Yay Canadians
#koth
terse willow
DM the bot
lone gorge
@terse willow thanks
grand ember
@fair adder yeah
terse willow
There should be a Discord token on your profile page
Send the bot !verify token
Using your token instead of "token"
fair adder
Anyone want to play carnage ?
grand ember
yeah
icy cave
yeah im up for it.. still havent found a way in on port 80
grand ember
@fair adder we'll be playing it soon with elf and badtaste
fair adder
Ok Iβd like to poke at it if yβall need a player
grand ember
sure
fair adder
okay
grand ember
@fair adder @fair adder @wild needle i'll dm you the invite link if you're all ok with that :)
fair adder
im ok with that π
grand ember
the game starts in 15 minutes
fair adder
Yup
wild needle
@grand ember yep
quiet schooner
Reverify with the bot
wild needle
i go voice chat @fair adder @grand ember
fair adder
me no mic lol
maybe tonight i will talk in like a few hours
wall "John Hammond I am coming for you"
let me connect to the VPN first
wall "cj folow tha damn train"
how do i level up ? just complete more rooms?
win KOTH?
terse willow
@fair adder Get points in rooms
fair adder
Elf, you find that illusive KOTH yet?
fair adder
Dang I am in rabbit hole on carnage
wiz... send me an invite in your game
glad to help gently nudge you
nova tide
I'll make a game in a sec
@grand ember so you subbed anyway π
grand ember
subbed again today
nova tide
β€οΈ
grand ember
just got my allowance 
fair adder
someone my friends DM me about tyler please
nova tide
@fair adder what you want to know?
nova tide
umm why?
nova tide
echo "Naughty" > king.txt
fair adder
contents are correct
nova tide
cat king.txt ?
fair adder
wizkid
nova tide
is your name same on THM as well?
fair adder
yup
fair adder
nova tide
check now it should be working..
echo wizkid > king.txt
@fair adder you missed thm in your name there ^
Its case sensitive as well
nova tide
try going to <Tyler IP>:9999 what it shows there?
if it contains your name you will start getting points
grand ember
so the king.txt should exist, if you had to create it either someone deleted it or you're doing omething wrong
fair adder
im the only one on the box
nova tide
if its blank page that means your name isnt in king.txt
gusty cradle
nova tide
THM needs a theme song like offsec
@fair adder #544951750801752079 π
fair adder
nova tide
Imagine Dark BeatBoxing 
fair adder
THM is the place to be
ippsec and hammond all be
thm for life
super nintendo - sega genesis - i could never imagine a platform like this
15 mins
lone gorge
holly man the top of the leaderboard is here @fair adder ahahah
grand ember
lone gorge
@grand ember dude go easy on us
grand ember
dw, probably won't get too far if this isn't carnage
lone gorge
btw it is a big success, you are doing a lot in your 17's
lone gorge
tf is that
grand ember
nah
i'm doing recon for future games rn
so no really agressive plays except for killing shells from time to time
fair adder
aa pls no π¦
grand ember
was it you who got a pasta shell?
grand ember
you can still get in as pasta
fair adder
just created bread
fair adder
lol don't destroy shell
grand ember
fair adder
bruh he keeps killing it π
lone gorge
that was rude
grand ember
lone gorge
changing the pass
grand ember
I didn't
quiet schooner
Basic defence
grand ember
i'm jsut sitting as root looking through the files
ninja got me out of my terminal to look at discord so i got back to killing shells
lone gorge
you are not human lol
fair adder
Wowowo gj you just crashed my pc
lone gorge
no way you can think that fast there are two ways 1 you are not human 2 you did this room 10023039845984 times
grand ember
i did it literally once
quiet schooner
Have you rooted hackers yet?
lone gorge
I am new on koth
fair adder
@quiet schooner havent played it last time got 4 flags
grand ember
I haven't got a single flag out of hacker sso far
fair adder
@grand ember wow you wrecked my pc
fair adder
LOL
Im legit gonna continue from phone and change my pc to old one cuz this one is tilting me 2 much SMH
fair adder
Killing your shell = false Lol
lone gorge
@grand ember good luck findin all ahahaha
grand ember
flags?
lone gorge
yeah
grand ember
did you delete one of them? 
gusty cradle
Flags for Food are easy π
fair adder
Removing and moving flags is not okay @lone gorge
lone gorge
@grand ember bro I disconnected
fair adder
And thats rule breaking
grand ember
fair adder
I got 3 before szymex crashed my pc...
