#koth

says 4 flags. i get 2

https://tryhackme.com/games/koth/join/56d82bf8b9232c475206b4cc

where r they hidden

Starts in 16 mins

where r they hidden
@weary axle which room

any

production currently

im root

Use find

You’ll prolly get an error

Right V

?

On that room

what?

Can you use find

i cant find more than 2

Or so u get permission denied

no

can u tell wher can i find dlags

flags

unable to find

For whatever reason i got an error everytime i ran find and i had to fix it

Anyways

U can find 3 flags using fins

Find

yea

in which 2 r same

There are 2 more I believe

Search in users home dirs

i got 1 more

I deleted since it was a spoil

Thats all i can remember rn

@sacred comet

u ther>

https://tryhackme.com/games/koth/join/56d82bf8b9232c475206b4cc
@ion.know#3578 starts in 7

Am done, ill be joining

2 mins

Am here , lemme read rules real quick

@sacred comet

where u found 4th flag pls tell

4th?

find / -name flag.txt 2>>/dev/null

only 3

i get only 3

how 4

@stiff egret

can i ask u?

can u tell where is the 4th flag for productio

Um that's not something me or anyone else would tell, they are hidden and you have to find them, it only fun that way.

im tired findind...played production for 10+ times

still coudnt find 4th

Um when you get root, try find / "flag*.txt" 2>/dev/null

Boy i dont like this machine

🤣

U playing hackers ?

no

pproduction

No u mate
@frank oracle

Not*

2 wins in a row wow

https://tryhackme.com/games/koth/join/b955bcd336aebe42f9e380a4 - Starts in 15, find me in voice

My game finishes in 27 i’ll join then if u still playing

Aight then I'll delay it

I invalidated the link. 30 mins until start ok for u?

Did u patched the ||backdoor||? @opal pond

Did u patched the ||backdoor||? @opal pond
@frank oracle nah

Didn’t patch anything tbh

Well except for the way i got in

I invalidated the link. 30 mins until start ok for u?
@timber pelican yes

@timber pelican yes
@opal pond https://tryhackme.com/games/koth/join/873ab64a0deb0f6eecf110fd - start in 30

If anyones playing hackers with me check robots.txt for a hint

https://tryhackme.com/games/koth/join/873ab64a0deb0f6eecf110fd - start in 30
I have to abort. Something got wrong very quickly. Cy l8er

Alright

Dang

I botched this one huh

Did u get in via production

Or was that someone else

production, i was trying through g something guy but hydra was taking too long

Ggs anyways

BRO CAN U TELL WHERE TO ||FIND 4 FLAGS||

||I FOUND ONLY 3||

||find / -name flag.txt 2>>/dev/null|| this shows 3.....the 4th one is missing

Maybe its not flag.txt ?

what can it be

iwant to ask where can i find?

Hidden files ?

i was really upset

10+ times stil couldnt find

Btw are u sure there are 4 flags ?

when u hover above it it says 4 right

the submission area

of flafs

Ok

can u tell where are all 4?

with loc

i know 3 but still pls

https://tryhackme.com/games/koth/join/7069af2bc93385172dce290c

Starts in 10

i know 3 but still pls
@weary axle checking my note i only have 3 flags cant help there sorry

anyone else pls

where can i find the 4th one

pls tell

https://tenor.com/view/try-harder-try-trying-do-better-gif-8287072

!dark

!dark

https://tryhackme.com/games/koth/join/fabb77be289114539b81721d

https://tryhackme.com/games/koth/join/fabb77be289114539b81721d
@sacred comet I joined so the game isn’t empty and you can play, but i don’t think i can play myself rn bout to grab something to eat

