yep
#koth
sullen hound
ok
who closed port 9001
everyone Who closed the port 9001 port
if i am not wrong that was against the rules
weary kindle
Is this for prod?
weary kindle
As the maker of that room, closing 9001 is allowed
valid light
imma reset again
gusty cradle
@sullen hound Dan created Production
valid light
Dan let's reset :D
weary kindle
It literally says "backdoor", it's not a real world system critical service
sullen hound
without removing port the port
spark anchor
They require password to login right?
gusty cradle
@spark anchor Public key
sullen hound
try googling
spark anchor
@gusty cradle Anyone can login with that?
gusty cradle
No
valid light
@spark anchor Public key
valid light
you can authenticate with a private key provided the public key is in authorized_keys
weary kindle
@sullen hound if you were a sysadmin performing an internal audit, would you leave a service with the banner "Skidy's Secret Backdoor" ?
valid light
no it requires pass because someone removed it from authorized_keys
weary kindle
Then you wouldn't make it past your probation
gusty cradle
@spark anchor You can't login with the public key, the private key(id_rsa) is the one you're looking for
raven harness
there is a room for ssh i guess @spark anchor
sullen hound
@weary kindle even though we can change the password
raven harness
make sure perm is right
sullen hound
of Ashu
sullen hound
i m talking of the machine
gusty cradle
@spark anchor Is it encrypted? Did you set the permission to 600? Did you put your public key into authorized_keys?
spark anchor
I set the permission but
raven harness
??
gusty cradle
@spark anchor Google can guide you π
spark anchor
Hm. I need to know more about SSH & authorized keys
Like you said, putting public key in authorized keys
valid light
i honestly don't know how to work around the patches anymore
whoever locked me out can you put my public key back in there LOL lemme find the flags and i'll leave you alone
@viscid girder PLEASE
viscid girder
fun π
sullen hound
last vote remaining
spark anchor
Why resetting again & again?
sullen hound
machine not respondin
spark anchor
What does ashu@ubuntu at the end of .pub mean?
gusty cradle
It means that the key belongs to ashu on a machine which has the hostname of ubuntu.
sullen hound
me too
spark anchor
Can you @gusty cradle tell me that how can someone type in my terminal "logout" ?
sullen hound
one thing left was privilege escalation of it
anyone know how it is done of production machine
gusty cradle
@spark anchor Please stop pinging me and google your questions, I'm in the middle of coding something π
unkempt pagoda
Are you playing two koths at the same time @sullen hound ?
spark anchor
Ah srry
sullen hound
yes because thats new to me
icy cave
π€£
unkempt pagoda
i think i patched them all by now
Swapped the rce from root user to the bunny user
spark anchor
why lphout againa nd agqain
sullen hound
hey there is not a single RCE vulnerability in the machine
spark anchor
WHO SET THE PASSWORD?
sullen hound
not be overefficient
spark anchor
Yea @sullen hound
sullen hound
production
spark anchor
Yes
unkempt pagoda
nah i was talking about spacejam
spark anchor
Getting logout again and gaggin
sullen hound
i m not in spacejam
spark anchor
SSL_ERROR_NO_CYPHER_OVERLAP
unkempt pagoda
TLS handshake failing
sullen hound
yeah
theres something fishy going inside it
hey
but the virtual machines did not terminated
anyone online
it has shifted from https to http
whats happening does someone know
@terse willow can you help me with this
terse willow
Hm?
spark anchor
THM Hacked lol
spark anchor
@terse willow You came right when he called. Wow!
terse willow
Sounds like the site is being upgraded. I know Skidy was intending to implement Cloudflare sometime this week
If it's an error with the TLS, that might be it
sullen hound
@terse willow Are you sure its being upgraded
gusty cradle
@sullen hound Yes, the admin's are aware of the issue and are working on it
sullen hound
@gusty cradle I was able to access the website with tor network
if that was upgrade then i also should not reach it with even tor
gusty cradle
@sullen hound The website is back up
sullen hound
no it isn't
Dear @terse willow Remember Tor Browser never ignores such small things due to high privacy
website not coming up on my side
brazen cloud
If itβs transferring to cloudflare then DNS will play a part in it - due to how tor works would explain why it might work on there and not in your browser
gusty cradle
"dear"
terse willow
....