gusty cradle
I have all the flags for Food stored π
grand ember
@gusty cradle i just save paths for flags
grand ember
7/8 flags 
lone gorge
go ahead
gusty cradle
The last flag is a pain to find π
grand ember
grep is taking it's sweet time
lone gorge
can't we finish the room earlier aahhaa
lone gorge
bro as I say cats are alien
lone gorge
and you are the prove of it π
grand ember
@gusty cradle which one was supposed to be the hard one
gusty cradle
It's a little more difficult than the others, through grep does wonders π
lone gorge
we are in Koth-1
grand ember
grep did its magic in seconds when i used it on dirs and not on /
sonic atlas
what box was that?
nova tide
Carnage i think
fossil jackal
xD
last ether
No it was Shrek I think
severe orchid
koth? start in 13min https://tryhackme.com/games/koth/join/00d532da882d82a82f91ac4b
nova tide
why the box is sooooooo slow?
cant even ping it
I have no clue whats going on in this game ^^^^
toooooooo slooooow
severe orchid
lol
nova tide
33 packets transmitted, 0 received, 100% packet loss, time 32776ms
@severe orchid you doing something?
nova tide
is there supposed to be only one flag in the fortune machine?
@severe orchid there are 8
nova tide
btw did you deleted all website data?
severe orchid
no
nova tide
i have no fokin clue whats wrong
after every 10-15 seconds i cant access the box
404 page on site
yeah someone broke it
see your king time is not increasing either
i am in machine and its not even changing king
...
severe orchid
nvm
nova tide
....
can you ping the machine @severe orchid
?
29 packets transmitted, 0 received, 100% packet loss, time 28661ms
@severe orchid can you vote reset? box is broken.. as its not even changing the king for half an hour
welp the box is broken.. peace out
idk who did this though ^ Well not like anyone gonna check it anyways
severe orchid
why is my king time not increasing?
nova tide
Well only you and i were in the machine. so one of us must have broken the machine and i am pretty sure thats not me
severe orchid
hi, is the fi** up***d the right path on carnage?
random silo
whole path
https://tryhackme.com/games/koth/join/36c29d7cdf7e05222f0ad3f2
Koth if any of yall are up for it
starts in 5
severe orchid
rooted in 5
nova tide
π
fair adder
eh you will wreck me
nova tide
Only if its food π
quiet schooner
@nova tide who
quiet schooner
@nova tide no, who is a command
nova tide
tty?
nova tide
to check your pts is tty, with who i can check others
quiet schooner
nova tide
π
fair adder
Aaah Nice Try Naughty Boi, Next TIme :P @nova tide fixed it?
nova tide
umm Maybe? π
nova tide
Well i only know 2 ways in.. If you can find other possible ways you can easily get in
fair adder
i can't im legit angry trying to fix gobuster..
grand ember
what are you doing with gobuster elf?
tardy gull
anyone for public room?
icy cave
so i finally managed to extract the wordlist from hackers... if anyone else has, feel free to dm.. my method was very messy and gross..
nova tide
wut? O.o
icy cave
on reset no .16 and it takes roughly 10secs to get passwd
nova tide
^
I would like to know the conclusion if he found the wordlist or not ^^
if its possible imma start working on that too
quiet schooner
@nova tide Found one of several
nova tide
ohkkk
well its better to start finding the way for root shell instead of wordlist
@tardy gull @latent crest when you cant get in you dont have to reset the box as its already working, not broken just patched
tardy gull
oof
nova tide
autopwn scripts not cool mate
@tardy gull there are machines that can be rooted under a minute
although it took me 2 to add my name in king π
latent crest
@nova tide I get into wordpess Dashbord....am I in the right path ?
nova tide
yeah ^
latent crest
I don't understand what I do in the Dashbord can I ask for any hint or something like that ?