😐

lmao

can anyone kill the strace command for me, I seem to stuck here 😦

everything patched

i cant get the shellll']

yes ik, I just run command for fun and I got stucked f

I patched it

😦

Someone just straight up deleted the whole code for port 3000 lol

Welp the disabled telnet too

I straight up lock myself out by running random command 😦

I really need to know how to patch stuff

https://tryhackme.com/games/koth/join/c07575fd2ae3f85cdabe26e0

https://tryhackme.com/games/koth/join/cd99b9b72dd7a30b38fe90be

https://tryhackme.com/games/koth/join/e4fb8c465dcd71773d903f2c

24 mins

https://tryhackme.com/games/koth/join/cc9812a433e6d7de5ca6b8bf 4 min

can someone open a "hackers" room so i can test my aproach (I was playing that room but the game ended while I was testing it 😦 )

@north stag you know this exists, right? https://tryhackme.com/room/kothhackers

James was kind enough to release the box standalone

ohhhh!!!!!!!!!!!!!!!

THANKS!

Yw

how do we get permissions for using chattr in linux

cause

sed

😐

I even being root doesn't give the permissions for chattr🙁🙁

hey I just wanna say to those people who are in the room with me pls don't reset just because you can't find passwords that's just so much rude and coward of you to do that

pls

it hurts🙁

and yeh is it allowed to change the flags??(I hope not)🙂🙂

oh god when will people start reading rules.

No, you cannot change flags. Also give the rules a read?

Maybe this blog as well?

If anyone wants to learn/Guidance about KoTH, they can always check out this blog post:
https://blog.tryhackme.com/guide-to-king-of-the-hill/

https://tryhackme.com/games/koth/join/ba502fb1785edd1b2c7b1b9c 25min

lol whoever is on panda right now good ljob killing literally everything because you cant get king

n0beard

@harsh obsidian this you?

everything is shut down and secretary isnt on the boxc

I haven't killed anything

i cant get onto ssh or wordpress

But ssh is no longer available. did you switch the port?

i didnt

oh damn, reset?

im now kicked off the box

ssh is completely down

same as port 80

ill find another way in

that's odd. i voted reset if it's kicked us both out and off

https://tryhackme.com/games/koth/join/ba502fb1785edd1b2c7b1b9c

Three more players

Starts in 14 mins

4 more players*

-_-

i watching ipl

wait why did i join the game

@stiff egret help lol

LoL why do you need help with, I can see your name getting in the file every once in a while

just try hard whatever you are doing

Where should i put the binary I downloaded for busybox to use it

Anywhere (?)

Nah i meant with this

/tmp ?

or /usr/bin

I put it in bin didn’t find tge applet ?

The*

wget <LINK> -O /tmp/secret; chmod +x /tmp/secret;
Run using /tmp/./secret

Also you should do more boxes that involve linux, to get a hang of this.

Why the reset lol.

SMH

Anyone keen for a game of KOTH in roughy 2 hours?

@Mr.Holmes#0001 😒

Why 😦

what?

Urandom

I didn't do that, lol, I am not even active in machine

Only u and me where in the box tho

NO, I can see 2 other IPs inside the box

Im pretty sure they’re not root thi

woah today is ipl final

and i didnt know

Its aight imma come back in again ig lol

wew

OH I see that person running urandom

Want me to kill it?

kill process_id

Idk its up to u the games already finished ggs 🙂

what is that?

flag

0day wale room ka 😄

Dont do that?

wait homes u didnt search any flag

lets do a KOTH?

Nope, I don't need to, Going for king is faster way to win.

watching ipl?

watching ipl?
@weary axle dek raha tha 90% use ho gaya ab 😄

wait why does my hydra take hell time to bruteforce?