You have no idea what TOR does, do you?...
brazen cloud
Nothing to be done by any one then just waiting
weary kindle
high privacy
ah yes, the browser made by the CIA is known for it's high privacy, never mind the fact you can de-anon anyone if you control an exit node
gusty cradle
^
sullen hound
yes thats true
but even if you are in a network of somebody such as wifi without the control of tor exit nodes you may see his all traffic
Ok Tor also stopped
@weary kindle I dont think Tor Browser is made by CIA
weary kindle
Literally the first result.
sullen hound
working again
quiet schooner
@sullen hound if you control the WiFi network, you can't see the traffic through tor.
teal raptor
π€©
sullen hound
@quiet schooner if the victim is in the same network then why cant we see the traffic going through the tor
quiet schooner
Because it's encrypted?
Because HTTPS traffic is always encrypted, that's what the S means?
sullen hound
i know thats encrypted
quiet schooner
It's not suddenly decrypted if you're on the same WiFi network
sullen hound
i know that
but the router is the main thing from where the traffic is going to and coming from
grand ember
but it's still encrypted
quiet schooner
It's encrypted between your device and the webserver you're talking to.
It might be encrypted again between your device and the router.
sullen hound
Ok the purpose of my sayiing was that if the person gets hold of the router he will be able to see all of the traffic
in my sense
viscid girder
anyone got a game going>?
gusty cradle
@sullen hound How the traffic is still encrypted? Explain your "logic".
quiet schooner
If you're going to make a statement related to cybersec in a cybersec discord, you'd better make it correct otherwise someone will call you out.
sullen hound
sorry i have to go but i will continue back
sullen hound
@fair adder
you said to come to koth i am waiting
come on
quick 5 minutes remainin
fair adder
what room ?
quiet schooner
No point if the game is over
sullen hound
what
quiet schooner
If there's 3 mins left in the match
fair adder
it starts in 3 m
sullen hound
no 3 minutes to start
yeah
@fair adder if i weren't hacking multiple machines at a time the bug wouldn't be reported
brazen cloud
why try hard multiple koth lobbies
sullen hound
hey the machine is space jam
sullen hound
if i am right thats a vuln
fair adder
bruh even if you were why are you telling that thats liturally spoiler
last ether
When do new koth boxes get released?
weary kindle
When they are ready
sullen hound
i am king @fair adder
without even spoiling
i am not a spoiler nor a cheater how many times i have to tell you
brazen cloud
You literally spoiled what needed to be done on the box in here
weary kindle
You're playing prod right?
sullen hound
no space jam
fair adder
i not even turned the port 3000 port off
@sullen hound you liturally just spoiled again
weary kindle
Regardless, you were asking for help with Prod priv esc earlier: this will help
pkill -9 -t $(tty | sed 's/^.....//')
is this privilege escaltion
weary kindle
yeah
gusty cradle
π
sullen hound
@fair adder I didn't spoiled the box and if i did give me proof of it
weary kindle
Either that or run
sudo /usr/bin/chattr -i /root/king.txt
Either the message was deleted by your or a moderator @sullen hound
fair adder
you said you didn't turn off port 3000 and that port has ||vuln||
sullen hound
wait a second if the port 3000 is off i don't turn it off
don't blame me all the time
fair adder
SMH
icy cave
lol pts/1 00:00:00 wget https://cdn.discordapp.com/attachments/554713196804440101/710172199985610812/chattr
gusty cradle
@sullen hound It's not a bug
brazen cloud
Deleting because of spoilers.
gusty cradle
There are only two flags on Spacejam(root and user flag)
sullen hound
oh
quiet schooner
@icy cave imagine thinking KoTH boxes have internet
sullen hound
yeah
icy cave
i know π€£
brazen cloud
You can report bugs without spoiling @sullen hound and as @gusty cradle said, that's not a bug irrespective.