Should I use a PHP reverse shell from Pentest Monkey ?
nova tide
Most likely you are supposed to find where you can add your own commands.. and get a reverse shell from there
latent crest
thanks man !
quiet schooner
It's a fairly standard wordpress thing
jovial field
hey am I on the right way with ftp bruteforce (with rockyou.txt)?
jovial moat
autopwn scripts not cool mate
@tardy gull Meh, autopwn isn't a problem - it just means that the box makers need to try harder to make them not work with OOTB tools. Same as port scanning was harder before nmap etc.
quiet schooner
@jovial moat No, that's wrong
Autopwn scripts are banned, explcitly
They do have to be tailored to the box.
jovial moat
meh
quiet schooner
They'll earn you a KoTH ban.
jovial moat
The rarest badge on the platform.
short tusk
Not really
teal field
Man I joined this game 20 Min after start and no other one has voted for reset π
lone gorge
go go go
terse topaz
Heck yeah I am root π easy
stable horizon
Ah my worst enemy
socket.error: [Errno 111] Connection refused
darnit i forgot to start the listener again ._.
lone gorge
well just do not screw my pc too π
lone gorge
OKΔ° π
winged charm
he said he was going to damn liar
grand ember
:C
grand ember
:3
mellow bough
I'm also wrapping up RP: Burp
stable horizon
did i win yet
grand ember
yikes, didn't get my ssh key in
stable horizon
grand ember
@lone gorge I might actually win this if I don't let you in anymore
lone gorge
π’ please don't kick me
lone gorge
you got it π
grand ember
you kicked me from the limited shell? lmao
lone gorge
π sorry I had to otherwise you would beat me up
lone gorge
bro you won again you are an aliennnn
grand ember
lone gorge
don't waste your time here tell us how to get to different universes π
grand ember
it's only possible if you're a cat
lone gorge
π
grand ember
I think you might actually win
if i can count in the end i'll have around 450 points
and you have 510
lone gorge
yeah if you don't find other flags π
grand ember
there are only 4
lone gorge
REALLY ??
grand ember
yeah
lone gorge
omg I can not believe I did it
I will ss this bro that's historical to me after the things you have done yesterday
grand ember
naaah, i didn't do much yesterday
grand ember
limited root shell was open
and skidy's backdoor was open
i made a revshell file from skidy because it doesn't have the limits
and executed it from the root shell
i see you in ftp lol
lone gorge
ahaha just lookin around
lone gorge
well how did you send and execute the reverse shell
terse topaz
hey Nighty remember me from that koth earlier
grand ember
so you connect to the skidy backdoor and print lines to a file with a short path like /tmp/a
lone gorge
@terse topaz what is your thm name ?
terse topaz
Tasaddar
grand ember
then chmod +x it from skidy
and from the limited root shell you just run /tmp/a
and it runs
lone gorge
@terse topaz your rank is god ?
terse topaz
no I was rank 4 I just ranked up to 5
lone gorge
hah okay yeah I guess I do
terse topaz
lol yall done reset the machine while I was getting food
terse topaz
lol I got root very fast
terse topaz
how do you become labeled as a bug hunter?
grand ember
find 3+ critical bugs on the site
terse topaz
lol
lone gorge
sleep man π
cunning ledge
hii
lavish mantle
the hackers machine is a tough one for me, not alot going on on the web side, cant find known exploits that work etheir, not sure if someone patch it already
raw bear
@lavish mantle on hackers, web has a thing going for it... there is a basic way that I used to get into the box that is just going through enumeration checklist... and idk if they are patched or not cuz I am not in game with u π
lavish mantle
yeah i searched for what i could, all i was able to find was one flag, and a "spoiler" that mentioned something about keeping pws secure
i couldn't find alot on the services versions etc to exploit
i did try all pws on all users, on all the services i found
raw bear
they are random, so it can be bottom of rockyou... just gotta wait it out...
also always doing more enumeration cant hurt
nova tide
so you connect to the skidy backdoor and print lines to a file with a short path like /tmp/a
@grand ember how did you print it in one single line? echo would take more letters, and i cant seem to figure out the way from cat(concatenate)
grand ember
@nova tide on 9001 you don't need to worry about line length, you set up the file 4here and run from the root one
nova tide
Oh, didnt thought about that..
grand ember
Also afaik you cannot output chars with cat, only files
tardy gull
gg
fair adder
Anyone want to play Tyler or carnage ?
burnt depot
@gleaming flint gg π
gleaming flint
gg
burnt depot
u get a user shell?
burnt depot
ah nice
gleaming flint
escalated privileges
gleaming flint
Nice, It was a awesome game
burnt depot
https://tryhackme.com/games/koth/join/51a754134df02737c5ad05b9 anyone want to play Production?
terse topaz
nah I already did production
lone gorge
letsgo babiii
burnt depot
whats it gonnna beeee
astral belfry
space jam?