Nope, I don't need to, Going for king is faster way to win.
@Mr.Holmes#0001 > wget <LINK> -O /tmp/secret; chmod +x /tmp/secret;
Run using /tmp/./secret
@Mr.Holmes#0001 should i run the binary itself or with busybox ?

took 30+ min once still didnt complete

wait why does my hydra take hell time to bruteforce?
@weary axle cuz the passwords changed

wait why does my hydra take hell time to bruteforce?
@weary axle -t 64

took 30+ min once still didnt complete
@weary axle Threads badhake k use kiya karo

@weary axle cuz the passwords changed
@opal pond yeah thats the reason

-_-

service ssh stop 😦

Busybox f’ed me on this one

Ggs

You don't need busybox, just upload individual chattr binary 🤷‍♂️

You don't need busybox, just upload individual chattr binary 🤷‍♂️
@Mr.Holmes#0001 downloaded for the link in your blog ?

@sacred comet Please keep all conversation in English only

-_- ok

@weary axle cuz the passwords changed
@opal pond ikt

@weary axle -t 64
@sacred comet i used it

@weary axle Threads badhake k use kiya karo
@sacred comet ok

i am not a slave of you so i will use whatever i want

english hindi whatever

Bruh :/

or make a new serve'r

shd make a language channel

lol

Enjoy the ban for the casual racism in hindi there bud

lmao

these people have a nice sense of humor😂😂

or make a new serve'r
@Mr . R c#4194 .

https://tryhackme.com/games/koth/join/7fc7768ef1186579d70bae77

17 mins

hi @gloomy estuary

hi

is king

@dull geode tell me what you did at king.txt

lol

after the room

OK?

ok

yeh sure

why not

if you can't find another flag, i already won

nice

well

11 mins are enough to reverse the game bruh

gg

it is not enough

I have 34 minutes of king

nice

lol

I was away

good game

yeh

gg

aah you left the machine?

gg bruh @gloomy estuary
yeh you were right ya won

lol, now tell me what you did on king.txt

What

In God's name

Is that 😆

God

@spring hamlet ?

Enjoy the ban for the casual racism in hindi there bud
@mellow bough wait how racism?

Wasn't you, don't worry. It was the person who was banned. @weary axle

but why banned him?

it was supposed to be a warn imo

cause u cant ban someone who is speaking in their language...for 3, 4, msgs

The racist messages were deleted.

what were his racist msgs?||angrez?||

asking dont ban me

If you're their friend and they're trying to appeal, they need to email jon@tryhackme.com

im nor his frnds nor i know him

We're not likely to share their racist messages again, seeing as they were racist.

ook

sry

HACKERC aren't we the only two people in the game? You don't really have to reset it though 🤷‍♂️

@nova tide pls tell me hackerc isnt that good, i dont even know what im going to use to attack the computer, i thought there would be more than 2 people. i was hopeing to defend

hoping*

idk he didn't really did anything in game, he just reset once and didn't even try to get king and joined next game

do you have any advice?

read the blog post?

and you are good to go.

k

good morning. Anyone willing to koth with me?

me fine

https://tryhackme.com/games/koth/join/05e61bab85dce2e8753bceb6

25 min

@fair adder

thanks

Anyone wanna olay

Play*

yeh wait

@dull geode how the hell did you exploit this fckng machineeeee

ughhh

lol

im so lost

well

I'll tellya

im in the smb

but that zovatuuuuu

after 🙂

changed the freaking flags

man, i dont eve care

he the hell

just wanna learn this thing

changed the freaking flags after submitting them

thats against the rules btw

pls see

yeh that's what I'm saying

:/

Yall in a game ?

yup

pls see after this koth admins

is this machine avaliable off koth?

is this machine avaliable off koth?
@north stag which one

offline

is there a way i can watch you guys do stuff cause like im new and can barely use friggen nmap lmao

offline
@dull geode .

No

shttt

is there a way i can watch you guys do stuff cause like im new and can barely use friggen nmap lmao
@hushed nebula Youtube

ah yes ok InDeEd

John hammond and optional

is there any Koth admins?

here rn

@dull geode after the koth ends can you join vc?

umm

IDK

😦

@dull geode yes, why

someone changed the flags in the offline machine after submitting them

What’s the game id

13229

his name is

zovuutavuu

do you have any evidence that the flags were changed

umm like how?

like screenshots, anything

if the games over there’s not a lot we can do

OK

nvm

thanks

If it happens again just let us know with some evidence and we can take care of it

OK

sure

anyone koth/

https://tryhackme.com/games/koth/join/1813a23578ecc5e2a7f4e346

3min

k th

wow prism is also there means i will lose

why is ssh port closed?

why u closed ssh port is it allowed?

is changing ssh allowed?

mods ...

Not shown: 994 closed ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
3306/tcp open mysql
8009/tcp open ajp13
8080/tcp open http-proxy
9999/tcp open abyss

mods ...
@north stag Not mods, koth-staff.

game id

of who?

Are you guys playing the game or separate?

its seperat

i m playing shrek

he is production ig

send me yours as well

how?

@winged charm

why u closed ssh port is it allowed?
@weary axle I just changed the port lol

and how u do that?

'-' /etc/ssh/sshd_config?

and how u do that?
@weary axle google

@weary axle google
@harsh obsidian xD

i m asking a dumb qs

which port

@fair adder

rustscan -a $IP

lol

Spectator link

Are you lazy?

actually

just had dinner

mods ...
@north stag Pretty sure you are typing it wrong

IIRC, user is skidy

https://tryhackme.com/games/koth/13233

not skiddy

which port
@weary axle Rerun nmap and you'll see

didnt

still didnt

are you scanning top 1000 or all ports?

didnt
@weary axle have you done the nmap room?

!docs koth

Something similar is already pinned @winged charm

Someone deleted root.txt and it wasn't me -;

i quit already

That's out of date now (or the docs.tryhackme.com as a whole is anyway) @tepid hornet good idea, I'll unpin that

GG @weary axle

i didnt play lol

Hello, i'm new here !

Hello, i'm new here !
@fair adder Welcome!

Thanks !

Anyone up for a game

IIRC, user is skidy
@stiff egret he corrected it in next line

Yeah, Saw it

someone edited the flag so now you have to ban em

@stiff egret Quite a game! 🙂

sure was

20 king changes lol

Room Tester 👀

https://tryhackme.com/games/koth/join/ebdd037d79cd64e359c9a602

@stiff egret oh nooo 😄

oh its windows

I left :) no windows

-.-

me 2

i will start another one

https://tryhackme.com/games/koth/join/58cbe40b859cf5125cd91c9f

i will start another one
@sly turret when does it start

5 in

min

3*

Can’t make it :c

😦 i have to go to work in 1 h so cant wait but we can play tomorrow if you want

Its ok,yea let’s do it tomorrow GL

@stiff egret go crazy if you want 😄 i try my best

ayy, :)

https://tryhackme.com/games/koth/join/ea11e549ad1377b329df8ef9

@tender salmon

am fzin

@spring hamlet

?

You not is this player of koth?

did you create a while loop with chattr ?

i no

no i mean holmes

Honestly forgot I was even in it

also never done this KOTH

@stiff egret what did you do 😄 i am root but i cant remove chattr i from the file ...

I looped it?

i have my own chattr on the boox but it wont remove

aaa ok

hmm

ok i dont know how to find the loop and kill it so i think its game over

!rule 9

Rule 9: No discussion of illegal/unethical topics or actions.

@fair adder Nope

No illegal activity please

-warn @fair adder Rule 9 -- asking for help hacking a minecraft server

⚠ Warned bang bang bang bang#2181

@stiff egret hmm ok can you give me a hint how i can find the loop and kill it ?

for the next game 😄

You can't, all you can do is make another loop faster than the one I am using

aa ok

Hello

warnings

Oh good

Interesting

-warn @hardy jungle insubordination

⚠ Warned 🅷🄴🆇🅲🄷🄰🄾🆂#1337

@terse willow

I did a thing

Oh

muiri

Erm

muiri

MUIR

I did a thing

MUIR BOT IS BROKEN

@mellow bough I did a thing

please fix

@terse willow

Fix

MUIR CODE RED

anyone played the "Hogwarts" room

hello

anyone played the "Hogwarts" room
@barren oar i

I am playing

have you any progress with that

That'll be in the console which I can't access

That'll be in the console which I can't access
@terse willow what console...?

The yagpdb console

I'm replying to all the pings

@winged charm try doing it now?

I'm replying to all the pings
@terse willow ohh alright

anyone played the "Hogwarts" room
@barren oar Yeah I got no where with it

@barren oar Yeah I got no where with it
@spring hamlet same here bro

Took me til like half way through to even realise that port 22 wasn't SSH (my fault for not reading nmap) and I couldn't access the website at all

The SSH port was dynamic and port 22 is bait

oh fair

-mute @hardy jungle

Unable to run the command: The Mute command requires the Kick Members permission in this channel or additional roles set up by admins, you don't have it. (if you do contact bot support)

-warn @hardy jungle

Warn <User:Mention/ID> <Reason:Text>

Invalid arguments provided: Not enough arguments passed

-warn @hardy jungle being wide

Unable to run the command: The Warn command requires the Manage Messages permission in this channel or additional roles set up by admins, you don't have it. (if you do contact bot support)

@terse willow you take away the manage perms though

Yeah

Need to speak to Dark about which of those things is more important

Oh god what did you do Cry, that made them took our manage perms away?

hackers gotta hack ya know

https://tryhackme.com/games/koth/join/d2f5329dc1e1d5d4a6eb0903

https://tryhackme.com/games/koth/join/6b26e7a6a67e30a2e6a4ae8b - Starts in 20 mins

https://tryhackme.com/games/koth/join/6b26e7a6a67e30a2e6a4ae8b - Starts in 20 mins
@hot bloom Still working, but LET'S DO THIS!!!

Haha @harsh obsidian , I'm kinda working too.. we'll see how it goes

I kind of hope it's Hogwarts because I haven't done that box yet. And with work, I can start a bit of enumeration without feeling like i need to dedicate myself to the box.

Hogwarts would be cool, I had it once, but I didn't get far

How often do new boxes get rotated in/out?

They show up periodically; i haven't seen any rotate out yet.

Ugh, that windows box

Yeah, it was a pain in the ass to figure out. it took me a good three or four rounds before i got it. but once you have the method as root, it's insanely easy to repeat

anyone wanna do a koth?

Yes

join up koth vc

only if ya want

TFW finally figure out hogwarts and someone changed the password already 😦

That's ok, the box changes every time

Well, the current one doesn't work lol

¯_(ツ)_/¯

Lame

anyone for koth ?

im fine

cam cycling 4 5 kms.....and frnds tyre got punchured

.

anyone for koth

good morning @here

What is allowed in koth and what not? Is changing passwords, deleting keys, changing permissons on binary allowed or not?

firewall ,changing flags and disable services is a no-go, right?

Try reading rules on the koth homepage, and/or maybe give the pins on this channel a look. @fair adder

@stiff egret I did this before asking the question 🙂

anyone koth?

@weary axle

@stiff egret I did this before asking the question 🙂
@fair adder Everything you asked about is either in the blog or on the rules section of koth page, I don't understand why you'll ask the same thing if it is already there in the site/blog.

anyone koth?
@lavish elm u still playing?

@stiff egret

ok, forget my question.

yea im playing

@lavish elm

send link

@lavish elm
u there?

@opal pond

wanna play

wanna play
@weary axle gimme a sec to boot up my stuff

Send links

send anyone

anymore people?

me

5 min game starting

sending link

Im in a game

which can u send me link

https://tryhackme.com/games/koth/join/25e361428e01cacdfa749c0d

@opal pond

kk

clear

what ports can i change ssh to?

why is the machine going offline so many times

Nothings wrong with the machine

Its not going offline ?!

me
@teal root u still playing?

it went so many time

and pls teach me how to patch vulns

u can dm me

@opal pond

and pls teach me how to patch vulns
@weary axle each vuln obviously has its own patch but for koth I mostly patch suids and capabilities, edit sudoers and etc to prevent privilege escalation

and how?

and is there a way to overcome those?