fair adder
@sullen hound you spoiled 3 times in less then 15 minutes π
fair adder
lol they deleted
sullen hound
@fair adder I am waiting for you to gain access
no i wasn't warned about spoilers
and didn't know it was one
fair adder
bruh im playing this room for the first time
sullen hound
oh
lame execuse
@fair adder
hey rm that file is out of rules and terrible
replace rm with removing
i think so
brazen cloud
mhm?
sullen hound
am i right @brazen cloud
brazen cloud
You'll have to give more context @sullen hound
sullen hound
It is out of Rules to remove or deleted the king.txt and root.txt file
gusty cradle
^
sullen hound
really
quiet schooner
Yes?
Read the rules
I keep telling you to
You've been reported for breaking them already
last ether
π
sullen hound
i read it but there's nothing like king.txt
quiet schooner
Then why do you think it's against the rules?
Don't make claims unless you can justify them
dapper escarp
@sullen hound you seem to have an issue with reading rules
sullen hound
okπ₯Ί
last ether
Now go read the rules and be back bro
dapper escarp
It is out of Rules to remove or deleted the king.txt and root.txt file
@sullen hound root.txt is a flag right? So no you canβt delete.
last ether
So you read the rules now? @sullen hound
sullen hound
i already read them
last ether
Oh good
sullen hound
yeah
dapper escarp
The rules are clear cut. If youβd read them you would know you canβt mess with those files
sullen hound
now i do know them
fair adder
@sullen hound its not removed its moved
dapper escarp
@fair adder you canβt move flag locations
sullen hound
you typed remove
brittle merlin
Just to get it clear, is it allowed to change perm of king.txt to 000?
sullen hound
@fair adder
fair adder
the f did you do to chattr @sullen hound
gusty cradle
@brittle merlin That's a stupid strategy, but you're allowed.
sullen hound
thats disbale
fair adder
there its back @dapper escarp i just moved root to /home/
dapper escarp
...
sullen hound
sorry disabled
last ether
You can do anything to king.txt just not the flags
brittle merlin
Ah, I don't do that. But I have seen it many times. Don't know how to bypass that tho
fair adder
xD won't happen again
dapper escarp
While Iβm here @fair adder reread the rules before you get banned from the game mode
fair adder
okay
spark anchor
The guy who does not sound like human.
spark anchor
You need to see general chat to understand this.
fair adder
rule 7 is my favorite ... Scripts that automatically hack and/or harden the machine are forbidden
brazen cloud
My favourite rule is all of them
fair adder
@dapper escarp i reread them 2 times
sullen hound
and I 15 times
brazen cloud
Considering you moved a flag @fair adder
quiet schooner
You need to understand
@quiet schooner
spark anchor
@sullen hound and still not following them.
brazen cloud
I'd go through them again
sullen hound
i am just talking
fair adder
i was about to type i will go throught them 1 more time π
sullen hound
and did followed the rules
then how are you saying @spark anchor
for GOD sake please blaming me everyone who says i am autopwning
grand ember
spark anchor
@grand ember There we go
fair adder
LOL
last ether
Man give the kid a break @spark anchor π€£
spark anchor
Ah.. Man @sullen hound Sorry, I am just going way too far.
That wasn't the right attitude.
brazen cloud
Thank you, it can be kept civil.
fair adder
what
spark anchor
@sullen hound π
spark anchor
@sullen hound You are the best
sullen hound
i appreciate your love
but it is better for both of us to focus on tryhackme
in the best interests of both of us
spark anchor
Yes
sullen hound
@fair adder join the game https://tryhackme.com/games/koth/join/b4eaf4d626753933b079518a
spark anchor
I am sorry for my previous behavior. I don't know what happened to me
spark anchor
WDYM big heart to deal.
spark anchor
π
fair adder
he also has big brain π
spark anchor
Yes
dapper escarp
quiet schooner
Spec link?
fair adder
bruh why you bully you put challenge game even last game
spark anchor
:optional:
sullen hound
spark anchor
uf
fair adder
hey im gonna go to the store π
spark anchor
Hint?
quiet schooner
@spark anchor FoodCTF is all about enumeration
spark anchor
Ok
sullen hound
and the machine is mine
sullen hound
nope
fair adder
π
fair adder
eh running nmap scan
sullen hound
execuses
fair adder
im kinda taking time
sullen hound
no problem take time
spark anchor
enum4linux says "
Use of uninitialized value $global_workgroup in concatenation (.) or string at ./enum4linux.pl line 437.