burnt depot
ah shit.. the 1 windows box π Offline
lone gorge
guys cmon
I am bored
@burnt depot how did you get in as fed ahahaha
did you guys give up ?
burnt depot
you get the password right away
just a matter of guessing accts based on character names
i got a meterpreter shell on there finally
but then kept getting disconnected. i figured that was you π
grand ember
offline
grand ember
i literally tried to exec anything with zcron but it wasn't working 
fair adder
Are there any good write ups or THM rooms that help with KOTH defense ? How to maintain king, how to properly use chattr etc ?
full grove
theres so many easier ways to priv esc
terse topaz
just shut everything down xD
quiet schooner
@fair adder Find the privescs and entry points, patch them, remain king.
terse topaz
turn everything off change all passwords and sit there drinking a cup of tea laughing at everyone below you
lone gorge
@burnt depot I changed the password then kicked you you were user fed π
terse topaz
is another koth starting?
lone gorge
yuupppp
terse topaz
BET
hope it aint the windows machine because I have nearly no practice hacking a windows machine xD
lone gorge
I am good at windows machines π
terse topaz
oop whelp xD
fair adder
someone should live stream it
terse topaz
you can if ya join
lone gorge
@terse topaz you have 10/9 chance dont worry
fair adder
i dont know that much to participate in koth
terse topaz
I hope it aint one I already done or it will be boring
fair adder
could you maybe let me watch?
fair adder
thank you
lone gorge
15 minutes remaining
terse topaz
you adn your hacker rank xD
fair adder
0x2
terse topaz
that made me wanna die
my python kept failing
hey Nightly do you do hacking outside of THM
quiet schooner
@terse topaz Remember that killing services when you don't have to is banned
You can patch almost all the vulns
terse topaz
lol I know
If I really want I can grab my old scripts I had for securing a linux machine
wait is banning your IP from the machine banned xD
quiet schooner
Using scripts to harden the box is also banned
terse topaz
oof
fair adder
so for koth everyone is connected to the same box?
lone gorge
@terse topaz I just do it for fun in THM
terse topaz
oh lol
lone gorge
do not get baned bro π¬
terse topaz
lol
lone gorge
another warrior has joined
terse topaz
oooo they bigger than you in numbers
fair adder
my money is on nighty
fair adder
dont let me down
terse topaz
gotta admit I dont like this one because it is such an easy foothold.
fair adder
foothold meaning you can stay king easily?
terse topaz
can become king and stay easily
fair adder
ah
lone gorge
@terse topaz by saving how to do all the rooms or lookin wlakthroughs π
terse topaz
lol no this room is very straight forward. xD its too easy
lone gorge
yeah when you look at walkthrough one time and saving it π
terse topaz
I did not xD I did this one yesterday and I remember what I did from then. get into the machine in 2 steps. then root in another 2
then patch that vulnerability xD
hmm though tell you what I dont like how this machine also keeps a log file and appends your Virtual IP address to it lol.
terse topaz
unfortunately I dont rank up from doing these though
terse topaz
nice
leaden spoke
is dmc3 in the chat?
burnt depot
ya but appears offline
they did great last game heh
twice as many as everyone else
leaden spoke
Ya, he did
I was using the the file upload, but I moved to the HR login. I found a few users that worked. I was hoping for a use for the cookies or something, but couldnt get it to work.
nova tide
which box?
grand ember
B)
burnt depot
the resume upload, i'm not sure... but i got the other one
nova tide
imma start working on LFI/RCE stuff before i attempt that room again
leaden spoke
other what?
leaden spoke
oh, the docs one
nova tide
There are multiple upload forms π
burnt depot
grand ember
i need to get a script for automating 80 and a creds grabber for 81 as i don't like to save stuff and get privesc for bobba
@burnt depot random or a specific one?
leaden spoke
I cant get past duku
burnt depot
carnage
nova tide
lemme boot up my vm
leaden spoke
lets go!
grand ember
damn it already started
leaden spoke
@grand ember you are just shooting off π
fair adder
can someone send me the link to spectate
leaden spoke
leaden spoke
wait, you did or did someone else
grand ember
i did lmao
you can get in as yoda but no privesc
if you somehow manage to get in as bobba/duku you can privesc
i am yet to patch this
fair adder
Jeez, 7 flags. Thatβs the most Iβve seen someone get so far
grand ember
you can get 2/3 flags easily rn
leaden spoke
how did you get in as yoda? I have been stuck at duku for the last 5 games
nova tide
Feels good xD
grand ember
patched duku B)
leaden spoke
I see that
grand ember
ok, i reverted bobba's password
if you can privesc via that then congratz
cuz i don't know how yet
leaden spoke
I see home/yoda/link
leaden spoke
@burnt depot did you figure out how to get to yoda or bobba?
burnt depot
not directly... only cuz i got to the filesystem
duku was the easiest way in for me so far π
leaden spoke
same
leaden spoke
what was it?
grand ember
π
leaden spoke
lol
grand ember
this is so duuuuumb
meaning i am dumb
but i couldn't know until i got a binary on the box
leaden spoke
grand ember
found a nice place with precompiled static binaries
burnt depot
did you block the privesc path u took?
grand ember
from duku? yes
yoda also patched
only way in is via bobba
but i think i know how to patch that
ok patched
crisp bane
fair adder
nice
nova tide
ok patched
Angry noot noises
nova tide
Nighty != Naughty
lone gorge
shttt
lone gorge
Ik
grand ember
and my vpn doesn't want to connect
lone gorge
you always bored
nova tide
i'm bored
@grand ember rooted hackers yet?
grand ember
didn't get any chance so far
lone gorge
last time tho π
nova tide
I wanna find that insta root that James always brags about π
grand ember
well, i did get a chance but didn't root it lol
lone gorge
@grand ember don't get nasty boi
nova tide
https://tryhackme.com/games/koth/join/44e7b83a21311b9d917e8b22
@lone gorge which room
Box*
lone gorge
@nova tide IDK yet
lone gorge
download it back bro
grand ember
i'm doing it rn
nova tide
come onnnnnn, my ovpn file is expired or smth
Reinstall windows, worked for me
grand ember
imagine using windows
the key is missing the certificate+private key when I compare it with a key from my alt
lone gorge
they say anonymous is back because of that cop and also my friends instas got hacked
grand ember
ugh, i'll need to work off a regular server for this game
I'll miss my old IP 
fortune
never touched it
nova tide
GG
grand ember
VIP server?
nova tide
yea
grand ember
can you reconnect?
nova tide
Regular one is working fine for me.
grand ember
yeah
lone gorge
anyone can connect ?
nova tide
to what?
lone gorge
ssh
nova tide
umm i am in through ssh
wait? why reset?
ok i am literally not getting why are you even resetting the box?
and why 2 votes at once?
fair adder
Can you send me the spectate link
nova tide
lone gorge
spare scroll
is it allowed to change sudo rights?
gusty cradle
Yes, you're allowed.
spare scroll
okay great
gusty cradle
Yes, you're allowed to kill shells
fair adder
Yay
distant zealot
stable horizon
distant zealot
go in koth-1 voice
fair adder
@jovial field come to my game there is more ppl
fair adder
i just did read the above
exotic quiver
@fair adder inb4 production again
exotic quiver
ah k
fair adder
jovial field
ok im in
fair adder
@exotic quiver putting it into gif?
exotic quiver
first extension that came to mind, just trying stuff atm
fair adder
did it work ...
tardy gull
did someone just kill ssh in our box lmao
distant zealot
who killed ssh
exotic quiver
lmk in DMs if you wanna know how i got it done @fair adder
fair adder
okay
distant zealot
i donno
tardy gull
F
fair adder
Yeah the others left
tardy gull
anyone know what you're supposed to do with the overly limited shell?
quiet schooner
Find a way to make it less limited
fair adder
Yes lmao
jovial field
@fair adder how do you both come into the machine
fair adder
im in bed lol
jovial field
Me too
terse topaz
Is there any like beginner stuff for exploiting code?
fair adder
https://tryhackme.com/games/koth/join/1f530db3f83e44cd9b78c990 if you wanna join
peak steppe
Nice tactic, man
hollow spoke
anyone can point me in the right directon for /backdoor login page hackers koth machine ? for root@kali:~/thm# hydra -l production -P /usr/share/wordlists/rockyou.txt hackers_ip http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V
Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes., do i need to use hydra to solve this part?
nova tide
i dont want to spoil much for you but you can use hydra with the right users/password file used to brute force.
