lol

lmao

I wont use rootkit this time

o we get more flags now?

or no

are flags randomly generated? I would assume so

can't resubmit - ok

alright boys the grind begins

how is the king txt file write protected from root anyway

chattr

Chattr

The beautiful of making a file immutable

mmh

hmmmm

two new tricks learned 😄

I can't even kill -9 your stuff

😢

Eh

GG @rancid pewter

myDonuts has a rootkit 😉

GG

I might have overkilled KoTH

can't wait for the rkit meta

might xD

I'm so sad my awesome script didn't work

i made the perfect meme script last night

wanted to try it

but for some reason I got a "file not found" error

it's complicated....

😂

It in which language ?

bash

was just a simple shell script that wasn't too noisy and had had some tricks to hide itself

maybe the tricks fails

works on my pc

@livid mountain Would love to see that script in action

it's more simple than it sounds really

it's a trick i heard about in Darknet Diaries LOL

always wanted to try it

Seem really interesting

want a peek?

You're gonna spot it and mitigate anyway so I don't mind sharing hahaha

Yeah DM me

https://tryhackme.com/games/koth/join/de79bc1af57be6ca42476b09
Public koth if someone wants to join, starts in around 10min

anyone playing koth

if not join here

https://tryhackme.com/games/koth/join/4df208b0408fe1b8172fc209

Good game @sullen hound 😅

yeah

😅

Man you are good

yah

Though you kept kicking me out

Look whose the king

🤣

I know who is it

I am learning some languages

Me too

Me too

And That might help me keep the king

It looks like you already memorized all the boxes

And That might help me keep the king
@sullen hound
Sure

I'm just a beginner too

I put 24 hrs to KOTH

Nice bro

Why NSA?

Why the name

You know why the name

No I don't

That's the reason I'm asking

Do you work for the NSA?😅

Look out the window, if you see a black van with antennas you have your answer 🤣

😅

just started with koth, is there only user.txt and root.txt flags or are there more? or does it depend on the box

@jagged oyster For SpaceJam, I think there's only user and root

For other boxes, there's 6-10 flags around the box

okay that explains it, doing spacejam atm

If you hover over the label for flag submission, you can see the number of flags

been looking for more for like 40min now, facepalm 😄

aah okay, thanks!

anyone playing koth

hm, getting 404 when trying to join a koth im participating in

which koth

https://gyazo.com/fb11e029ff598c55d8b59647c52117aa

clicking on the link gives me 404, dunno why

that happened with me too

can you give me the link please?

oooh a fix

i think

https://www.tryhackme.com/games/koth/3307

yes it is 404

Game 3307 does not exist

Can you please refresh your page and copy/paste the link

Is it the same?

3305 is the one giving me 404

wait, im in now

weird stuff

Yeah, I'm looking into it

Very weird

anyone playing koth

join here start in 10 minutes

https://tryhackme.com/games/koth/join/1622b9f0a0e7debe0be587e5

ahh too late ;D

yeah

join here https://tryhackme.com/games/koth/join/c86fe8ed434aed6538a1ae6b

anyone

https://tryhackme.com/games/koth/join/25091d5b082acf9af001536b

is it any flags that is encoded?

reset pls

reset panda

@sullen hound can you press reset ?

why

cuz it's heavily patched, lol

let's play...

i patched it

if you beg

lol

where's the fair play

then ok

its fair play

@slate crow

Patching is Allowed

lol

this guy's scared cuz he got only one way in

lmao

lol

reset again bois

why spam reset xD

why tho, if he can patch it in five min we have lost, if he cant why reset?

i reseted it 3 times

now you cant get it its not my problem my mate

yea, but gg @sullen hound

was the file on port 80 a flag?

umm

in koth telling others in spoiling the box

so sorry

what happened ?

you fallin ?

ohh, i didnt know

lol there are a lot of new rooms added
to the koth games
haven't been active in a while 😮

ahh a fly

dayum u are clutching tho

beg me now

@sullen hound

bruh

lol there are a lot of new rooms added
to the koth games
haven't been active in a while 😮
@rugged pumice Yuck, that fly 🤢

if you beg
@sullen hound payback

@slate crow see who is winning

What box?

panda

Nice

yea

he lost his only way in

lmao

So yes, you lost your only way in

man i didn't find any way in

@twin rapids same lol

Lost = forget

You can no longer use it.

i will try hard

to remember it

you lost bruda

just accept the loss

@sullen hound

lul

You're still taking the L

why u playin 2

hahahahahahah

ya mad bro ?