Well to change suids and capabilities u obviously gotta be root so if ur not already no

Same goes for sudoers file

i was root then machine went offline then i lost connection 3 4 times

Machine never went offline

Its probably your internet

and can u tell me what are the things except chattr and onemore was there

na it is strong

vpn also good

connected

did reconnect again and again

Well the machine never went offline for me

clobber and chattr

can u tell me why cant i access files even when i m root?

cause chattr -i king.txt didnt do

Well on this box if u use chattr it’ll close ur ssh or any other connection since its a cheese start

Strat *

So thats probably why u got disconnected

The machine didn’t went offline

wait meaning?

how will it go offline?

why?

It won’t go offline

If u use chattr

It will close ur ssh connection for example

ok i was disconnected

but why?

yea it did

like ssh terminal hanged

Cuz they don’t want u to use it since its a cheese strat

On that box specifically

means i shd use chattr

so whats r the other commands i can use?

I used it but since I already had a backdoor I gained a foothold again

wait how did u do from a backdoor?

can u explain me in dm it would br better to remeber

There are tons of easy backdoors to implement on koth boxes i’ll leave that to u to figure out 😉

which room in thm would u suggest me to take for tthat?

The box is made such that if you use chattr, then it will kick you out.

That's what was happening to you apparently

Are you guys talking about Fortune ?

yes just got to know

production

Are you guys talking about Fortune ?
@cerulean maple production

Oh

Well on this box if u use chattr it’ll close ur ssh or any other connection since its a cheese start
@ion.know#3578 .

But when I put my chattr binary it still didn't worked gave me some symlink error

wait but how and what should i search for backdooring cause i dont know much in it and happy to learn

wait but how and what should i search for backdooring cause i dont know much in it and happy to learn
@weary axle for example the easiest way is to add a user for yourself with privileges

idk how

Look it up

But when I put my chattr binary it still didn't worked gave me some symlink error
@cerulean maple google around for static binaries, you must've uploaded a dynamic binary

im like new to this field and want to learn in it

so would love to get some one helping 🙂

@cerulean maple google around for static binaries, you must've uploaded a dynamic binary
@Mr.Holmes#0001 hey if someone uses a loop is there anyway for me to overcome that ? Like if it sleeps every 0.1 for example a chattr loop or echo loop

Like can i kill it in anyways ?

You can't kill the loop, because it's hard to find the pid of it, since in all listings it'll show up as bash.

So/but you can error it out

Does that kill it ?

For example, say someone is running the loop using printf, then you know the printf is a part of it, if you remove printf, it'll error out

But can find the process in /proc/pts/pts- number to kill that process ?

we*

That’ll kill they’re whole shell I believe

Then there is no way stop other users scripts if we do the same it would just keep writing both user's name and none of them would be getting points xD

1. You can try to locate other users script, you locate it, you kill it.
2. No, even if you both start the same script, it is highly unlikely that they'll be caught in deadlock, one of them would lock the file first and will win 🤷‍♂️

Then there is no way stop other users scripts if we do the same it would just keep writing both user's name and none of them would be getting points xD
@cerulean maple ahahah like yesterday...xD

1. You can try to locate other users script, you locate it, you kill it.
2. No, even if you both start the same script, it is highly unlikely that they'll be caught in deadlock, one of them would lock the file first and will win 🤷‍♂️
   @stiff egret Really bro it did...😆

@cerulean maple ahahah like yesterday...xD
@barren oar yes xDD

actually you can find the loop and kill the whole process

finding is the hard part

finding is the hard part
@stiff egret it's easy and you can try it

Anyone wanna play

That’ll kill they’re whole shell I believe
@opal pond can't we do that?

https://blog.tryhackme.com/guide-to-king-of-the-hill/

Its allowed but shouldn’t be abused its not fun nor fair

anyone ?

for>

koth?