nova tide
https://tryhackme.com/games/koth/ @hoary vortex
delicate vine
King Of The Hill = koth
hoary vortex
oh
hollow spoke
Thanks @nova tide i Will look if i can find the right hydra command
fair adder
https://tryhackme.com/games/koth/join/392cb49b0bb447db0680c4f4 come for a fun game
spare scroll
carnage is pretty okay, i learned much from it
harsh obsidian
Starting in two minutes: https://tryhackme.com/games/koth/join/5dc62bb22bbfbcaf2b06caa3
harsh obsidian
Has anyone got all eight flags on Fortune? I've got seven but am stuck on the final....
stable horizon
sh-4.2# passwd shifu
passwd: Only root can specify a user name.
sh-4.2# whoami
root
Starts in 24 minutes: https://tryhackme.com/games/koth/join/60d8a34479095fd8a568acf6
harsh obsidian
@fair adder gg. i can see with netstat that you're on the box, but for the life of me, i can't figure out how. well done.
fair adder
@quiet schooner James, did my boy give you some juicy details in that private DM? @icy cave is on a mission to reverse your box. we spent DAYS looking at that thing
quiet schooner
That was days ago
fair adder
i been dealing with them riots.. busy bro
quiet schooner
They also used the literal worst way to reverse it
fair adder
thats part of the fun though. CTFs(in this case KOTH) have a path... but the cool thing is finding other thigs that the creator didn't necessarily want/expect
fair adder
sure... and he and i have been working it. but damn if that box didn't piss us off (i know i specifically sent you some PMs about my processes) i am sure i am not the only one ... All said... BRO good box, hell good box to all the KOTH creaters
quiet schooner
More CTFs coming.
fair adder
@quiet schooner any chance that ther ecould be a blue /red on a multi box ...ala... more RL than just 199whatever hackers intro hacking scene ---- for a box?
fair adder
instead of just 10 KOTH, 5 v 5 teams?
on a small cluster of comps
defend a few vulns on a cluster
teams can be interesting
grand ember
maybe soonβ’
fair adder
β’
i know that KOTH is in beta. and its honestly pretty f-ing cool ... good job for it.
@quiet schooner quick pm?
quiet schooner
It's 3am
fair adder
really really afast?
like just 2 lines?
only cuz your a box creator and @neon sleet isn't (as far as i know
take that as a yes....
neon sleet
β€οΈ
quiet schooner
@fair adder just wait like, 8 hours?
fair adder
i sent, and i am sorry and i know and yes... my wrist is slapped
that is so that others know not for you necessairly
-_-
shameless plug for those who are curious... these dudes(ladies) do some work...
https://tryhackme.com/faq
harsh obsidian
15 minutes to go: https://tryhackme.com/games/koth/join/09633f290d85971d1abdd880
last ether
Good game @harsh obsidian
harsh obsidian
gg!
fair adder
S
nova tide
quiet schooner
@nova tide meant that doesn't mean you can't strategically abuse it
nova tide
well its a 10/10 game and going to be reset 2nd time.. 4/5 votes
GG to whoever got root
GL as well
nova tide
GG all
nova tide
@fair adder try harder π
nova tide
4571 you lost in Tyler against Kaz_N3mz3r(DarkBandit)
nova tide
imma play some sixsiege
last ether
4571 you lost in Tyler against Kaz_N3mz3r(DarkBandit)
@nova tide
We got some intense spectating going on hereπ
brittle flicker
Man, I hope koth is doing alright. Has anyone heard from him?
stiff egret
ETA? @autumn iron
autumn iron
i didnt get you
stiff egret
I meant = how much time remaining to start?
autumn iron
8mins
stiff egret
oh boi, gonna be fun
autumn iron
yeah
autumn iron
no idea
autumn iron
@last ether is damn faast bro
last ether
π
stiff egret
π
stiff egret
dude you blew up wget
stiff egret
same
autumn iron
and me as a noob having no idea after submitting the single flag!
last ether
π
autumn iron
that was fun π
nova tide
Thats always my move
@last ether well i did that today against you as well. Could have done something about netcat as well
stiff egret
πππ
nova tide
Once i used chmod 600 chmod as root and couldn't figure out how to undo that
You forgot scp though broπ
@last ether well that was after two resets, sooo
last ether
I was not in the game for the first reset bro
By the time I joined, you had already patched everythingπ
So I took advantage of the reset buttonπ
stable horizon
not really
lone gorge
bro we tried this room 3 times and couldn't get any results π
grand ember
which room?
