#voice-chat

about smb or what

no wait

what happend?

okay so i used the dirbuster tool

and i found the website 10.10.35.203/upload/

but i don't know how to upload the payload on the website

you see what i mean ?

there are two upload one on that dir and other on port 5000

alright

did you check?

yeah

i found something else

if you find a exploit of that service wont work

no i found the login page

on port 8080

yes i know they have funny writing

😂

men its a docker container

did you get to log in

found it

its depressing

how about the port 3306 ?

i know its a DB but look this

this is the reason why i dont play koth

🤣

i did go there you have to upload a image with reverse shell since is php the webpage

yeah

you were using msfvenom right ?

you have two way one with msfvenom and one with exif

never used exif before

exif is for extracting info of pictures but also you can put some stuff on pictures

for me is great doing both but with msfvenom did you change the file name to get there

damn

my wifi crashed

i'll finish later

for real that is bad

my exiftool method doesnt work here

i am gonna leave, need to eat.

@solid anvil my reverse shell not working

same

i think we need to attack smb

since 5000 port is not vuln

What

@solid anvil 🤣

😂

another one?

@solid anvil Are you gonna do another one?

later

okay let me know

brb

2

ssl on

@fervent maple ayyy startcraft 2

yep

@plucky vault try wpscan

idk :/

@plucky vault yes

@plucky vault use wpscan

oof

smh

how do i use that thiing

https://blog.wpscan.org/wpscan/2019/09/17/wpscan-brute-force.html

try to find the usernames and bruteforce them

billy

use wpscan to find the users

how do i do that smh

wpscan -h

good point

did you just see this?

use --

i forgot i can't copy from vm

to the thing

F

--enumerate u

don't copy it, type it

how what why

and its giving me same output

only blog.thm

not the php

YES

now brute force them

with wpscan

huh

this is so

idk

sudo gunzip rockyou

lets go

im using rockyou

👍

this will take eternity

how long will this take o.o

few hours

haha no

couple minutes

o.O

i saw we cirlce it around 1 hou

add -t 100 at the command

nice it crashed

SMH

100 threads to?

the brute force

nah the machine crashed

i mean the vm

im on

no point in trying this

but don't worry

actually

idk

nwm

eh im gonna play a game or somethign

@plucky vault thank you for helping 😄

i can stream how im trying to find drivers for my usb tho

@plucky vault ok have fun

ty u 2 😄

yo

I'm new here

what u tryna do @plucky vault

dual boot ubuntu

u did the new partition?

yes

yesterday

give it a unique name and at least 150GB

and it's just as simple as windows installer

hhh

i know

but im still scared

kinda

i recommend sticking with virtual machines

but for more optimization dual boot would be good

i cant do virtual machines

i think its something with my laptop

what software did u use

vmware

virtual box

hyper-v manager

have u heard about wsl?

yes

try it see if it works

i cant get wsl 2 because i need build 2004

which is not compatible

for some reason

what kind of error do u get when you install virtual machines

hi

lemme show u

okay

did u install the right version

yes

that goes with the system build

no

nope

well thats weird

lmao

he didn't put the right settings

that's all

maybe yah

...

@plucky vault go to the settings of unbutu

turn off the 3d thing

then press ok

and try

that bitch is annoying

keep flashing

update to 2004

do the windows 10 version 2004 update @plucky vault

ye

p

it could take some time

depends on ur internet

yeah

you have an i3 right ? @plucky vault

yes

damn

you have to change that 🤣

i think he nees to dualboot cause virtual machines won't be compataible

that will takes a lot of space

gfdsrdgf

aaqaaaserfad;kf;klsdfg;poklsdklo;[g

i think they 'll ask you to restart your computer

so just restart it

if they ask you to

i think you should download kali linux or parrot

tell us when you're done

ok

"elevator music"

😂

its at 100%

and its stuck there

and i hate it

have to wait

nvm

its at 0% installing

dkl;s;jkafsde;kljdfaj;kladgf;kjladfej;kldafg;jksdg

the video is almost over

brugh

i want this update to be doen alreadyyyyyyyyyyyyyyyyyyyy

52% installing

alright

how long does this usually take

idk

needy

joined?

yeah

ok

What machine did you pick @warm atlas

?

production easy one

@plucky vault

how many times we did that 🤣

then we will move to space jam

is that ok?

what's that ?

is that hard ?

Is space jam the SQL one?

or lets do food machine

thats easy i think

That's too easy as well

everything is easy for you 😂 @plucky vault

smh

No, because they are the easiest machines!

ye ur right

let's do a hard one

or lets do

shrek

seems hard when john hammond do it

https://tenor.com/view/eyebrow-raise-shrek-serious-gif-14262407

OK let's do shrek then;

ok

fine

remember to ftp!!

^^

Who will send the link?

I can make a private game if you want.

i think me

idk

either me or rabbit

scissor paper rock

cuz we have subscription

paper

u will do it rabbit

next round

did you choose rock?

@solid anvil why u leave

miss click

Wait do I choose this round?

oh kk

OK I'll send it.

https://tryhackme.com/games/koth/join/b850ac66ce340f61c5b662d3

ok ready

set

wait

I have my commands ready

All my folders ready

bam

me too lol

which one are we doing right now ?

Shrek

ok ok

huh

its production

🤣

What the hell?

??????

glhf

We just agreed to Shrek.

fine let's do the production first

next we do shrek

@plucky vault

😢

I just sent the link you ungrateful *******

It's starting in 15 seconds.

Are you playing @warm atlas

ok

lets quit

and do shrek

ok?

ok

@warm atlas how you que 3 one ?

wait

@plucky vault why it have passwd

the ftp ? @warm atlas

no

shrek ssh

of course 😂

huh

try to find the private key

ahhh

cant find it

smh

gobuster

use it

i dont think the shrek user have password

You don't need the password if you have the id_rsa key guys.

huh

i do the ssh

and i have id_rsa

shrek@10.10.246.213's password:

@plucky vault

watch the stream

the hell is that

imma go

bai

maybe after i will play with you

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAsKHyvIOqmETYwUvLDAWg4ZXHb/oTgk7A4vkUY1AZC0S6fzNE
JmewL2ZJ6ioyCXhFmvlA7GC9iMJp13L5a6qeRiQEVwp6M5AYYsm/fTWXZuA2Qf4z
8o+cnnD+nswE9iLe5xPl9NvvyLANWNkn6cHkEOfQ1HYFMFP+85rmJ2o1upHkgcUI
ONDAnRigLz2IwJHeZAvllB5cszvmrLmgJWQg2DIvL/2s+J//rSEKyISmGVBxDdRm
T5ogSbSeJ9e+CfHtfOnUShWVaa2xIO49sKtu+s5LAgURtyX0MiB88NfXcUWC7uO0
Z1hd/W/rzlzKhvYlKPZON+J9ViJLNg36HqoLcwIDAQABAoIBABaM5n+Y07vS9lVf
RtIHGe4TAD5UkA8P3OJdaHPxcvEUWjcJJYc9r6mthnxF3NOGrmRFtDs5cpk2MOsX
u646PzC3QnKWXNmeaO6b0T28DNNOhr7QJHOwUA+OX4OIio2eEBUyXiZvueJGT73r
I4Rdg6+A2RF269yqrJ8PRJj9n1RtO4FPLsQ/5d6qxaHp543BMVFqYEWvrsdNU2Jl
VUAB652BcXpBuJALUV0iBsDxbqIKFl5wIsrTNWh+hkUTwo9HroQEVd4svCN+Jr5B
Npr81WG2jbKqOx2kJVFW/yCivmr/f/XokyOLBi4N/5Wqq+JuHD0zSPTtY5K04SUd
63TWQ5kCgYEA32IwfmDwGZBhqs3+QAH7y46ByIOa632DnZnFu2IqKySpTDk6chmh
ONSfc4coKwRq5T0zofHIKLYwO8vVpJq4iQ31r+oe7fAHh08w/mBC3ciCSi6EQdm5
RMxW0i4usAuneJ04rVmWWHepADB0BqYiByWtWFYAY9Kpks/ks9yWHn8CgYEAymxD
q3xvaWFycawJ+I/P5gW8+Wr1L3VrGbBRj1uPhNF0yQcA03ZjyyViDKeT/uBfCCxX
LPoLmoLYGmisl/MGq3T0g0TtrgvkFU6qZ3sjYJ+O/yrT06HYapJLv6Ns/+98uNvi
3VEQodZNII8P6WLk3RPp1NzDVcFDLmD9C40UAQ0CgYBokPgOUKZT8Sgm4mJ/5+3M
LZtHF4PvdEOmBJNw0dTXeUPesHNRcfnsNmulksEU0e6P/IQs7Jc7p30QoKwTb3Gu
hmBZxohP7So5BrLygHEMjI2g2AGFKbv2HokNvhyQwAPXDBG549Pi+bCcrBHEAwSu
v85TKX7pO3WxiauPHlUPVQKBgFmIF0ozKKgIpPDoMiTRnxfTc+kxyK6sFanwFbL9
wXXymuALi+78D1mb+Ek2mbwDC6V2zzwigJ1fwCu2Hpi6sjmF6lxhUWtI8SIHgFFy
4ovrJvlvvO9/R1SjzoM9yolNKPIut6JCJ8QdIFIFVPlad3XdR/CRkIhOieNqnKHO
TYnFAoGAbRrJYVZaJhVzgg7H22UM+sAuL6TR6hDLqD2wA1vnQvGk8qh95Mg9+M/X
6Zmia1R6Wfm2gIGirxK6s+XOpfqKncFmdjEqO+PHr4vaKSONKB0GzLI7ZlOPPU5V
Q2FZnCyRqaHlYUKWwZBt2UYbC46sfCWapormgwo3xA8Ix/jrBBI=
-----END RSA PRIVATE KEY-----

ye thats wat i found

same for me

but it's not working

This is what I got from the .ssh directory

Let's reset?

idk

here use this command to do privellage escallation gdb -nx -ex 'python import os; os.execl("/bin/sh", "sh", "-p")' -ex quit

i think i'm gonna sleep

@plucky vault

me too lol

i'm out 😪

see ya

I'm already root

But is GDB setuid?

ye

Oh wow it is.

i will tell u when i am free later

about 30 mins or more

bai

cya!

Probably a better way than doing a reverse shell through that check.sh file in shrek's home directory.

Yeah, see ya later.=

ready

set

@slender kayak https://tryhackme.com/games/koth/join/b7f81ad6d14808cc249af804

sapce jam?

same one?

gtg enjoy the game! i need to go

@plucky vault you guys playing?

dsflksdlfksdkjlgkljsdglkjsdg

YESSSSSSSSSSSSSSSSSS

@solid anvil

dual boot

https://github.com/EmpireProject/Empire

this is my pc

And your monitor? c:

putty for windows

;w;

The highly difficult ones yeah

hh

i wanna dual boot

but im scared

You'll download them when needed

sudo apt-get install gobuster

bvnvbnfghnbvhnfgjm

If you are using latest version of kali you don't need to use -get

:(

i'm starting to give up aaaaaaaaaaaaaaaaaaaaaaaaa

im getting very demotivated

WAIT WGHAT

WHAT

7 minutes and I’m there

https://tryhackme.com/games/koth/join/73aa682ba724f92d2dc6566c

@plucky vault people were talking over but let's avoid the homophobia and streaming videos like that

PG-13 as well

https://www.base64decode.org/

Sup boomers

yo

Is that a french accent I hear?

There is some german somewhere, too

hey hors

Oy

I was just passing by ahah, see ya guys
Have fun :)

https://www.youtube.com/watch?v=dv13gl0a-FA

@cloud fox https://help.tryhackme.com/community/discord

@cloud fox I think 0day may have already warned you, but here's the last one: enough with the excessive swearing, no racism. and I have a sneaky suspicion there may have been a little homophobia earlier.
Last warning

cool @plucky vault

https://www.base64decode.org/
@антивирус#2283 excuse me

In this house we use Ciphey

oh wait they were banned

rip sozzy

Nope cyber chef only

.

you guys playing KoTH?

@slender kayak i am always up for a koth match

and i don't talk 😄

sure

should i make a private game? @slender kayak which machine you wanna play?

i know every box. almost every way in.. asking you

can attest my pc is also a potato

lets go random

https://tryhackme.com/games/koth/join/6940696044fd669755f94cfd

You know every way in? 👀

You know every way in? 👀
@plucky vault Almost

teach me senpai uwu

i started THM 3months ago.. i used kali 4 years ago for a year or two.

also i am a Computer Science student. Last year in uni

I'm in software engineering lol 2nd year now

but I didn't use kali for anything :/

i just used it as a hobby

I just started using when I joined THM 3 weeks ago lol

for trojans and phishing stuff mostly at that time. learnt to use metasploit and few other tools at that time

hackers can be rooted in 1 minute

That's rather interesting, if I didn't have so much coding stuff to do meh

but with brute force ^

I didn't saw

btw showing real name is not that much of a security breach

yo guys does any one know how to install league of legends in parrot (sorry for th3 question out of context )

i use rockyou with -t 64

Holmes spying in

LoL

increase the threads

to -t 64 @slender kayak

wait you are doing it wrong

plague is not an ftp user @slender kayak

That's what I was thinking lol

you logged into ftp using the credentials you found?

what are you doing rn?

before that try looking for sudo -l ?

@slender kayak ^^^

oh you are rcampbell i thought you logged in through gcrawford

@slender kayak dont brute force ftp but ssh now

yeah you will get your key from there

meanwhile look for privesc from other shell you got

if you want there is a writeup for Hackers

search for Hackers in hacktivites

yeah python

password is different everytime @slender kayak

new password every time

so old ones wont work

yeah you can use that to privesc

@slender kayak

@slender kayak read that page again.. at the end of the page just use last line of it

python3

now the most difficult part starts in KoTH

fighting for king

@slender kayak

i wondered how many message did u send @lofty moat

aloot

i dont talk

😄

yeah

renamed actually

so i can use it and other can't

well you rooted it soo GG

i m there

refresh

are you patching?

in carnage?

@slender kayak

yep, but you weren't

i just patched all of the privescs

if you can privesc let me know

i'm trying to dump web.db

i think that duku is a bit useless

i patched all of the methods to get root

for every user

oh

well i'm out hahah

is the bobba password actually the flag?

.

i'll be right back

@plucky vault

all good.

potato pc

i'm coming later

@plucky vault join me pls

@plucky vault

I thought we were closer than that.

https://prnt.sc/tnkv90

try harderererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererer

try harderererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererererer
@tame ether nope

That’s an odd number

do it

try hardererererererererererererererererererererererererererererererererererererererererererererererererererererererer

crackheads.

@midnight fern Can Elf get mod?

Elf for admin 2020

Elf for server owner. He will do a shredding good job!

Elf has my vote for sure

"Will Hack 4 Crack" -Unknown

https://doogsmodelsdotcom.files.wordpress.com/2015/09/attaboy1.jpg?w=1000

get your ass in the god damn ...

https://img.ifunny.co/images/05816a43996bf3fe382c72b50aa45eb8b5593d119e195364f4856eec9be46642_1.jpg

lucky guy

0Day's Florida Man birthday ^^

5 Kudos to Cophe

pin dat

sweet sweet kudos

@midnight fern I got some Zero Cool stickers with your name on them.

"Florida Man Arrested For Allegedly Assaulting Girlfriend While Dressed As Dinosaur"

that looks cool @rustic mica

http://www.myfloridamanstory.com/april/2

is there a link to buy them?

https://mynbc15.com/news/local/florida-man-breaks-into-restaurant-strips-naked-eats-noodles-plays-bongos

https://prnt.sc/tnkzt2

@tame ether I am building the store still but I am happy to post them out to THM boiis before the store goes up.

Ultimate picture that embodies Florida man ^

https://prnt.sc/tnl048

DM me if you want some and we can figure it out there @tame ether

:)

https://media.discordapp.net/attachments/261388784799711235/731579755194744902/Screenshot_2020-05-24-00-45-18-1.png?width=565&height=598

@marble cape

https://tenor.com/view/we-dont-do-that-here-black-panther-tchalla-bruce-gif-16558003

https://giphy.com/gifs/someone-idea-lurker-10h8CdMQUWoZ8Y

cat-amine

https://a.wattpad.com/cover/79474813-256-k866983.jpg

@marble cape SLIME-CHAN

NYA~

https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/fab7efed-8f7a-4942-94ee-302e613d37d1/d5fzcok-22f3807a-79a2-4bdc-b184-82da60ef2c63.png/v1/fill/w_282,h_350,strp/minecraft_mob__medium_slime__tired__by_patrickwright15_d5fzcok-350t.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOiIsImlzcyI6InVybjphcHA6Iiwib2JqIjpbW3siaGVpZ2h0IjoiPD05MzAiLCJwYXRoIjoiXC9mXC9mYWI3ZWZlZC04ZjdhLTQ5NDItOTRlZS0zMDJlNjEzZDM3ZDFcL2Q1Znpjb2stMjJmMzgwN2EtNzlhMi00YmRjLWIxODQtODJkYTYwZWYyYzYzLnBuZyIsIndpZHRoIjoiPD03NTAifV1dLCJhdWQiOlsidXJuOnNlcnZpY2U6aW1hZ2Uub3BlcmF0aW9ucyJdfQ.Q13SKHJY8BpGLG7WT1sL68_ivS63Cjh4rVirsHd45yM

Go to #streaming

R8 my awful drawing

@marble cape This is THM-chan

,@,_,--------_,,,,,,_---------------
|©©©%%%%%%,;;;;;;;;;;;;;!!!!!!!!!!!|
/©%#####/;;;;;;;;;;;;;;;;},!!!!!!!!|
|#####c/;;;'  "`'''''``'';;\!!!!!!!|
|###<?(;;;    """"        \},!!!!!!|
|###C/;;;    """""""      ";\!!!!!!|
|####|;;;    ___ """"      ;;!!!!!!|
|####|;;;,  `___'-   -;;'= ;/!!!!!!|
|####\;;;   <****>``;<**>  ;)!!!!!!|
|##_,,\;     """"/   \``   |!!!!!!!|
|#//   \  ,""",`/,   )\,   |%!!!!!!|
|`)`'-''\ """/,_______,)   /#%,!!!!|
| |######\""""`\;;;::;`/  /##%%%,!!|
| \#######},""" ``''` /"'/######%*`;
| |%%%####) \"""",_,""",{######    #
| `-_%-¿`{   `-,___ _-` |¿¿`-/_    #
|,`¿¿¿¿¿¿¿\        `    /¿¿¿¿¿¿¿'-,#
|¿¿¿¿¿¿¿¿¿`\         ,-'¿¿¿¿¿¿¿¿¿¿¿|
''''''''''''''''''''''''''''''''''''

@marble cape :)

Goodnight VC Gang

@fathom coyote I love it!

Night 0D

/

see ya guys i'm going to a friend's place @plucky vault see you guys at night

Attackers exploit buffer overflow issues by overwriting the memory of an application. This changes the execution path of the program, triggering a response that damages files or exposes private information. For example, an attacker may introduce extra code, sending new instructions to the application to gain access to IT systems.

@plucky vault

@plucky vault my mic is broken lmao hf

its fine

lol

you can join if you want

Nah I was just taking a look 😛

hi

i don't

why do people always mute and or deafen them selfs when they join?

because they dont want to speak or hear something

i must to go

bye

idk

do you guys see stream?

Hey @lofty moat

Yo

@raven verge which room is that?

set

new room

Windows room

Came out last night

yea hard af xD

Ooo

icmp is blocked already with not many ports open lol

Windows, ah, m out xD

I hate windows more than I hate pineapple pizzas

Set is an incredible piece of work

No hatred on box..

I just hate windows boxes..

.. Cuz I can't solve them.

its really hard :((

I'm not giving any hints until 4ndr34z or theart42 allow it 🤷‍♂️

is llmnr on right track at least? xD

https://docs.microsoft.com/en-us/windows/win32/http/http-api-start-page

I hate windows more than I hate pineapple pizzas
@Mr.Holmes#0980 you take that back right now

I hate windows more than I hate pineapple pizzas
@fast wind pineapple on pizzas >

@fast wind you take that back right now
@muted sand 😂😂😂

what room are u doing @raven verge ?

/set

https://tryhackme.com/room/set

PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
| ssl-cert: Subject: commonName=set.windcorp.thm
| Subject Alternative Name: DNS:set.windcorp.thm, DNS:seth.windcorp.thm
| Not valid before: 2020-06-07T15:00:22
|_Not valid after: 2036-10-07T15:10:21
|ssl-date: 2020-07-25T17:56:58+00:00; 0s from scanner time.
| tls-alpn:
| http/1.1
445/tcp open microsoft-ds?
5985/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
49666/tcp open msrpc Microsoft Windows RPC
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized
Running (JUST GUESSING): AVtech embedded (87%)
Aggressive OS guesses: AVtech Room Alert 26W environmental monitor (87%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 2 hops
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
| smb2-security-mode:
| 2.02:
|_ Message signing enabled but not required
| smb2-time:
| date: 2020-07-25T17:56:18
|_ start_date: N/A

TRACEROUTE (using port 443/tcp)
HOP RTT ADDRESS
1 107.46 ms 10.8.0.1
2 108.12 ms 10.10.96.194

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2

ayoo

lul

wtf

@wispy path you alright mate?

i think you want to get banned

lol

Rule 16 does not exist.

not accepted yet

tl;dr - no spamming

https://tryhackme.com/room/set

135/tcp open msrpc Microsoft Windows RPC
443/tcp open ssl/http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
445/tcp open microsoft-ds?
5985/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
49666/tcp open msrpc Microsoft Windows RPC

why is everyone live?

kano

Would you prefer they were dead? 🤔

👀

why is everyone live?
@lofty moat ¬¬

??

we are playing the SET box

https://medium.com/@chawdamrunal/xss-in-bootstrap-data-target-attribute-5f0c534a87a3

https://tryhackme.com/room/set

Why is dirb searching for people names??

https://bootstrapmade.com/flexor-free-multipurpose-bootstrap-template/?download_theme=flexor.zip

voice gang is here 👀

we moved for few minutes

Imagine not using tmux in 2020

excuse me?

stream

i am not using tmux

thats sad

really

oh i forgot.

tmux for 18+

my bad

lmao

adult tools 🤣

you missed something naughty lmao

👀

wat

I'm already an adult

i just don't like tmux

I'm already an adult :sunglas:
@tame ether waiiiit what

nooo

you lying

naaah

i dont believe ya

https://tenor.com/view/lies-over-it-liar-your-best-li-ever-yet-gif-11931068

lmao

what's going on here?

!rule3 please 🙂

!rule 3

Rule 3: No excessive self promotion. Linking to another discord server is strictly prohibited, just don't turn it into advertising.

That's the one

apologies, lesson learned.

u guys are awesome. i wish i could learn all this. such a great community

@austere viper No problem 😄

idk why I got muted in the server

Lemme check if there was a reason 🙂

https://tenor.com/view/pedro-monkey-puppet-meme-awkward-gif-15268759

https://attack.mitre.org/tactics/TA0004/

https://en.wikipedia.org/wiki/Endpoint_Detection_and_Response

https://templeos.org

https://ironhackers.es/noticias/vendiendo-humo-rustscan-vs-nmap/

RustScan

https://github.com/brandonskerritt/RustScan

shooting bazooka with -A

is that some type of buffer overflow

?

https://github.com/fireeye/commando-vm

https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/

another skidy

👀

https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/post/multi/manage/autoroute.md

thanks guys! 4am, I'm out. See you tomorrow.

Szy, any difference in command netcat and nc??

Noted!

no

i'm able to see it

@slender kayak it isn't your issue

i can watch the stream

@plucky vault leave and rejoin

brb

Thank you.

@slender kayak share game invite? or you are doing hackers room?

from which user?

linEnum / linpeas would be enough

run tmux or add the output of linpeas in a file

oh in tmux you can with Ctrl+B + [

Ctrl+b is your prefix

@slender kayak

what is your prefix?

prefix for tmux

like what you use to make a new window

aah ok

oh in tmux you can with Ctrl+B + [
this enables copy mode

then you can scroll

and press Q to exit

prefix + : type set mouse on

if anyone wants to play KoTH just ping me..

@slender kayak show me the linpeas output

ok @slender kayak

you saw that capabilities

look for capabilities

sure

https://tryhackme.com/games/koth/join/b32976043afd1d4ac7c7ee92

starting in 6 minutes

public random

sure

do whatever you want

i can join

@summer cloud if you ever plan to play KoTH ping me i want to see you in action

also got some a few things/questions for that "backdoor"..

@slender kayak you making a private lobby? or you guys just gonna play on your own?

we are in a private call on discord rn

@summer cloud if you ever plan to play KoTH ping me i want to see you in action
@lofty moat Will do my dude

we are going to make a koth later because we are doing a room now

ohk

hi

just don't want to turn mic on now

https://github.com/vanhauser-thc/thc-hydra @sweet vapor

@sweet vapor find /home -ls

Can someone please tell me what a KOTH is? Please!!!

King of the Hill (KoTH) is a competitive hacking game, where you play against 10 other hackers to compromise a machine and then patch its vulnerabilities to stop other players from also gaining 
access. The longer you maintain your access, the more points you get.```

Ah got it now.

Ok ok.

Thank you

Can you do it in group or alone?

there have to be at least two users in a lobby for the game to start

That’s great.

I liked it.

Another question, is anyone doing live for KoTH anytime soon?

So I could follow how that process works

yo

gtfobins

what's happening in VC? 👀

nothing 👓

👀

you better not be doing crack again

https://www.youtube.com/channel/UC3KEoMzNz8eYnwBC34RaKCQ

active directory

https://adsecurity.org/

@fossil estuary you teaching something? 👀

we talking

vc

aah but i don't talk

@lofty moat always 😄

i think ive heard you talk twice @lofty moat lol

@lofty moat I heard your a pro at KOTH xD

saying "Hello" isn't really talking xD

@lofty moat I heard your a pro at KOTH xD
@raven verge you heard it wrong. someone must have lied to you

https://joplinapp.org/
https://notion.so/

https://411hall.github.io/assets/files/CTF_template.ctb

which room you guys talking about?

https://www.corsair.com/us/en/Categories/Products/Gaming-Headsets/Wireless-Headsets/void-pro-wireless-config-na/p/CA-9011152-NA

hi

hi

hi

hellllllooooooo

hey matt

hi

welcome Naughty!

hi

👋🏼

Bye

.

@worthy bronze which room you guys talking about?

@worthy bronze which room you guys talking about?
@lofty moat set man

@royal gust Have you tried the VPN script at all? 🙂

!vpnscript

this is how i *nix and pc at same time... mostly

dpkg -i

to install a .deb file

or apt install ./package.deb 👀

or apt install ./package.deb 👀
@real orbit is there a difference? interested since i suggest to use dpkg for my packages 🙂

nop, Just throwing out alternatives 👀

@remote arrow what country?

It was a lot of fun guys. ty for the assistance earlier.

Are we allow to stream KOTH in General?

@plucky vault ye

@real orbit Thank you for the quick reply XD

Oi @rustic mica wyd?

Making wallpapers for THM :)

noicee (jake mimic)

GIMP/ADOBE classes by @rustic mica 101

Adobe all the way <3

I need pars' one.

xD

https://cdn.discordapp.com/emojis/623342963849691138.png?v=1

lmao

Totally not stolen

I made in GIMP

@rustic mica is an artist!

<3

They look awesome 💙

Man this is some high level photoshopping skills.

That pink block in b/w images was to maintain same distance, I just realised that! @lofty moat (atleast I think so)

lol

Hahaha, yeah it's a sneaky easy trick in web ui design.

thats really some high level stuff

yeah it was to maintain equal distance

Now it is just finding the correct filters to make it pop.

What do you think of the sand?

I'll take it over to photoshop to finish it off.

Dope, it is giving a feel of water 🤔

its awesome

Do whatever you think will be better

without cookie green one?

You sure you are sharing right window?

I was like, mouse is moving, he is saying stuff, but it doesn't make sense

LOL

Ah, that sneaky one on taskbar now makes sense that I can see it

@plucky vault You wanna pop in and see the thing? :)

https://giphy.com/gifs/brooklynninenine-brooklyn-nine-99-heist-KxiRwO7tqXCTDVKobo

Thanks for the Photoshopping class 😂

sure cya!

https://petri.com/how-to-get-ntfs-file-permissions-using-powershell

Hey @jovial escarp, I'm gonna have to ask you to stop DMing The Mayor about things related to other servers. Continuing to do so will lead to you being removed from the server again. He asked several times for you to stop, so please stop. Thanks.

I was talking about his server not this, this server has nothing to do, no need to ping me tho, already talked with Darkstar

I stopped anyway

I think this is what I should do as a former member of HIS server, let's not bring this here tho, you could DM me instead

The point is, he asked you to stop, so please stop.

hi

So I did

feel me in too

I'd block instead

Good, and I might also mention -- he doesn't owe you anything. That attitude is gearing towards entitled individuals and we don't welcome that here.

No problem, he clearly has his own rules and I should respect them because it's his own community

I'd recommend anyone who is against a server's rules leave it

@zealous leaf https://github.com/PowerShellMafia/PowerSploit.git

import-module .\filename.ps1

powershell import-module .\filename.ps1; Invoke-AllChecks

get-service

windows/powershell_reverse_tcp

https://github.com/cheetz/Easy-P.git

wot u guys doin

SET

https://github.com/nccgroup/Winpayloads creates payloads not detectable by win defender

@raven verge just wondering -- did you ask the room creator before streaming this? You're effectively creating a live walkthrough of a brand new room

@versed granite The room creator joined the stream few times and didn't say anything

Also I'm new here so if this is against the rules etc I will stop streaming

I can see it being a problem tho

i'm not a moderator or anything, so I was just asking. It might be best to ask the room creator first. I think there's a restriction on sharing that content so early

I'd consider it a group collaboration myself -- as long as it's not getting recorded.
If 4ndr34z and theart are happy with it then it should be Ok 🙂

The restriction on writeups is up to the room creator as well

I was not recording.. yes it was a group collaboration many people gave ideas on the way to solve parts of the challenge

I do see it being an issue if people just watch stream to copy flags/creds etc

How's it going anyway?