@sullen hound really? Remember when elf rekt you?

ahahahahahahha

this guy's hilarious

You got beaten

use google

lmao

By elf and me

@rugged pumice the pic is named muha 😂

yes me and James __Beat you __

@sullen hound james came in last minute and still had more points then you 😂

Elf, just how bad are you at KoTH?

im like solid bad 😆

I'm in CoD MW

me is located in assembly rn

me and elf64 chillin

gg bois

@maiden wasp gg

create a private machine panda

and DM me

I need to know what i forgot

i mean sure

there i sent it to you

indians of NSA

lmao

https://tryhackme.com/games/koth/join/f5a8a30390f7b3d0834fef81

nah, ain't got no time for ya mad ass rn, workin' on other stuff

People can be busy

ye

me rn

you scarin' me

ok

@sullen hound you even playing?

koth

the game you joined

alright

man how did you get the username?

can i pm?

personal message

@sullen hound do we have any more vulns that aren't patched? i joined like after 35mins

okay np

Seems like clirimfurriku patched everything

but idk if theres still smth. on port 80

nice

lol gg

yeah, had a pretty big lead from the start, already knew the box ^^

port 3000 on that box is just OP

yeah there was a 3000 nodejs running.. was it in the box from the start or someone started it?

It's there from the start

yup

i was using it for the rev shell and someone killed it lol

i literally JUST entered the rev shell command

yeah, you arent allowed to kill services but idk how I'd patch a service like that anyways, thats how its supposed to work

You can patch the service on 3000

yeah u can edit the index.js maybe

Don't we take away the functionality of that service then?

isnt that its only purpose xD

or run it not under root

@carmine hemlock That's fine. You're not impacting the functionality of the service for a genuine, non hacker user.

@sullen hound I refuse to answer your rules questions for several reasons

lol

Mostly the fact that you should have read and understood them by now

Considering you CONSTANTLY ask.

Well then, gtg to bed now, was a good match!

@sullen hound can i discuss a topic with you, plz?

DM?

KotH starts in 23 minutes: https://tryhackme.com/games/koth/join/4689685e4187b82be91d16dc

Join if you want some urandom on screen 😂^^

https://tryhackme.com/games/koth/join/2ebf449c58cac70d97e87206

Killua in KOTH?

lol

@sullen hound can you reset the machine plz

?

can't access the machine

😦

even can't ping it

bro I know how to ping it

vpn connected?

i have a question about panda, can i dm someone?
it is regarding a initial access method

who's koth?

everyone keeps talking about him

is he loki's brother?

KOTH = King Of The Hill

nah

who is koth

stop lying

https://tryhackme.com/games/koth

that isn't koth

i've never been to that site

but who's koth

Is he the creator of that site?

stop messing with me

that's edited with the html

silly

& use #general for fun! 😅

see?

liars

xD

anyone playing ?

https://tryhackme.com/games/koth/3384

joining link?

https://tryhackme.com/games/koth/join/703d30a896710ba8e006474b

Hey ya

@spare scroll and I are on a public game. https://tryhackme.com/games/koth/3396

ahhhh i just wasted 20 min on a brain lag

Restart the machine man

RESET!

ait

They guy just replaced the webapp

this shouldn't be allowed IMO

hahahaha lmao

The rest are not even on the chat

sad kek

@civic oracle Why not?

If it's a valid patch that wouldn't affect genuine users, why wouldn't you allow that?

If he just replaces the entire code with "abc" text file

that beats the purpose

It does affect all users

The app is completely broken

That affects the availability

Yep it does

Check the rules, but that sounds like it could be a rule break

Yep rule 2

Nice and clear

Are they?

Yeah I was playing

7 mins to end and completely locked out 😄

😄

lionaneesh was fun

Yeah man 😦 gg

I created so many different users to maintain access

that wall trick you did ruined my life 😦

😄

whats some bullshit

ah

https://tryhackme.com/games/koth/3396

So easy to patch

Please avoid spoiling the boxes though @viscid girder

okay sorry

Have fun trying

That's a spectator link

You guys wanna join the voice channel 😄

i cant join VC cus im in the livingroom

did you already htaccess the upload NSA?

who has close ssh on 1337?

cheeky

hi

Damn man

gg bois my laptop is gonna die now

He has denied login of every user on ssh

now we are completely locked out man

fuckkkk

Web vuln is patched as well

3+ ways on every box

Wat

My bad. I am abusing myself. Like in awe! fuckkk!

not you

@sullen hound Do you have a complaint to make?

The rules are PG13.