@stiff egret it's easy and you can try it
@barren oar oh I meant it for as in general, those who know how to do it, can do it.

Its allowed but shouldn’t be abused its not fun nor fair
@opal pond OK👍👍

@barren oar oh I meant it for as in general, those who know how to do it, can do it.
@stiff egret hmm

@barren oar nice loop - I cannot find it 🙂

@barren oar nice loop - I cannot find it 🙂
@fair adder thanks for that

that was fun

that was fun
@fair adder indeed

@barren oar what loop u using?

imagine someone typing manully for so long like up arrow enter

i did that for 1 hr

last game

sometime

nice one by the way

@barren oar what loop u using?
@weary axle it was just a while loop with a twist

GG

wait why did the ssh port close all of a sudden

oh game over

it was fun

wait why did the ssh port close all of a sudden
@weary axle most fun i have till now playing KOTH

/bin/sh: 1: cannot create ~/king.txt: Directory nonexistent
/bin/sh: 1: cannot create ~/king.txt~: Directory nonexistent
/bin/sh: 1: cannot create ~/king.txt~~: Directory nonexistent
/bin/sh: 1: cannot create ~/king.txt~~: Directory nonexistent
/bin/sh: 1: cannot create ~/king.txt: Directory nonexistent```

this error came and i was like what happend

then realized game over

i had like 4 shells open

3 ssh

1 root shell

like the #

mine was 1 ssh and 1 root

yeah that was funny

and whenever u were closing ssh i could change passwd and easily go inside that was luck

i had changed the port of 3000 and i just forgotton it

just then u closed ssh and i was like done

gone

yeah that was amazing one

i remebered 65520

and tried and it worked

and got # agaon

and ssh 3 ports for cat king one for python run and one for writing

there were 3 king.txt

i was trying 3000 but then it did not work then i just ran rustscan and 65520 pops up

what while loop u used?

there were 3 king.txt
@weary axle i know and i was doing king on all of those files

same

when kiste was king for min i saw 2 king.txt when u came i saw 3

I was searching for the loop alle the time

drove me crazy

when kiste was king for min i saw 2 king.txt when u came i saw 3
@weary axle 😆

I was searching for the loop alle the time
@fair adder yeah that was neat

bro y u used sleep? 0.1?

cant u do without it?

bro y u used sleep? 0.1?
@weary axle i can but just to keep it clean

i used like a simple while True

are you guys stablizing your shell or not

I did it and created a new user with uid=0

||subprocess.call('echo {username} > king.txt', shell=True)||

I did it and created a new user with uid=0
@fair adder how?

useradd -m <username>

passwd <username<

but what will happen if u do that??

and changed the uid and gid to 0

thats it

username meaning what shd be there?

how to change uid and gid to 0

ohh yeah can do that

in my case it was

useradd -m kiste

but i was using my script to stablize the shell

i also remove your acc from sudoers group by the way...:xD

i never went to sudo

direct root

no user shells

jepp via port 3000

what r the user shell btw

i changed 3000 to a random number and forgot myself

then remebembered

65520

i changed 3000 to a random number and forgot myself
@weary axle ahahahha

i just ran the rustscan again and find that one

i was stuck 5 min on that

I was wondering if it would be allowed to use hosts.deny

i voted for the reset i was thinking that port is dead

same when ssh was going so many times

u n me voted

other were doing nothin ig

same when ssh was going so many times
@weary axle I killed your ssh and python sessions

how?

lol

I was root on the box

@weary axle I killed your ssh and python sessions
@fair adder i know but i automated that with my script

i was root all the time

you can kill others tty sessions if you are root

how?