I found exploit for privesc 😄

Ey

@fervent maple should i stream in other server?

everybody went to bed

yes

i just woke up

just trying to fix my script

nice 😂

what are ya streaming elf?

Just finish that room tho

.

\

U guys doin hacktivitycon?

what is that?

bruh

https://tryhackme.com/games/koth/join/fbd933431fce212848a063db

gobuster dir --url -w /usr/share/wordlists/dirbirectory-list-2.3-medium.txt

vampire

ls -la

.flag

cat ./.flag

hey @zealous leaf

hey @worn shore

I'm watching stream

try sudo su

sudo su

then you will not want to write sudo everytime

hey @worn shore do you still have that bootable pendrive wtih you?

you can re install kali with it

with all the resources

so you don't have to everytime install the requirements everytime you do something

leave domain name for now

well can you help me with ssh ?? @zealous leaf

ok thanks

well the problem is that

I don't know how to ssh

😅

not even hydra😅

parenthesis

()

<>

https://phoenixnap.com/kb/how-to-install-kali-linux-on-virtualbox

ssh <username>@<IP> -p

well I don't know how to identify the elements

ohh ok

ssh user@ip

for the passwords??

ohk thanks

ohk

well I'll stream in a min

will you be there??

ok thanks

me??

oh ok

https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/

@marble cape just use rainbow tables like a true alpha

@rough flax im probably gonna install python on the box and do it in that lol

yes python on a production web server...

why isnt powershell working?

it runs too fast

executing tasks individually - too slow

put a sleep on it

multi processing - too fast, literally breaks

dont multi process ree

ive tried delays

it still go brrr

why?

still too fast

it needs to delay the spawning of the procees, but that clearly doesn't work

DelAY

I swear I'm actually going to kill you spooks

powershell isnt as robust as literally anything else

if you need to put python on it do it

no powershell is bae

its good for sys admin

but not for hacking :L

True

its helpful for working with AD

https://www.amazon.com/International-Conference-Applications-Intelligence-Intelligent/dp/3319670700/ref=sr_1_1?dchild=1&keywords=cybersecurity+book&qid=1596083817&sr=8-1

https://books.google.com/

Good mornings guys

hey @zealous leaf I'm not able to ssh into my home PC

I'm doing the

w8

ssh <username>@<IP>

ok

Hey!

No TTS here? 😄

hi

hi

xD

hi

hello @ancient olive

hello @tough lake

wanna play?

ok u already in

but take it easy cause im a beginner

@tough lake wat is ur name in THM

UM240

ok

@tough lake do u want to learn??

of course

yes please

ok

i got to the ftp

lets do one together

https://tryhackme.com/games/koth/join/586a81a9585688a15bfb8532

join @tough lake

i did

ok

so what machine are going to learn

can speak on the voice chat?

LOL

its windows machine

oohh bro

ok

can speak on the voice chat?
@tough lake i have guest

ok

ok i will learn u how to exploit that

got it

but in PrivEsc side u most to run winpeas on it

sudo nmap -sS -sV -sC -Pn <machine_ip>

try this on all of the boxes

it will show u open ports

ok

-sS -> doing syn scan

i did

-sV -> doing service scan

what syn

-sC -> will scan for default scripts

what syn
@tough lake its related to Network+ course

ok

but will tell u

good

when u are scanning for ports

u will send them a message (SYN)

aaaa

yes

i do remeber

now

its called check hands

if they recieved that they reply (SYN ACK)

else they will send another thing

and the -Pn

-Pn its just for filtering

ok

my country is filtering scan

so in my country we must use -Pn

ok

u dont really need to do that

but i must use that

No

yes

it is

-Pn is for machines that do not respond to icmp echo requests

i got the results from the nmap scan

now

?

Check your sources, before misleading others.

ok

but people in here say its because filtering

dont sure about it

Then they're wrong.

maybe

it is not what we are talking about

we can continue

ok

and --script will use the nmap script (NSE)

NSE mean nmap script engine