Single fbomb is "fine"

Excessive swearing is not

Too long the wait is bro

I'm going to watch a movie

And my time zone is different

Another time

Peace

You sue them, because your NSA 😄

What level do you need to be in order to play KOTH?

https://tryhackme.com/games/koth/join/88016eaa870b2e169ad132ce

I always get the message Only intermediate and advanced experienced leveled users can play King of the Hill., anyone know something about this?

go to profile and change

Ah, thanks. I forgot that was a thing 😂

aren't autopwn scripts banned?

Ya huh

pretty sure someone in my game used one.

within like 5 seconds all acc passwords are changed.

it's you xD

NSA

it's been 8 mins buddy

You've been king 6 minutes

And Ryan is not

so within the minute we got on you got root and changed all passwords

k buddy

What machine is it?

you can't patch everything

food

There's no way to verify other then by the admins reviewing the logs. Send the url to koth@tryhackme.com

will do

It's easy to root food 🙂
But if you want to report them do as CMNatic says

this room has been out a long time buddy. there's nothing in the rules about me knowing flags from a previous session. They have already said that they look to refresh at some point. The fact is it's impossible for anyone else to do anything when within a minute you've gotten root, changed all the passwords and kicked everyone out.

you cannot patch everything. you have to leave one open

read the rules

before you play

ty

also i have a second game open which was also food which i was root on. stop whining.

if you have to use autpwn just to feel good about yourself then go ahead. you're not learning anything being a sore winner.

Patching all vulnerabilities is fine. Doing it with a script, less so

@gilded prism You don't have to leave any vulns open

wat

yes you can

sorry but can we go back a couple messages. he legit complained about storing flags right. So if this is the case he's on in 1 minute. then that's storing creds xD

@gilded prism drop an email to koth@tryhackme.com with the game number. The logs can prove if it's an autopwn or not

done it

^

As for storing flags and creds, it's a bit of a dick move. It spoils the game for other people

There is no party other then the admins who can verify the logs

Not much we can do about it yet though

i'll just mute and block the childish kid. Imagine this platform is to learn and have fun and you got guys like him lol

Be the better person here, best move @gilded prism

Hey, we can keep it civil though.

@sullen hound You've had warnings before. Be very careful.

Do you?

James isn't a therapist 😛

That's enough. Innocent until proven guilty and all. The admins will check the logs -- if there's an issue here then they will sort it.

Otherwise, there is no fault

Under rules 2 and 4, please move on.

Nothing to see here.

Talk to a mod if you have a complaint.

What's the complaint then?

?

@gilded prism Please make sure that you respect rule 1.

Issue dealt with

Please move on

please don't make stuff up. i'm done here

If you have an issue with how I handled that, please take it up with @terse willow

Ta James... 😆

Anyone looking ot get into some KOTH

Who’s Koth?

@brittle flicker An AI from Mars 🙂

@sullen hound I'm joking 😛

yup, thats exactly what i thought. leaving this game.. no time for pwnscript players

good luck to the rest of them. thought i would give him another chance

63 seconds and all passwords reset and 2 of 3 enterances are patched

no human types that fast. good day. you are blocked

@sullen hound this sounds suspiciously like another altercation, about half an hour from the last one...
You've had a fair few warnings now

all reminds me of hte convo that James had in here the other day about trust

For those playing along at home, that was a ban.

typing so fast you can reset all passwords and patch 2 entrances in like a minute. seems legit

i don't want the kid banned. just want someone to talk some sense into him. this is a platform for fun, learning, and growth.

Don't worry -- kid's been a pain to quite a few people, for quite some time; despite being told not to quite a few times

can't fix stupid.

but you can make it hurt

loool, he's banned?

OK now that it's reset I know for sure. He also killed the blog for no reason

he didn't patch the phpshell yet

LMAO0, btw can someone explain me how monthly leaderboards work? is it the right channel for that?

@stiff egret #general probably

heading that way..............

Is chattr +i king.txt; rm -rf /usr/bin/chattr allowed? Someone did that in a match today...

Yeah, it's allowed.

it's pretty stupid tbh

You can transfer a statically compiled chattr binary to the box to counter it

Searched for smth like that in the heat of the moment and didnt find any, guess I'm gonna look for it now / make it for myself. Thanks for that tip

There are chattr binaries in snaps

For some reason

It was a centos box, tried to reinstall e2fsprogs but it had too many dependencies to download

@carmine hemlock The VMs don't have internet access, so you won't be able to install packages

I downloaded them to my box, transfered to target box w/ wget and python simplehttpserver and then rpm -ivh

If the boxes had internet access it wouldnt have been that hard

(I downloaded the raw rpm files to my box)

lmao

https://tenor.com/view/umm-confused-wtf-blinking-okay-gif-7513882

Wasn't NSA banned?

from discord yeah

discord only i think

Dark mentioned about him being banned from site check the secret chat

don't leak secret messages 11!!1!11!1!11!1!!111

He was banned from the site. But he asked really nicely and got that one lifted on the condition of behaving absolutely perfectly...

pretty sure it was just someone memeing 😂

appearently not

I'm looking into this

I'm very displeased to say the least

Glad to see some action was taken. It wasn’t fun to have fake reports against me earlier. At least he’s been dealt with. Thanks staff, super job!

https://tryhackme.com/games/koth/join/22bd664e83d8c9836332cddf

GG

GG

The ban on NSA has been lifted for the time being

lol just watching optionals' final match, Dark ur commentary was hilarious 😆

Who’s koth again?

