

Transitioning from free to paid took a lot of bad feeling. From there, I looked for other alternatives to access the labs. I found a Telegram channel claiming to sell TryHackMe accounts, so I tried reaching out.

That’s where a transaction happened, leading to buying and eventually owning a TryHackMe account for one month.

Initially, everything was fine. I learned a lot of new materials, showing that I needed to understand cybersecurity. Then, I didn’t renew the subscription because my schedule got busy.

But I had some free time in March and was tempted to buy a one-year subscription. And it happened — I bought the pirated subscription for 900,000 rupiah (about £45.00) instead of the regular £81.00

How could such an offer not be tempting?

I was dedicated to learning and trying to earn points. Until I found something peculiar on the TryHackMe site that was a vulnerability, out of respect, I won’t mention the vulnerability.

I reported it directly through my original email.

A few days later, they said my vulnerability was not valid. I accepted it gracefully. But suddenly, my account was banned, as shown on the page above.

Curious, I asked TryHackMe, and indeed, my account was banned.

Despite the disappointment, I realized I might not have done the right thing.

In a Nutshell

Learning should always take the right path for knowledge to be a blessing. Honestly, I don’t know if the person I bought from was selling fake accounts. I did use it for a month, though. Regardless, there’s no need to blame. Thank you, TryHackMe, for the advantageous knowledge.

Keep moving forward.
Happy Learning


文章来源: https://infosecwriteups.com/challenges-ethical-dilemmas-and-lessons-from-tryhackme-0450eb627986?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh