#koth

@boreal flare you did the box before 😠
@vocal shell yess😅

you didn't learn anything then 😠

yeah man..

thats sad

~~kali-undercover ~~

sad!

lol

ok will be back in 15

just jokes

kk be safe

https://tryhackme.com/games/koth/9828 the next one (in 23 minutes for anyone who wants to join)

or if you're a subscriber drop a game that'll boot faster :))

People can't join this game, even if they want to. This is a spectate link

how can i fix it

Post the invite link

https://tryhackme.com/games/koth/join/656f1b97c05f97a68a95bdf7

got it

awww noooo naughty's in the koth 👀

gonna go out with friends to eat something

take care

@vocal shell koth?

can't rn maybe tomorrow if i'm free

thank you!

ok sure..!

!rank

Someone to play koth?

Post the invite link, I might join :)

Okay

https://tryhackme.com/games/koth/join/25d6bc2829146582ba0851a8

anyone to join ??

starts in 20 minutes

!rank Psi.505

!rank

!rank

Anyone wanna pwn a noob in 30ish mins?

Why everyone is spamming bot commands in #koth but not in #bot-commands ??

can't come up with a witty quote

“One can never have enough socks.” -Albus Dumbledore

Headmaster to rescue.

starting in 1 min, join 😄

https://tryhackme.com/games/koth/join/d7d5824b766508ce3ba4dc34

ggs, did anyone esc from production user?

Join! :D
https://tryhackme.com/games/koth/9844

https://tryhackme.com/games/koth/join/5a2bc4df9c405ef3584cc96d

if anyone wants to join

is it just me

or the ip doesnt work?

nvm

its laggy af for me

now its frozen and i cant ping it

ha dont worry it lagged a bit for me to in the begging

no i mean it works

for 5 minutes

and then it gets frozen

over and over again like that

gg guys

https://tryhackme.com/games/koth/join/69e5dfb3b4c8d94c677f5efa

24 min

H

waddup

Yo, anybody here want to koth??

i will make private

there's a public going on

starting in 10 mins

im down for da koth 😎

Here with you Augustus

Nice :))

gonna give it the college try ha

What's that mean

just try and make some points no guarantees

my vpn isnt connecting 😝

hah good start!

bruh 😢

are you root yet

haha

brotha I wish

my ethernet is down

idek how

hmm ifconfig eth0 down than up

any luck?

nope

im in grub loader rn

ohh your image is messed up..

yeah

booting now

it does that

sometimes

dang

logging in 😠

still same issue damn

ethernet device not managed

thats crazy bud are you in vmware or virtualbox?

vmware fusion

this has happened to me before

damn and I'm stuck over here lol

FIXED IT

nice!

downloading a new vpn

you got this

just root it before me

😎

nice you must have figured how to to turn in that flag

lol

gotta figure out this wp and cant lol

hhh

ahh

how's it going

not great lol

wpscan borking

if you wanna stick around after an possibly go over this I'd appericate it

of course

what are you doing rn

tomcat

how far along are you

basically passwords ruined this for me

how come

because i changed them >:)?

you could have

haha

which users did you try

for which wp or tomcat?

either

shot you a dm

can someone start a private koth so it can start faster?

https://tryhackme.com/games/koth/join/a1ffdcb2b6c3b6d4f2e17d52

public for now

Ok I can't sleep now. Time to play some koth then 🤷‍♂️

how do i upgrade da shell

what the fawk

@nova tide

i'm like in but i can't upgrade

my shell

i have a user shell

which python3

i dont know how to priv esc

like did you guys patch

just changed password for alex and removed him from sudoers

nothing else

i tried kernel exploit

i couldnt run

that should be working

Also i don't remember this being a cronjob.. who added this?? 🤔
*/1 * * * * /usr/bin/find / -name "chattr" -exec rm -rf {} \;

@stiff egret ^^^

in lion

can't be me 😠

ok wait so why cant i run the kernel exploit

like its in /tmp

someone made a sudoers error

like in syntax

🤷‍♂️

i have no idea

how to privesc on this box

also try python3 to upgrade your shell instead of /bin/bash ??

i cant rce

i used python3 -c 'import pty; pty.spawn("/bin/bash")'

you are in alex?

or in gloria?

gloria

im gloria

Hye gloria i'm Naughty

how come i cant python -c

i tried what alex did

use python3

not just python

i did

python3 -c 'import pty;pty.spawn("/bin/bash")'

exactly what i typed just now

try again? 🤔

i did

it's very weird

ok how can i RCE into this box

WHERE ARE THE SHELLS GOING

you running those from rce?

no!!

im not

im running from something else

or from a shell?

shell

do you see gloria@lion on your screen?

yes

then that's you somewhat upgraded shell

python3 -c "import pty;pty.spawn('/bin/bash')"
ctrl+z
stty raw -echo
fg
<enter enter enter>
export TERM=xterm```

did the box end

oh my god bruh

GRRR

@nova tide one more koth 😎 ?

sure

ANY BOX BUT LION

literally

i can't ssh2john

for the id_rsa

i can't rce

i can make any box you want

i can't upgrade my shell

any box of those

listed?

hackers?

bet

https://tryhackme.com/games/koth/join/c64eac7af99d2618ae4b9f8e

starting in 5 minutes hackers ^^

CAN YOU GUYS SSH?

I CANT

??

what you mean?

connection reset

you are using previously saved id_rsa?

no im not using an id_rsa

😮

THERES AN ID_RSA?

how you are trying to ssh in?

just normall

using an old password?

i used the one i bruteforced rn

which user

campbell

it's rcampbell

O

yes rcampbell

using him

try to ssh in then?

kk

how come for like ftp

i get permission denied for getting the files

get <file>

idk

how did you get in so fast

you gotta figure out on your own

what

GOT IT

me and naughty were on this box when it first came out lol thats how

i'm in for like 5 minutes already 🤷‍♂️

I just dont have my stuff saved so I have to get it all back lmao

looong time @raw bear

I had to upgrade my computer @nova tide so its definitely been a while.. lol I finally got my stuff and now i have an actual VM lol

nice

vc?

@nova tide

sure

but i don't talk

thats cool lol

i can type in #voice-chat

i hate you

https://tenor.com/view/nyan-cat-rainbow-cat-kitten-kitty-gif-5716621

i need to find that cmatrix binary

that looks more cool

what did you patch @nova tide

nothing

except your root ssh key i think

i didnt change the root ssh key :/

i should've kicked you out when i was root

but i was scared to see what would happen if i did

you can still do it

there's nothing patched rn

not sure if you could have found me though

i did

i mean i patched the way i got in

really fast

i wonder if

i was in like 6-7 minutes before you not sure if patching would do anything 🤷‍♂️

im on two different users

@nova tide can you find me

i think:

which one

i use killall /bin/bash you will be kicked.. so any of those two you are it will kick you out

don't do that ;_)

won't you be kicked too?

no

how come

mine is also not a tty

for production

try do it

i cant privesc

because i deleted python 😮

why would you delete python?? 🤦‍♂️

SO OTHERS COULDnT

chmod ??

yeah i should've

i learned

i got root

relativelyfast

like i couldve

kicked you out

i saw you

...

but i didnt know if you had persistence

and i didnt wanna piss you off

you never kicked me out 🤷‍♂️

i wanted to

but i didnt

i have all of my 3 working shells active

oh

yeah i didnt want to piss you off

lmao

why not?

because i don't know what tricks you got

that's the koth lol

kick others out and patch stuff

yeah i'm going to improve

GL

so you did killall right?

thx

my production machine is gone

but my other rcampbell is still up

coz you said just to kick you out from prod

i can kick from rcampbell as well if you want?

ohh no i thought you meant all of them

at once

kick out of all

ping me if anyone wants to play more

I have to grind some more before playing KOTH

I'm not at that level yet

@nova tide how'd you root so fast

https://tryhackme.com/games/koth/join/358b3f4cfb5d8e646075b063

coz i am a hacker man

skidy won't give koth leaderboard

How come KoTH in morning today @nova tide

i couldn't sleep

stayed in bed for 5 hours

then i checked the time it was 07:30am

@stiff egret ^^^
@nova tide ah, I don't remember this cron being there either...

so just joined koth

Um, not gonna be very useful anyway, people don't store their chattrs with original name 🤷‍♂️

then i checked the time it was 07:30am
@nova tide LOL

not all the people Lakshman

LMAOOO

@raw bear @vocal shell you guys left?

hmm?

what

what happened

game?

https://tryhackme.com/games/koth/9870

i joined the game but i didnt want to boot up kali

...

oh that game

yeah

i didnt know how to leave

lol xD

ok how do you get king but not all the flags ._.

i don't submit flags 🤷‍♂️

except for maintaining streaks

you don't need flags after you own king file

Dunno why people don't understand that.

Morning Guys.. 🙂

Morning

https://tryhackme.com/games/koth/join/3d6acd1c84831fe3e57c970b

anyone?

Starts in 20m

I got the same thing @cerulean sparrow

No such file or directory error

Okay so this is pretty bad

sorry

Can't ping it lol

again 😠

now i can

I am in the machine but can't do anything

since 30 minutes

I wonder what the guy did

I'm so angry

now still 8 min

I could save 30 min

I can't do anything at all this is amazing

I can do /bin/ls -alh

@cerulean sparrow any luck?

I loggedin with another ssh user

but not enough time

the box reset

we have like 40 more minutes

oh nvm

2 mins

that guy did some thing crazy

what's his username

he made the box unusable lol

@boreal flareayush

oops

not lost sorry i mean @gritty hollow

oh fuck

how many PEOPLE ARE ON HERE

SORRY

xD

is that you lost??

ayush

yeah

how'd you mess it up that badly

dm me >:)

did you do that

i didnt do anything

intentionally

oh my

i was afk

bro who did that

we even reset the box

someone changed the king file

yeah...saw that

I wonder if it was SuitGuy messing with everyone 😠

at Least I found 3 flags

i couldn't even

lol it's okay how'd you get another user

I used this

16109/tcp open unknown syn-ack

port

I found image

download it

I wonder if it was SuitGuy messing with everyone 😠
@vocal shell He's someone from the higher ranks

maybe he was

and steghide extract

yeah so he is extra smart

then found creds for the other ssh

one more?

how wait so 16109 there was a port running

yes one more

is anyone subscribed so it can load faster

nope

not me

not me

private games can be loaded in like 5 mins

yeah that's why they're so good

https://tryhackme.com/games/koth/join/e6eeed37c2177be4fa094b8a

wanna play private game guys?

join

ok

how'd you do that 😮

anyone can create private games

just the box selection is unavailable

lost ??

yeah

you were the king ?

yeahh

have you messed up with food user commands

,*?

you could do /bin/ls, /bin/cat, /bin/ps

nahh

i don't know that happens

if that is intended

the path variable was not set

you had to set it manually

O.O

how are you even supposed to

I'm stupid

know that

I didn't know that before

you could do /bin/ls, /bin/cat, /bin/ps
@vocal shell when u can do this and not just from any directory

that means the path is messed up

but then that's a valid trick

owww

if like someone doesn't know

sorry

like i didn't know!

guys

the game started

cant ping

also thx for reminding me lol i forgot

can you guys ping?

works

someone else's one the box...should i kick?

xD

can you show their

thing

im not on yet

lol

??

tty

or like ps aux

tty

no like

show their tty

how like an ss?

yeah like ss it

gone xD

@gusty cradle starting in a minute

https://tryhackme.com/games/koth/join/782257e6cb6a2476329ff737

did you patch?

public match

nope

@nova tide Not now 👀 but later today

the pros are here

how come i can't ssh in

ping me whenever you play

dunno

i didn't do anything

@nova tide can you ping the box

i'm booting up my vm

your vpn is working right?

@nova tide can you ping the box
@vocal shell

dam it

now no more play

my vpn is fine

but i cant do anything lol

😛

same

he changed the password

:/

i changed only root password

nothing else

mmm

sure !!

I was in

i cant do anything on the box

@nova tide

are you doing osmething

but lost kicked me out

I could be root

also

i cant tpye anyhting

i cant do anything

i just got in and someone urandom me

i cant type in my shell

im on the other box

dont know about panda

i cant do anything
@vocal shell you got king for 4 minutes still saying that?

im frozen again

after that i cant do anything

i cant type i cant

naughty do be kicking my ass 😠

whyy

always when i need to type most

i cant even ping the machine lmao

that binary is defected lmao

cant type anymore 😠

what is Naughty up to

rip

that seems like your problem

do you know why i can't also type in the shell

it like freezes

i think someone changed shell to rbash for shifu

not me i can't type

also i can't seem to change password for shifu for some reason

i have like a gazillion shells

but i cant type in any of them

how did you chattr king.txt

chattr isnt on the box

did you make shifu have a key

you're mean @nova tide

I COULDNT EVEN TPYE

I WATCHED MY BELOVED SHELLS DIE

You can upload your own chattr

ok

i was typing kill -9 for naughty

as my shell comes back

and he kills me

password for shifu is:
||shifushifu||

i don't kill shells

only nyancat

oh maybe it was just my thing timed out

ouch

Naughty would be demolished if I COULD TYPE

IN THE TERMINAL

I highly doubt that

how to get out of nyancat

Ctrl + C

Or you can say the magic word to Naughty

closes connection

sudo @nova tide

Ha! Wrong magic word

Die

was that .lol in /usr/bin

?

i had found a .lol i was assuming that was yours

Than its Naughty trolling with you, he wouldve named it something normal otherwise

i was so close to beating naughty

😠

i was gonna persist

i cant ping machine

is messed up

now my parents think weird things of me when they see nyancat going across my laptop

it's birthday of friend of friend

friend bought the cake

was eating that

OK NAUGHTY

LET ME OUT

or teach me how to get out 😠

??

still no way patched

stop crying for shifu password

no nyancat

terminal

you cant get out of that

ope

it's impossible?

woah that is such a neat trick holy dude image blue teamers using that against red teamers in a CDC

that's what i'm going to figure out

because if they can't ssh in bruh there's no way they're going to get in

and kill your services

i mean if i change the password for shifu it's the same thing

what do you mean

you are only trying shifu ssh

i can't get to the site

like it does not load

at all

the wordpress

then you are doing it wrong

gg naughty

you destroyed me xD

how to kill this process?

kill -9 922

?

i was using pkill..silly me

btw there are still some processes that kill -9can't kill

https://unix.stackexchange.com/questions/5642/what-if-kill-9-does-not-work

you are still doing it wrong

btw there are still some processes that kill -9can't kill
@nova tide Thanks for the info

are there any methods to find out hidden shells?

does ps aux | grep pts show all of them ?

maybe

if someone wanted to kick you out

just kill your PID?

yeah

hmm

how can you make it harder for someone to do that

if you can find that

find what :)?

my PID

isnt it 11575?

no

da fawk

its for the process ps aux | grep pts

that would automatically stop after a split second

try w

so how can one kill ur shell?

try top

by trying harder

try top
won't do anything

.___.

ok hold

by trying harder
@nova tide

netstat -antp

machine ended

netstat -antp
nah

last?

you can try out those on your own

what else can you do

nothing special

/var/log/auth.log?

lol what

no idea whats that

checking logs?

never had to check it

um how would i find you then

dude

you do know that i can't simply tell you the way to kill my shells?

grrr

i'll figure it out

Good luck

any hints?

am i overthinking it

No

LMAOOOOO

WHAT

This chat is turning out to be more fun than Instagram feed.

Is anyone playing KoTH ?

Or y'all had enough of 🐈

come DM i have something for you holmes

Interesting

im gonna beat you two one day

😠

might take a while but i will

dreams babe

Good luck

will be waiting to play with you

https://tryhackme.com/games/koth/9881

https://tryhackme.com/games/koth/join/ff5edf7f55f9248c634e0c22

ok twice here as well

ok

https://tryhackme.com/games/koth/join/fe9f984f3d9986ae9bd52409

anyone up for a game?

https://tryhackme.com/games/koth/join/cc09853bf4830b0387bcb190

2 min

imma head out to eat something

Naughty plays koth too much.

don't kill my shell bois

😆

Naughty plays koth too much.
@native plume play koth with me

my first time in koth ... 😱

some advice guys?..

Check pinned message

... thanks !!! 😋

@pearl pelican B3nder do you have an tryhackme account

... sorry i wasn't watching the chat ... yes i have one ...

https://tryhackme.com/games/koth/join/eaf12793082d0e7889d54c8f

... i played koth and get the second place.. 🙂

not bad for the first time

https://tryhackme.com/games/koth/join/f0ffb048e8a0616e598f0da0

https://tryhackme.com/games/koth/join/204d5d2fc97f4432ce0d24d3

I need some players

yo

@sinful field i'm connected 🙂

nice im ready

😱

Anyone up for KOTH?

Complete noob here

https://tryhackme.com/games/koth/join/26791846636f5f57af44c301

https://tryhackme.com/games/koth/join/a9c032717de96fa4fbfdcea4

https://tryhackme.com/games/koth/join/6551a32216c147c2d6799044

https://tryhackme.com/games/koth/join/a9c032717de96fa4fbfdcea4

https://tryhackme.com/games/koth/join/4f121766bff1d734d3af92c3

starts in 6

https://tryhackme.com/games/koth/join/cf891c5dabe788ec3c91da3a

did soemone kill ssh ?

@tacit siren

You are already king

yeah bt cant ping the box rn

Oooh..

Sounds interesting 😂

well no can do

that poor guy cant change king xD

anyone

for koh

https://tryhackme.com/games/koth/join/7c6f4fae5d8dcb967566138d

https://tryhackme.com/games/koth/9935

You are not allowed to turn off ssh. (afaik)

people sometimes change ports.. That's allowed. Watchout for that.

https://tryhackme.com/games/koth/join/8afcc93b5614b27ab7a46c71

Join in people! Starting in 4 minutes.

:))

offline.. Leaving.

Run EB

👀

I stay away from windows..

You can fall from them.

And die.

That hurts.

👀

anyone up to play koth???

https://tenor.com/baa1h.gif

$ cat sadness

m comming

i started with with jacob but m here again

m that much noob that dont even get a single shell

anyway i tries my best

https://tryhackme.com/games/koth/join/968e4336dd41d33520969694

Anyone wanna join in?

https://tenor.com/bhEFT.gif

https://tryhackme.com/games/koth/join/a26166890052578c9b69a321

beginner 1st KotH for me

ah ggs broh

You aren't playing?

No i am playing

Well rn not anymore

But before ye

Gg man

You were in game?

Yeye im jondoe

Oh lol

Bord man

I didn't know!

LmOa

Hehehe

Wow um dude

👀

Who keeps resetting

I am innocent.

LMAO, I just saw

smh

Lmao uea

Oh wow, my tmux died

I knew there was a reason for thay

uh uh, that's a spoiler.

You should delete that..

Oh yea well ok ye

Shsuhh

Never there

That was never there

I didn't see a thing/

Hehehhehe

Now this is weird.

Huh?

U use parrot?

Or

Yea thats parrot right

No

that's a custom theme for fish

that I made to look like parrot

oh damn

wow teach me that looks really dope

i need alot of thing to be taught

🙂

lmaooo same

were all just learnin here

anyone knows why chattr is disabled in the machine

oh cuz its too op

chattr +i file

Um, It's not, other's are just using it more than you 🤷‍♂️

then rm /bin/chattr

oh

ah

well well i tried for the first time today

so i was going through that few minutes ago

Is the game over?

yeahabout to

1 minute left

m not aware about mitigation and all

anywhere i can find that

???

chattr -i file

?

unless theyve removed chattr or chattred the chattr

then you just cry

https://tryhackme.com/games/koth

Bottom of the page.

Give it a read

OoOh youve scammed me

i was winning for like 4 min

dammit

😉

heheheh

I submitted the flags when 30 seconds were remaining.

Lets go for another one guys!

Yeye sure

yeah i say that

Dope dope

saw*

Hm?

https://tryhackme.com/games/koth/join/8b71af7bc9309ece2d65a02b

one more???? @stiff egret @dusty canyon

👀

Here...

Yeyeye

Or just join another public

Sure

Oh, dang

This is public

23 minutes

Yea quite a bit

The wait never seems to end!

It's already 3:30 AM here

Yes hehe

Im watching john hammonds 7 hour throwback video

start a private game? 5 minutes?

On x1.5 speed

Yea sure

Im watching john hammonds 7 hour throwback video
@dusty canyon I was watching planet of apes lol

Lmaoooo

so whos makin it

¯_(ツ)_/¯

https://tryhackme.com/games/koth/join/f7081c8fef6e8e7538769e3d

https://tenor.com/yXaD.gif

m starting my system again

lmaooo ight ight

U have like 3 mine homie

you people better not speedrun this

last time i could barely do anything

I won't

Same bro i feel ya 🤣

lmAO

jk jk

iggght

I think my VPN will betray me mid-game

Pretty sure it will

Lmaoooo dont wooory ur fine

Its still starting dont if i'll be able to join you guys

https://tenor.com/G9Kx.gif

Actually i tried making my own virtual machine but its hell lot of heavy

Try making one using vagrant.

It's a bit more managed

I am running one using that rn.

My ssh never works.... it stopped in last game also

Mine is fkn 115gb

Sometime it feels like my laptop is gonna be angry on me soon

And someone has already changed the password ofcourse

xD

Not me.

I didn't patch anything

Is it started

Heck, Even chmod is in place rn.

Shit

Is it started
@wheat ravine YEah

@ruby arch Dunno about ssh, I am inside and ssh is working on port 22

Oh yea idk

Nvrmnd my shell is stupid

No idea

Yes

Wait seriously.

Welp

Who removed ls.

Are you guys gonna start a new game after this

No idea

Wanna restart so he could also join? I am with him

😅

😂😂😂😂😂

Lmaoo idk

Reset, I am in vote. Someone destroyed the machine.

How do people get their tools onto the image? Like chattr, nyancat, etc

Wget?

Lmao

Like python -m SimpleHTTPServer 80?

Boooo python3 better

yk what I mean

Probably its already there unless someone messes with it

Lmaoo

Wait is it the telnet shell

Cuz if it is u need to set the enviroment variable

No every box I go on chattr binary is not there

I have no idea how to patch that except nuking the box

Ah

Ohk, Machine is not dead

The guy who asked us not to speedrun just did it

Hehe

The guy who asked us not to speedrun just did it
@ruby arch SO true

!

For me it’s doesn’t seem to work

I was waiting on root for you guys

Oh youuu

et tu brute

I just exited my shell

LOL, Well I used absolute paths.

I am depressed

We all are. 😦

Welp ggs peeps imma go do homework now

And imma sleep.

Oh okay guys seeya later lads.

Ight cya peeps

Sleep deprivation will catchup very soon

Well when do u join @stiff egret

I have insomnia, pretty badass

Well when do u join @stiff egret
@wheat ravine ?

@ruby arch u gonna sleep yet

Nope not yet

M saying when do u start with koth

???

He is asking like whats ur regular time to play koth

Yeah😂 m very much poor in english still tries my best

Its fine bruh

Um whenever I am online(?)

😂 alright will stalk u on discord😂😂

https://media.tenor.com/images/b24e1f1784771182dc529c29b634d8bb/tenor.gif

@stiff egret you motherfricker i tried out that fish shell and i almost got locked out of my own machine

the thing had the fish in the /etc/shells

but it wasnt working

👀

and everytime it would just say hey this doesnt exist

so i had to modifyu that damn /etc/pam.d/chsh

you have no idea how long it took me to find it

to disable pam auth

i hate fish shell

never again

linux scary

Um. You know can just change the shell in /etc/passwd?

ommm wait no but the chsh thing

Also, I use fish for 12+ hours a day and it never failed me.

lmAO

chsh had a password lock on it

and i tried all my passwords

and it wouldnt work

so i panicked

dum shell

LOL

lmaaoo

welp at least i learned more about linux

In ending of every line in passwd file, it define which shell the user can use.

thats a good idea

kill all root processes >:)

You can change that.

change what

kill all root processes >:)
@vocal shell not allowed.

really?

oh right /bin/bash

yea no im just stupid nvm

dont worry abt it shush

i remembered that dont worry

i knew that

100 percent knew that im so smart

really?
@vocal shell yeah. That will obviously kill all processes. Essentially killing the box down. Or equivalent.

no i mean

not alll of them

like if mysql is running as root

kill that

rm -rf /

it'll be fine

that is the fix command for linux

There is a or to be a rule that you cannot kill services as long as there is a way to patch that