I pity anyone called koth

So, hopefully, no one

https://media.tenor.com/images/bdb9c110369fcef010f40aed2363ad25/tenor.gif

Koth must be very popular

He’s even got his own channel

@brittle flicker Hank Hill.

silly

that's not Koth

hanKot Hill

https://tryhackme.com/games/koth/join/dbcd82daa28ef67223d1420e

^-^

^_^

koth? 20min till start:https://tryhackme.com/games/koth/join/b3b0add52518fdddc416d1ec

public game starting in 4 mins. https://tryhackme.com/games/koth/join/037bd439dffb70b65808693f

is it normal on Production and Food that the king.txt file is always truncated and pretty much can't be edited? or is this a trick ppl use or smth?

It's something people do

is anyone up for a koth? gonna start in 22 mins https://tryhackme.com/games/koth/join/a0599a11d3f36cde6efa2c51

I had a thing earlier where someone nerfed the king file to make it totally unwriteable. On production. Kinda want it to happen again so I can work out how to fix lol

Sure thing

Probably you're talking about chattr

Hop in

13ish mins left ;))

is anyone up for a koth? gonna start in 22 mins https://tryhackme.com/games/koth/join/a0599a11d3f36cde6efa2c51
@royal pilot

heck

I keep missing him. I wanna meet Koth

I had a thing earlier where someone nerfed the king file to make it totally unwriteable. On production. Kinda want it to happen again so I can work out how to fix lol
@livid ginkgo pretty sure we were in the same game although i thought it was just the two of us actively playing. the exact same thing happened to me on Food, not quite sure what it was either tbh

I think it was... all I did was run a while loop. I got the notification ||when someone used chattr|| so maybe they just used that then left? Those other two didn’t do much... wonder if people are trolling... autopwn and troll.

I won’t lie I thought it was you who did that which is why I kicked you off the box lol. I wouldn’t play that dirty normally.

😂

ye i have no idea either, i looked through processes multiple times, didn't really see any other activity or could find anything that could've possibly keep the king file from being truncated

Same here...

i looked at it with tail for a bit and pretty much just a very quick spam of

watchdog2000
tail: file truncated

or smth along the lines

I was so confused why I couldn’t write to the file because I monitored processes like crazy, thinking there was a battle of the while loops between mine and a blanking one

Yes occasionally I kept trying different methods of getting the king back.

eventually i just tried to throw as many while loops at it as i could with my name, but no luck in beating the truncating really

I used nano. Vim. Deleting the file. Echoing to the file. Using a while loop and echoing. Nothing worked lol.

same lmao

I honestly feel like it might've been a bug tbh. I'll send an email to the koth address with the two game IDs that it happened in for me

Possibly Yeahh if it’s happened twice now.

can you share the game id here?

i dont think there would be any bug

3467 - Production
3469 - Food

@exotic quiver People have rootkits

3467 - Production
3469 - Food
@exotic quiver umm what was the issue again?

just checked the games i dont think anyone of those would have root kits

Essentially the king.txt was constantly being truncated instantly after something was written into it

myDonut is the only one with rootkits i know of. (May be Westar as well)

Nah

More people than that

@exotic quiver Someone has a script probably

It's weird tho, cause why would they do it if they're not even participating for points

@exotic quiver For fun? To test it?

*troll

Do you get points for KOTH games?

someone ban optional, he's deleting flags in koth

@hollow stone Really?

it was an accident tho, but he did delete it 🙂

he echo'd his name into root.txt instead of king.txt 😂

the flag has already been reverted, put down your pitchforks

lul

LMAO

tbf, relatable tho. i did the exact same thing on accident earlier

It's not deleting if it was recovered

And tbf it's concerningly easy to do

Dalist snuck into da game ;p

yeah, i had to sit there for 5 minutes wondering why i wasnt recognised as the king even tho i echo'd my name

then realised i typed root.txt instead of king.txt

F

he also killed ssh smh

sabotage!!

@JohnHammond#6971 is kickin a$$ in KotH right now.

Hey did u guys see the stream? john/optional/superhero

jup

they are pitching ideas for THM

They are trying to take in more people and do like tournaments!

if this happens that will be so awesome! And they will try to make koth boxes as well

sounds great

i am up to play some tetris in those tournaments

anyone playing carnage?

umm anyone knows who that Shikra guy is? in ktoh atm

pretty sure i've seen his name a few times in earlier games, but thats about it

@sacred viper sorry for ping but just wanted to say Eid Mubarak boi

btw if anyone wants to join in Carnage starting in 14 minutes:
https://tryhackme.com/games/koth/join/4b7a213db616206ea612564a

@nova tide - I'm in this koth game, and i'm wondering if something is going on...

/root/king.txt isn't matching the service

No idea what that means ^

Webpage updates after one minute

the service on 9999 was showing Shikra's username, regardless of what was in /root/king.txt

Thonk

and my name appeared to be in there for a long time

Sounds like they might have broken the rules and interfered with the service on 9999

but it might have just been changing last minute

netstat -tulpn see what's listening on 9999

not sure, my shells got borked now

What box is it?

netstat wasn't on the box

tyler

I can't help then

i'm not 100% sure though, i could be mistaken here

@nova tide Thanks Bro! Eid Mubarak to you as well!

Khair Mubarik

@nova tide What's up with Shikra? that'e me!

things seemed weird

my shell was getting borked though, so i'm not sure

just saw the Pakistani flag sooo was just curious

i might have fallen for a troll of yours

Shikra is me, I just can't change my username on thm

*yet

You will soon

but i dont think we are in the same game

yeah i just found your discord name by search

Thanks @quiet schooner, skidy said this exact same thing almot 8 monts ago 🙂

saw recent game running and saw your name

@sacred viper It's implemented on the backend, just needs to be added to the profile page

Oh great, But my username on thm is already gone 😭

well played - absolutely destroyed me

i was riskyflea in that game

i was confused because from my shell my username was showing up in the king file for a few mins in a row, but the 9999 service was showing yours. I think I fell for a troll from the box or another player though

i don't think i even used port 9999

i stared with port 8080 to get a shell

You don't interact with 9999

9999 is how TryHackMe knows who's king

port 9999 is what the tryhackme uses

Ahhh! Gothca 🙂

i got nowhere with 8080

managed to get through 80

found one way up to root from there, but it wasn't a fun shell, and it went after a while

Oh! how did you manage through port 80

by /upload

i think i might have managed to kill my own root in a panic 😄

ha ha ha 🙂

we allowed to give solutions in this discord?

as in give specifics of how we did it

No spoilers

not sure, @quiet schooner can answers

oh okay! Thanks Ninja!

shame, i kinda want to know how you got in through 8080

i found a login page and couldn't see a simple way past it

dammit, i just realised the troll i fell for...

the name of a particular file just dawned on me 😄

shame, i kinda want to know how you got in through 8080
@magic gorge

😄

i thought i was sitting with name in the king file, so stopped trying harder

i was wrong

😀

well its always best to set persistence

^^^ doesn't matter if you are king or not it always helps you win the late game

i had persistent access to the troll

i can't really say any more without it being a spoiler i guess

i definitely need more practice at this

Good Luck

thanks

anyone here currently playing?

Not me!

i am

Are we allowed to attack other players?

not their machines

I see...

the rule "No attacking other users" seems vague now i read it again to be fair

Yeah

that's how i read it the first time

what does "attacking" mean?

I've avoiding being mean to others

@magic gorge Killing shells fine

well smashing my pty seems pretty attacking

Scanning their machines? Nope

yeah, i killed shells and catted /dev/urandom to his pts for a while

was assuming that was fine

sorry if i've misunderstood that

That's fine

i'm pulling my hair out here trying to work out that permission you've set on that file though

That's not their machine, that's their shell on the KoTH machine

@magic gorge lsattr

aaaah

cheers

Is anyone else playing??

my poor backdoor user 😢

huh?

the password for a backdoor user i added no longer works

or i can't copy and paste

yeah, sorry about that

the latter is likely

you can come back in, scotty / foo

@magic gorge ^^

😄

think it's a bit too late now

don't suppose you fancy giving his sudo rights back? 😛

Organisation policy forbids it

How quickly do change requests get processed?

Raise a Service Now ticket

You have sudo back

i'm scared to use it

worried it'll pop up into powershell or something

https://tryhackme.com/games/koth/3505

hahaha

root@spacejam:/root# tail king.txt
Daviey
root@spacejam:/root# cat king.txt
cat: king.txt: Permission denied
root@spacejam:/root#

i wondered if you'd modified cat

never wondered for long enough though i guess

You know about tac?

not really

tac is cat

but different

in reverse 😮

cat is for concatenation

tac concatenates the arguments in reverse order or something

reverse line order it seems

how many vulns do i need to patch??

All of them really

yeah, i got root quickly this game, set up some persistence, and nobody else had done anything to i relaxed on patching. you saw first hand how that went

😆

tac real-king.txt

riskyflea

the one i'm still confused about is how the king file magically gets the immutible attribute on it when i try write to it

inotify involved somehow?

Someone has a script probably

yeah, couldn't see the script is ps

it doesn't seem like a timing thing

@jovial moat - is that rs1 something that was on the system, or is it yours?

Yeah... some people are real b*stards

that is mine

ps aux May help. And ‘w’

rs1 is just a reverse shell

Let’s you see who is running processes. I had this happening earlier tho and couldn’t find out what I needed to kill.

I didn’t want to be an ass and boot people off every time they got back on

i always forgte about w

@magic gorge congrats on getting first blood. That was faaaast

congrats on the win. that was clinical once you got on

i saw the port i got in through, and new it's something i like to go straight for

i don't really get how aggressive to be to other players in these. I probably could have patches every vuln (or at least every obvious one) in the time i had as root, but that seems like it would just ruin the game

Eh, I've locked players out for 58/60mins in a game before

Yeah.. I feel the same way, I mean - you just just wreck every pty that isnn't yours.

Don't have to worry about wrecking a tty if they can't get a shell

chmod -x /bin/bash , nobody will be able to get a shell after me 😄

I just close vulns and sit back

Put some rickrolls in the JS files

You could just script killing any new process, or any new process that is a shell of some kind

that could be a loop you paste in as soon as you get root

Ohhhhh that is a good call. I need to prepare some http redirects to rickroll if people try to use patched vulns.

Messing with user's deafult shells could be fun

The thing with killing any new processes is that the machine wouldn't be usable anymore by "legitimate" users.

Rick rolls would be greatttt

There’s so much potential to trolll people

Still allowing them access. But trolling. The occasional boot off is okay too.

Would be especially great on Fortune with the randomness I think 😂

Ahh you patch everything except the chancy one

Then wish them luck lol

Tell them it's a 1 in 1000 chance to get a shell, but instead it's a 1 in 1000 chance to get rickrolled

999/1000 rickroll, 1/1000 for a shell

Ha

Give them a shell on a different box

Now that

Hahaha

You set up your own little docker machine that they spawn into

And it even has a priv esc and king file

Damn that’s evillll

On it.

There must be a rule against that 😂

This could backfire when they escape the docker container 😄

I was just about to say that, just make them a small environment with a fake root user and king.txt

I thought about adding that to a KoTH machine

Make them scratch their heads on why it's not updating that they're the king

I think someone has done a less over the top version of that to me before

I realised after the game ended

HTB had a docker one where you had to bounce between containers.

was that the reddish machine from a while ago?

yeah, ~2 years ago it was live

I loved that one

Same

there's somehting really satisfying about jumping through loads of docker containers

Yeah, i felt the same way. Wasn't haaaaard... but felt rewarding.

Anyway, it is late in Britland, go to bed @magic gorge 😄

wow just realised how late it is

thanks mum!

I mean, I feel that way already with just getting on a box, I can imagine how great it'd be to hop through multiple containers

@magic gorge Look forward to kicking your butt next time 🙂

In fairness, it is slightly dissappointing to get a shell and have no user.txt

I'm patching everything next time

Adding a ticket system where you request shells

Well played though. I was in pain for the second half of that

Would be great if you could pull that off without interference

Inb4 there's a vuln in your ticket system tho

I'll make a deliberately vulnerable one. Just patch all the box vulns and run my own ctf

Most of me is joking about this, but there's part of me that is really tempted....

whoever made carnage.... wow

Is it good? I’m hoping to find it tomorrow to give it a go

well i have bashed my face against my laptop for the past hour so....

Ah wow then... damn.

If i weren’t already in bed I’d boot my laptop and VM and give it a crack.

Anyone playing koth or planning to stream in KOTH-STREAM?

I might play a game later on

i hope to get another go at Carnage tomorrow

it's allowed to change the ssh creds ?

it is

how should we know it then ?

as long as the service can be used by a user, its fine. so no shutting services down, but password changing, or taking malicious code out is fine

hmm

the vulnerability is disclosed credentials/easy to crack creds. therefore to patch you change the password no?

the creds stored in the mysql , and it's still the old one i used but no longer work

ok so someone changed the creds so you cant get in that way - thats allowed. you just need to find another way in, or see if they set the password to something brute forceable (liekly not though)

Okay !

sucky! but yeahh

good luck!

anyone wanna play carnage? starts in 5mins

https://tryhackme.com/games/koth/join/652b1a6a60124321fa31ecfa

damn misse dit

still open @livid ginkgo

okay coming

joined 🙂

Darkbandit...

Can I have the spectator link?

@icy cave

https://tryhackme.com/games/koth/3529

im failing miserably

Oh lol, I thought many peeps are in game

are you on th ebox?

im not lol

nope

Actually m just too lazy rn to get up from bed and turn the sys on. Wanted to do this. Ah

man this is tough

https://tryhackme.com/games/koth/join/24b4f83adcde60ac34363b36

another game starting in 2 mins

Starting in 10 mins: https://tryhackme.com/games/koth/join/cb30d85acceab01413a29b52

I jumped in and saw two 0x9 and noped tf out

Meh, i'm 0x9 but wouldnt consider myself as good at all

koth is a whole different ballgame 🙂

You might surprise yourself @frosty bolt !

I've lost to people with lower ranks

Ranks dont have to say anything

https://tryhackme.com/games/koth/join/37cfa96c215071986623622f

😄

don't worry im preety sure you can win me cuz im noob..

@unkempt pagoda Are you still playing?

Uh yeah im in that game i posted

@unkempt pagoda Is that 3532?

3533

@livid ginkgo GG.

it was indeed!

carnage is tough!

People just resetting the box once you patch one of the vulns 🙂

Public game starting in 18 minutes if anyone is interested https://tryhackme.com/games/koth/join/bfae10d4bf08db8cfa8dc60c

i'm in!

Did someone really delete the ls binary? ohno

more binaries are gone ...

all of them are gone lmao

oof

looks like you win

i feel like someone did a cheeky rm -rf /

the only folders left are /dev, /proc, /root, /run and /sys

that's pretty nasty

i voted for a reset

yeah me too

Report em

yeah, will do

a reset isn't in your best interest though. you're king atm

true, but i dont wanna win like this

i play dirty, but not this dirty

Pretty sure THM stops awarding points if the king service is broken

the koth service still seems in tact

it's still reading the king.txt file fine and awarding points, yikes

pretty sure the koth service lives in the /sys folder, so yeah

well that was the shortest koth i've ever played

Yeah, this machine is quite easy to be fair

true. this is my first time playing it and got root in < 5 minutes

and it has a nice surprise that kills your session 🙂

Does that binary really kill your session?

For me it never does, it just prints the cheesy strat text on wall but my session remains

it's not a binary. it's a simple shell script

ah, shame i cant look at it now 😂

hope someone else hits reset so we can continue

nah, it's part of the machine

i have

me too

it's 3/4 atm

tho from the looks of it half of the game never even touched the machine anyway

Well that guy 'patched' the machine

Yeah i did

Reset is on 4/5 now, yikes

Ssh is running but im getting kicked

probably because it can't put you in the correct folder

these are the only things left on the machine atm

There is a mail address you can report him

Yeah I'm aware, I've done that

Ah good

I feel like I made the dude ragequit or smth, lmao

20m until go time 🙂 https://tryhackme.com/games/koth/join/7f936d8a6d2cb075a6b0ceb1

reset ?

once again ?

lol @exotic quiver man ur /dev/pts/5 right?

maybe

oh ffs

someone's spamming me with /dev/urandom, big oof

XD someone's broadcasting messages to my shell 😕

lol gg wid u guys

gg boys

I was actually doing /dev/urandom on you duco

xD

you did really great tho

btw now everyone knows it once john hammond used it

xD

it's pretty crazy

pretty easy to escape too

When the machines have been around for a while it's pretty much just a game of cat and mouse really, I usually just upload a chattr binary and hide it somewhere with a name that fits with the folder contents

Would be nice if things such as passwords, ssh keys etc could be randomised per reset

do you mind sharing the chattr binary ?

😄

lookup busybox binaries

ohh

thanks

if not theres some in #resources

@exotic quiver thats a feature being worked on ^-^

Ah nice

Just posted it in #544951750801752079, but good to know it's being worked on. I'm sure that will make things more fun 🙂

agreed, password and flag randomization is probably the easiest of the set (for Linux anyways)

just head /dev/urandom for 16 lines then md5sum it

Yeah I reckon it'd be a little harder with Windows, but probably doable nonetheless

dynamic ssh keygen shouldn't be too much of an issue either, it's just creating & testing the scripts

The flag randomisation has to be implemented on the backend

Dan has a PoC, skidy needs to do it

yeah, the scripts are made already

they were made like 3 weeks ago

is patching vulnerabilities like removing the vulnerable code in a web server or removing suid binaries allowed?