fair adder
@grand ember hackers
lone gorge
@grand ember hackers bro do u know how to do it ?
grand ember
nope
lone gorge
@rancid pewter brooo how did you get in
rancid pewter
Brute Force
lone gorge
thats capp bro I been trying bruteforce for 3 days π
stable horizon
._.
fair adder
whoever got into hackers i really want to know how i've tried everything xD
rancid pewter
Hey
fair adder
did u do it?
lone gorge
koth machine panda ????
machine does not start I guess
we reseted it several times but still
grand ember
maybe it's just being sneaky π
grand ember
nah, you just didn't re-verify
you need to re-verify with the bot to update roles here
grand ember
π
autumn iron
done its upgraded
nova tide
Naughty > Nighty
autumn iron
password changed! nice move
lone gorge
@nova tide if Nighty == 'ingame':
Naughty=False
print('don't even go there')
nova tide
(-:
lone gorge
@autumn iron bro I made a user for u to get in username shark password is shark
@autumn iron how you liked the place π
lone gorge
π I left a file you to read π
autumn iron
haha go ahead!
lone gorge
OWNED by NIGHTY
nova tide
Kral4 is your second account,right? Nighty
outer bone
hi
fair adder
whoever is on lion rn fck off for disabling the only vulnerability
quiet schooner
That's allowed, and there will be several vulns.
fair adder
didn't find any other
terse willow
That's on you. There are at least four vulnerabilities per box, and at least four privescs.
One or two boxes have less, but that's the guide we follow when building them.
If you can only find one, that's your problem.
fair adder
s
cobalt jackal
so someone is salty or so it seems, someone's ddosing the box
quiet schooner
If you find out who it is, report them
cobalt jackal
it's ok, I reset the box
burnt depot
@mellow crag gg
mellow crag
@burnt depot nice work mate, was meant to be a private game, so didn't patch up behind me and then couldn't get back in haha, well done
trim bloom
Is "hacker" box possible? we have tried several times and only get 10 points haha. I just want to make sure it is not broken π
stable horizon
It's always possible, but yes
trim bloom
"try harder" then. Thank you π
quiet schooner
@trim bloom hackers is designed to be hard.
mint cargo
There was one guy that asked a lot of questions regarding rules.. I don't see him here anymore.. i think it was nsa or something
nova tide
There was one guy that asked a lot of questions regarding rules.. I don't see him here anymore.. i think it was nsa or something
@mint cargo Yeah he was NSA.
fair adder
i thought his ban got unbanned
brazen cloud
His site ban has been, yes
haughty salmon
fair adder
i finally figured out i think the last path in with @icy cave this morning. Now to find the last privesc.
teal field
Do anyone now how to use magic bytes to encode php as png or jpeg
radiant raft
Check in internet
teal field
I had
terse willow
@teal field I've got a room coming out on this soon π
steep raptor
@teal field you can do it with echo and base64
teal field
Thanks, but I had found a way
exiftool -Comment='<?php system($_REQUEST['cmd']); ?>' test.png
lone gorge
broooo @teal field how many times you have done this room
lone gorge
yeah I know I have uploaded my rv shells
but you got in so freaking fast
I didn't see your files as well
teal field
but I haven't made any notes
lone gorge
how did you get in without uploading any files
teal field
I had uploaded a reverse shell
thats my one shell.gif.php
I have not changed the machine and am now going offline, so good luck
lone gorge
problem is servers are bad rn
hollow portal
gg @radiant raft
fair adder
@fair adder those pesky creators cant make them too easy can they?
I cry on the inside when these things come out and feel sheepish after the ahah moment happens.
terse willow
You do not want to know some of the stuff we have planned...
fair adder
I have told James that i love and hate him for his KOTH boxes (and more recently about wonderland). Creators... great job to you all. i disticntly remember sending a message to one saying "i hate you, i hate your box... but damn was that fun and frustrating when i finally got through it)
brazen cloud
Good job on sticking on with it (:
visual geyser
wary oxide
I try "advent on cyber" but when i deploy machine for first challenge, i cant enter to website.
i put ip adress of machine in firefox and i got "unable to connect"
but i can ping from terminal
ok now its works
just need to waint some time lol
quiet schooner
@wary oxide This is the KoTH channel.
fair adder
Hi there.
stable horizon
π
stable horizon
Not when it's like, really really easy
sonic atlas
not 44 seconds easy