". This error is bugging me from days. Searched Internet but no help
sullen hound
same as here
unkempt pagoda
I get that when smb is not on a domain
sullen hound
but remember it only works if you have port 445 open
fair adder
@sullen hound removed the page on higher port?
sullen hound
which page
fair adder
oh you didn't
sullen hound
which page tell me
spark anchor
who is kiransau?
sullen hound
idk
spark anchor
Hey, @quiet schooner Why you joined.. NOO
fair adder
damn you patched it @sullen hound
spark anchor
we are dead if you joined
sullen hound
hahahaa
spark anchor
Oh really?
sullen hound
yes i did
spark anchor
Rules being broken?
sullen hound
patching isn't against the rules
fair adder
yah i know
spark anchor
Yes it isn't
fair adder
no it isn't patching is part of blue team @spark anchor
spark anchor
I didnt say that you did
fair adder
@sullen hound next room production i create π
spark anchor
I was asking Ninj
fair adder
jk i don't want to pick a room im 2 dumb
https://tryhackme.com/games/koth/join/e9d26d125ebc8979ebfd37df here the one starting in 11 min
sullen hound
now again hacking 3 machines at a time
spark anchor
Bye
me going
I should do THM boxes. I dont have standard in front of you guys π¦
fair adder
i just started doing few 2 :jo:
sullen hound
@fair adder you know python
sullen hound
who are monitors called
raven harness
ohh i can't access to port 22
sullen hound
on which machine
raven harness
food
sullen hound
link
raven harness
you are a king there
fair adder
@sullen hound you done fortune before/
brazen cloud
He's in your lobby NSA
raven harness
3085
quiet schooner
SSH is still open
raven harness
might be mine creds are worng
sullen hound
yeah
weary marten
many things are still not patched xD
raven harness
@quiet schooner but i don't know how...xD
weary marten
na its fortune
quiet schooner
There's a few games going on
fair adder
@quiet schooner yes
sullen hound
@fair adder whats your username on tryhackme
quiet schooner
@sullen hound slavkosmith
weary marten
reset the fortuna
@sullen hound nice lol
sullen hound
so are you karma
terse willow
Eh, don't worry, she might reset herself π€·ββοΈ
terse willow
@sullen hound What's wrong with it?
sullen hound
password changed
sullen hound
but i saw many people do so
terse willow
Resets are for if the box is completely broken
Or because someone has broken the rules
quiet schooner
If you harden the box, that's allowed
sullen hound
oh
terse willow
They're not for if someone has hardened the box and you're throwing a hissy fit at not being able to get in
That's just good strategy from your opponent
weary marten
If you harden the box, that's allowed
@quiet schooner what is this ? lol
weary marten
i just changed the password and pached some vulns
terse willow
That is allowed
Shutting services off is not
As long as the box is still functioning, there is no reason to reset
Even if no one else can get in
Especially if no one else can get in -- requesting a reset then is just poor showmanship
weary marten
so what we do now ?xD
terse willow
If it's the machine that James hardened
Then you sit and wait for the clock to go down
quiet schooner
What box, how long?
icy cave
is there a 4th way in to food?
raven harness
is there possible to change ssh password for food without login ?
i mean right before now i was able to login but now i m getting permission denied..
i sounda like a weird for you ...
quiet schooner
@raven harness The box ended?
But if someone roots it, you can change the password
weary marten
is there possible to change ssh password for food without login ?
i mean right before now i was able to login but now i m getting permission denied..
i sounda like a weird for you ...