@worldly igloo Have you read the rules?

yeah

I recommend reading the rules

They will answer that question

well, i just wanted to know what includes in "patching vulnerabilities"

Patching the vulnerabilities is included.

The rules tell you what you're not allowed to do.

you can remove suid binaries, or patch the machine in other ways. You can't firewall the machine or make it unavailable in any other way.

the rules are pretty clear on that

yeah

Thanks :D

@worldly igloo Just remove the suid bit tho

okay

is there any prob i get a 404 cannot join public games

yeah, the site is being sucky

lol y now xD

https://tryhackme.com/games/koth/3548 Am I so good or the others so bad?

The site is having trouble

Yeah, TryHackme is having trouble

Yea it's having some troubles 😐

https://tryhackme.com/games/koth/3548 Am I so good or the others so bad?
@teal field I felt like they were inactive

is koth down ?

THM is

okay

How do you actually get a role on THM

You can sync your on site profile

@quiet schooner actually THM is working, KOTH is the only thing which is not working on my side

You can get a discord token from your profile @teal field

@quiet schooner actually THM is working, KOTH is the only thing which is not working on my side
is it because site is cached on the server side ?

No idea

They're fixing stuff

cool, let's hope for a new KOTH box

Site doesn't go down for that

cool, let's hope for a new KOTH box
@slate crow Carnage is already out

@livid ginkgo but where

on your profile? ^

@teal field On your profile on the site

Then DM it to the bot like !verify yourTokenGoesHere

https://www.tryhackme.com/profile

in Other tab you can find your discord token

I have it. Where can I verify it?

Then DM it to the bot like !verify yourTokenGoesHere
@quiet schooner

let me know when KOTH is back pls

its back @slate crow

it's still giving me 404

working fine for me

I think im to silly

yeah, might take a while to update for me

Will it be up by today i meam koth?

@teal field https://docs.tryhackme.com/docs/discord/verify/

yeah, prob. within 5 mins

will be up

@final nest @slate crow Some games will be broken

it happens sometimes

what do you mean by some games ?

So how long will it take for you guys to fully fix em

@final nest Mods aren't the site creators

@slate crow /game/number

https://tryhackme.com/games/koth/3548

Like that

Yea it breaks for me

I can view it tho

Lol i can view too sry

But joining a public game gives me 404

@lusty portal If you can, the current active public game doesn't exist

Last active game id was 3554

yeah, new public games are broken

all of them redirect to 404

Now I have verify my token, but in my profile is no difference

i think 3555 must be broken it may be automatically fixed within those 25 minutes waiting time or if an admin can just skip that game smh

Now I have verify my token, but in my profile is no difference
@teal field Where can i set my roll up

It says you are 0x06

ok . thanks

New games are fixed,I found the issue, will fix when I'm home tomorrow. Sorry about that:)

Public game:

Whats the id?

ok joining public is fine now.

Yeah, there will have been a short delay in that working.

Yeah, it works now

@stiff egret nah too tired to boot up my vm

lmao

That 404 icon looks oddly familiar 😁

Public game still doesn't work

still redirecting me to 404

I can not join the game?!

ok it bugged out again..

https://tryhackme.com/games/koth/join/541265a6a73c3310488d0364 will anyone play

would be coool

🙂

will someone join koth1

sure

what was that command agian to stop /dev/urandom from messing up your terminal?

mesg n

to make ur pty read-only

hm, that doesn't work if someone is already messing with you, though

yeah saw that in john's video. it messes up the stdin i guess

that reminds me to turn off the terminal bell

dripdripdripdripdripdripdripdripdrip

tyler retired?

^^??

@lusty portal tyler gone

Ooh so that wasn't intentional

Skidy didn't tell anyone if it was

Spacejam should be retired if any get retired IMO

ah true

No, the machine pool table list just shows 10 at a time:)

Oh ok...

@lusty portal Probably best to fix it then, if Tyler is still in there. Maybe a scroll bar or something?

https://tryhackme.com/games/koth/join/ccbbebab6e6dca017a8511c4

I got king finally lol

even if it was for two minutes

@rancid pewter did you remove everything?😆

I didnt remove anything

Just messing up with people shell

hahahaha

What ?

There a bunch of way to bypass it and you can easily do 200 points to get your shell back

@chrome pumice It's a DoS on your shell, not on the box or a service on the box.

Hey GG @rancid pewter

GG

did anyone use the port 3000 script?