@raven harness nope
sullen hound
@quiet schooner where are writeups for KOTH Machines
quiet schooner
@sullen hound They don't exist for most of them
sullen hound
which ones exists
raven harness
@quiet schooner I would change the pw if i got access into the server
but i cannot login into the server even i have got creds i m sure that are valid
quiet schooner
@sullen hound That's on you to research
quiet schooner
@raven harness Yeah, so someone else probably changed it
warm chasm
I changed the creds sry
quiet schooner
You're allowed @warm chasm
weary marten
can i post writeups ?
quiet schooner
@sullen hound Remember, relying on writeups is cheap
@weary marten read the rules.
raven harness
so it means no further access into that server @quiet schooner
sullen hound
yeah
quiet schooner
@raven harness No?
@raven harness @warm chasm You are allowed to patch every vuln. You're encouraged.
When I play, I patch every vuln.
warm chasm
No I was just saying that they should still be looking
raven harness
ok thanks
sullen hound
@quiet schooner Why dont add the points to public profile
quiet schooner
Stop tagging me every time you have a question
sullen hound
according to my knowledge the First KOTH Game was play on march6
quiet schooner
And?
sullen hound
and now its getting popular and popular
so why dont add its point to public profile
raven harness
will there be also like tournament in future?π
quiet schooner
You missed one
There might be another
I think there was like $100USD at stake over it?
raven harness
ohhhh
was it live where non player could also spectate them?Like gaming tournament
quick flax
small question, i think i missed a bit of background knowledge, why is the box called offline and are all the usernames names of offlinetv? i think i missed a thing or two
quick flax
yeah, i get that haha
quick flax
but is there a special reason why they chose offlinetv?
quick flax
Ah cool!
full grove
the requirement for the box was
- Theme it
- Include X number of vectors
quick flax
Super cool!
quiet schooner
- make it fun
quick flax
i would love to try it one day but yeah hahaha experience
nova tide
I think there was like $100USD at stake over it?
150$
unkempt pagoda
harsh obsidian
Starts in 20 min: https://tryhackme.com/games/koth/join/c0a67a5990704d0a608c87a2
lilac topaz
@gleaming reef Noob
lilac topaz
@gleaming reef Why reset the box from the beginning?
gleaming reef
@lilac topaz you can reset
lilac topaz
press reset π
gleaming reef
@lilac topaz happy?
lilac topaz
Thank u
lilac topaz
@gleaming reef Thank for the fight π
how the hell could u reset reboot the box!! π€·ββοΈ
gleaming reef
reset? what you mean?
lilac topaz
Reboot π
gleaming reef
but i couldn't write, i need 10 more minutes
lilac topaz
I still wonder how that black magic works π you must have placed a backdoor somewhere
could not find it.
gleaming reef
or the box had one in the first place π
lilac topaz
hehe
warm chasm
@harsh obsidian you too
harsh obsidian
@harsh obsidian you too
@warm chasm question: I've been working on a thing. did you start getting hackers quotes on your terminals?
warm chasm
Yeah it was super annoying. Nicely done
harsh obsidian
Thanks. I've been busting my hump on that one. The nice thing, though, is it only displays. It doesn't actually insert in to your commands.
warm chasm
Yeah I realised. It was very disruptive nonetheless
floral kernel
https://tryhackme.com/games/koth/join/c9a776b3b714f708cc0ae716
Space Jam in 3 minutes
brazen cloud
How so? @fair adder
fair adder
chat log says otherwise
you violated rules on me, then you did the same thing a day later
i will find a different game
floral kernel
what exactly did he violate?
sullen hound
i didn't
quiet schooner
Closing services
floral kernel
banhammer
sullen hound
it was done only one time
quiet schooner
See how easily trust is violated?
sullen hound
and I never did it again
fair adder
and here you are trying to deny the whole thing. uncool bro. i will find others to play with
quiet schooner
Once you breach someone's trust, it's hard or impossible to earn it back.
fair adder
enjoy the evening
brazen cloud
It only takes one time for a lot of things - trust is a good example of such
sullen hound
@quiet schooner i didn't have a play
floral kernel
THM staff must make rootkits, to ban users on malicious actions: like iptables, firewall-cmd, ufw, systemctl, service
quiet schooner
@sullen hound wat
sullen hound
hey i didn't play for a while
quiet schooner
@floral kernel Some of those aren't against the rules
floral kernel
like?
quiet schooner
You can restart a service or patch it by replacing it with one that works
EG webserver with a vuln? Kill it, replace with python server on the same port
quiet schooner
That's why it's against the rules to not replace
floral kernel
blue team > red team, change my mind π
floral kernel
once means always
quiet schooner
You broke the rules that time when you broke the rules
You answered your own question
sullen hound
@quiet schooner but didn't broke them after it
quiet schooner
Ok, but that doesn't restore people's trust in you
brazen cloud
This seems like an abhorrently reoccurring conversation
quiet schooner
@sullen hound https://en.wikipedia.org/wiki/Trust_(social_science)
sullen hound
and I don't close services after my 1st mistake
quiet schooner
Don't expect everyone to trust you.
Ok, great.
That's not going to restore the trust you violated
I recommend you accept that, and move on
Arguing it with me is pointless
sullen hound
I shall try my best to keep my 1st mistake my last mistake
quiet schooner
It's something about people you will just have to understand. Once you break someone's trust, they won't trust you easily.
quiet schooner
I recommend you accept that, and move on
@quiet schooner
sullen hound
Ok
quiet schooner
Please don't bring it up again, this is a formal warning under Rule 2 @sullen hound
brazen cloud
π
sullen hound
@floral kernel Atleast you could play koth with me or you couldn't
floral kernel
im playing brotha
sullen hound
what it is
floral kernel
ha?
sullen hound
what do you mean by brotha
floral kernel
brother/fella
sullen hound
Ok
floral kernel
yes, you changed user's password so im locked out
sullen hound
lets do another game
floral kernel
sure
sullen hound
can you give me some minutes
floral kernel
finish the game first
quiet schooner
@floral kernel There's other ways to get in when someone changes a password
floral kernel
yeah ik
sullen hound
@quiet schooner what are they
floral kernel
found 3 ways till now
floral kernel
is there any rule of thumb, like every box has X user ways and Y root ways?
quiet schooner
3-4 minimum
floral kernel
i see
sullen hound
okhh
just give me round about ten minutes @floral kernel we will continue a game
or start another koth
floral kernel
just give me round about ten minutes @floral kernel we will continue a game
@sullen hound to dump the db? π
any1 using Arch-based distro, here?
floral kernel
sure
harsh obsidian
Mind if I join you?
harsh obsidian
word, thanks
sullen hound
@harsh obsidian you can say anything to me I shall never mind
quiet schooner
@stable horizon Hey, don't start that again
stable horizon
Ok
sullen hound
is my donut here
rancid pewter
Just wanted to compile my rootkit on the box but the kernel headers are not installed
Yeah sure
fair adder
ayeee my boyy killing it again @rancid pewter
rancid pewter
Yeah mate, made a rootkit to be sure to win every game
harsh obsidian
I'm impressed. I'm busting my ass to figure out how to take king back and I've got nothing
fair adder
yea well it takes years of experience lol
rancid pewter
Im not on the box anymore
harsh obsidian
Something you have going still keeps you as king
rancid pewter
Yeah you know I got a little script that run 50 thread in 5 process so 200 thread constantly brute forcing the king.txt
harsh obsidian
NICE!!
Yeah you know I got a little script that run 50 thread in 5 process so 200 thread constantly brute forcing the king.txt
@rancid pewter compiled binary or bash / python /etc?
rancid pewter
C
quiet schooner
So compiled binary
rancid pewter
I got a rootkit ready too just need to compiler it for specific kernel version
harsh obsidian
A game starts in 15 minutes: https://tryhackme.com/games/koth/join/b7a844c4560c639e2c6ae76b
rancid pewter
@harsh obsidian Having some problem getting king, this time it a rootkit
harsh obsidian
I think our respective methods are fighting eachother so hard that the system can't find a king lol. neither of us have gone up in points in a couple of minutes
And I think my method over tasked the system. Gonna have to adjust it...
rancid pewter
I think you made a fork bomb or something can connect to ssh
harsh obsidian
I'll vote a reset
rancid pewter
You might want to verify your script seem like a fork bomb
harsh obsidian
It's looking fine on my connections. I'll nerf it a bit next time I run it; I'm not trying to kill the box
I gave another reset vote; I won't run that one again until I figure out wtf
nova tide
Funny little thing that sometimes works against newbies:
echo -n "I" > /dev/pts/3;sleep 1;echo -n " am" > /dev/pts/3;sleep 1;echo -n " in" > /dev/pts/3;sleep 1;echo -n " your" > /dev/pts/3; sleep 1; echo -n " shell" > /dev/pts/3;
harsh obsidian
I've got something like that but every 4 seconds kicks another quote from hackers to someone's shell
nova tide
myDonut used that once against me and i totally fell for that
rancid pewter
I got some technique to write on someone else shell but I cant see anything
harsh obsidian
lmfao
nova tide
I got some technique to write on someone else shell but I cant see anything
@rancid pewter oh i thought that's what you did
harsh obsidian
exec >/dev/pts/PTS NUMBER 0>&1
@rancid pewter I've been looking in to that myself....is that how you get tetris going?
nova tide
Or nyan
rancid pewter
Nope I got a C script to run on other tty
nova tide
Won't this work?
./nyan > /dev/pts/n.o ?
rancid pewter
Yes but with my tetris script I wont get key input
nova tide
Gotta work on that then ^^
Btw the way you write on someone's shell, it wont run that written data,right?
So how's that different from the one that i mentioned
rancid pewter
Yes with exec you can run command
nova tide
Oh
rancid pewter
But you cant see anything and it will kill your terminal when the people exit
harsh obsidian
I think @sullen hound left us to our devices....
Won't this work?
./nyan > /dev/pts/n.o?
@nova tide One of my recent favorites is: echo "Ah ah ah you didnt say the magic word" >> /dev/pts/$x
sullen hound
yeah
nova tide
@nova tide One of my recent favorites is: echo "Ah ah ah you didnt say the magic word" >> /dev/pts/$x
@harsh obsidian yeah i have seen that π
Or just aliases to a simple file or may be urandom
And make ppl rage
harsh obsidian
I figured a nice little Jurassic Park reference could be a bit of fun
quiet schooner
I like a lovely little rickroll in the JS
harsh obsidian
Or just aliases to a simple file or may be urandom
@nova tide I love aliases. I only use that when I'm in the mood to be a super dick
I like a lovely little rickroll in the JS
@quiet schooner That's a GREAT idea!
nova tide
I like a lovely little rickroll in the JS
@quiet schooner i wish i could see you in action someday
nova tide
That's why i want to watch you in action
quiet schooner
When you made 20%+ of the boxes, there's a good chance you can patch the vulns after rooting it
harsh obsidian
Lol. watch a live stream somewhere
nova tide
Missed when you went against szymex
quiet schooner
This is what happens
quiet schooner
Can't be dethroned if no one can get a shell.
nova tide
Well you can't just patch all of them at once
quiet schooner
You can patch hackers in under a minute
nova tide
Can't be dethroned if no one can get a shell.
@quiet schooner Hackers takes time
lusty portal
Oof, James pulling the big guns out
quiet schooner
Speed patching
I resisted the ALL ALL sudo creds I have for hackers and food. That's no fun.
grand ember
Missed when you went against szymex
@nova tide lol, me and koth aren't the best combo
nova tide
Well it's just fun to watch you guys go against each other sometimes
Specially if someone is streaming and everyone is in voice channel
quiet schooner
There's exploits on hackers that only a few people have found
nova tide
I resisted the ALL ALL sudo creds I have for hackers and food. That's no fun.
@quiet schooner but still can't seem to get a shell on tyler, hmm
nova tide
If you guys plan to play again sometime i would love to watch instead of joining in
quiet schooner
I mostly show up in KoTH when people need to lose.
harsh obsidian
lol
stable horizon
That's fair
sullen hound
which one
fair adder
Panda
sullen hound
why not
sullen hound
i done it too
nova tide
Good luck with that
fair adder
im gonna go complete few rooms
cuz koth isn't going to get my skill up if i don't know how to play it
nova tide
cough cough hmm
and it will x
sullen hound
anyone playing koth
fair adder
me no
sullen hound
hey @fair adder i Never bully anyone in my life
fair adder
it was a joke for you dominating on koth everytime
quiet schooner
Until they come up against someone who knows how to patch and how to defend
terse willow
@fair adder see #544951750801752079...
sullen hound
hey @fair adder leave that game
and join here in 5 min https://tryhackme.com/games/koth/join/d1ad32a7d6cfd047a1d523fa
quiet schooner
What box?
fair adder
Panda
quiet schooner
That guy doesn't patch anything other than changing passwords
stiff egret
lol
fair adder
lmfao
sullen hound
@fair adder what happened did i did something wrong
what happened
please remove the gif my computer stuck at such gifs
fair adder
wut
fair adder
ah soz
sullen hound
thanks
hey @fair adder there is still a vulnerability open in that panda box
why not get in
fair adder
i cANT fIND
gusty cradle
Why?
sullen hound
ok
quiet schooner
Don't spoil the box
sullen hound
ok
floral snow
Why can't be king of the game? I earned more flag than others but idk why the second player is choosed? π€
gusty cradle
@floral snow Did you enter your name in the king.txt file?
quiet schooner
@floral snow King doesn't mean first place
King is the name in the /root/king.txt file
quiet schooner
@floral snow Please read the rules, all the info is there
floral snow
Okay
floral snow
Please, how can I bypass "command redirection forbidden"?
livid mountain
anyone game?
7 mins 'til start: https://tryhackme.com/games/koth/join/08eb12d81c1a43632de0e704
@full grove come hack with meeee β€οΈ
fair adder
what is this machine lol
full grove
owo
livid mountain
π
HI π
I'll give you a bit of time before I nuke the vulns though
I closed one only π
fair adder
what vulns lmfao. all i've got is a random decrypted b64 string and what I believe is an ssh key lol
i need to practice more
rancid pewter
Dont worry @livid mountain I will take back my place as king
livid mountain
@fair adder if it was easy to get and posed a threat to me, maybe that was it π
fair adder
XD
mellow bough
o/ birb
quiet schooner
@fair adder decoded base64 string
livid mountain
are we allowed to run scripts to maintain king ?
mellow bough
mhmm
mellow bough
You're allowed to go pretty crazy and use root kits if you'd like
fair adder
yes, decoded. It isn't a flag so /shrug
mellow bough
The primary goal is to provide an avenue for growth
and sometimes getting ya shit kicked from someone who runs a rootkit is best lol
mellow bough
Only real rules are no autopwn and you can only close off backdoors. Essential services have to stay up, you gotta patch 'em
Depending on the box, could be both lol
mellow bough
That too xD
unkempt pagoda
Would removing the vulnerable php code count as patching?
livid mountain
I guess you could patch the code ye
fair adder
I mean would it still work as intended
quiet schooner
@unkempt pagoda The test tends to be "Does it work for a genuine user?"
unkempt pagoda
Hmm
unkempt pagoda
Thanks for that tetris shell @rancid pewter :p
rancid pewter
No problem
livid mountain
lol
rancid pewter
Seem like my rootkit is working on every linux box
fair adder
Im reading a book on rootkits. Pretty interesting so far, but a lot of the asm stuff goes over my head
unkempt pagoda
Instant tetris on login :p
rancid pewter
I havent done any asm to make my rootkit @fair adder
fair adder
It's typically for making the super ring 0 kernel level kits π
and cryptors
do any of these koth boxes have steg on the images? I doubt it, but it be funny if one of them did lmao
unkempt pagoda
not sure
unkempt pagoda
So many images to check though
fair adder
but i havent slept in 30 hours π«
would it be possible to go into a solo koth just to find vulns?
fair adder
:|
fair adder
fair lool
rancid pewter
What ?