i did something like ps -ef | grep pts/1

kill the proccessnumber

@barren oar come to dm

cu

i did something like ps -ef | grep pts/1
@fair adder you can do this >> ps aux | grep pts

wanna play a koth sometime tom?

what time is at ur place @barren oar

there were some other tricks but i was struggling with finding all the flags

wanna play a koth sometime tom?
@weary axle yup

gn

im going to sleep

gn

gn
@weary axle

what time at ur place?

its 9:40 pm

ah k gn

bye

Anyone wanna play

Anyone wanna play
@opal pond i can do a light game. i'm only half paying attention to this meeting

Send me a link for like 10 mins

In 10 mins*

k

Im in a game that starts in 13 min want me to send the link ? > k
@harsh obsidian

Im in a game that starts in 13 min want me to send the link ? > k
@harsh obsidian
@opal pond are you in game

Yea

Starts in 7

@opal pond are you in game
@barren oar https://tryhackme.com/games/koth/join/6fc8bc69a2228b1582172b8d

@barren oar https://tryhackme.com/games/koth/join/6fc8bc69a2228b1582172b8d
@opal pond thanks

Ok who evers doings that don’t u think that’s enough?

U did that to three of my shells

Bruh this was my 4th shell

How many times are u gonna kill my shells ?

xD

GG

@opal pond

https://tryhackme.com/games/koth/join/e50faffe34f7eb1147ad4365

@opal pond :picardia:
@torpid fern nice one

xD

my freaking ssh dies

U guys friends or something?

With the other lvl 1

who

Not u

Parism

xD
@torpid fern this guy

ok

Parism, wtf lol

And the other lvl 1

Parism, wtf lol
@fair adder whatever the name was ion know

The last game was not enough for me to play

So, now i will play

Every time i got a the box all three of u were on it

🧐🤨

lol

Suspicious

tryhackme for me just and good koth

Suspicious
@opal pond Yea i think so

Did you create a script to put your nick in king.txt?

Yea a loop

Sounds like yall made a script to get root on the whole box lol :/

lol I don't found that

I also created one in shell script

Nice

Eh off to studying again

Why reset ??

Lol @fair adder if you can't get in you'll just reset the machine , smooth move

'-'

Shutup

@cerulean maple you creating a room?

Yeah I'm planning to

Shutup
@fair adder XDDDD

xD

Yeah I'm planning to
@cerulean maple you got creators-lounge role before creating a room?

I asked a mod that I'm working on a room so would it be a good room then he gave me permissions to talk over on that channel

Why i cannot get root with SUID 😞

Okay I have made it easy for you now xD

More easy than sudo su?

xD

I would just say that you can own the box with ashu 😄

lol

Wtf delete the flags isn't against the rules?

Who deleted flags ?

Idk, someone

Bro flags are there xD

Are you sure?

https://imgur.com/UfOZgj3.png

Yeah your right

someone deleted ashu 's flag

Yea, i think so

Emergency any KoTH staff? Someone is messing with the flags xD

@fair adder Did you got root ?

No

I'm trying to get root

Ashu had a flag?

wasn't that root,skidy and ftp and one more?

root didn't have a flag

That's an older pic

ashu , ftp , skidy and one more loaction was having flag( ^)

welp

report it to koth@tryhackme.com with Game id

Shit, i lost my shell xD

GG @cerulean maple

GG bois

Shit, i lost my shell xD
@fair adder I didn't kill anyone's shell XD

@fair adder I didn't kill anyone's shell XD
@cerulean maple lol xD

Which machine you want to play if your up for KoTH ?

The machine hackers is cool

https://tryhackme.com/games/koth/join/c5570e328691f51f98129c35

Rules: the first one who get shell, lose

XDDDDDDD

Okay !

@cerulean maple did you delete the flags? mainly from ashu /? who deleted ssh? that's against the rules!

Rules: the first one who get shell, lose
@fair adder huahahahahahhah

i go to lose

What no I didn't delete those flags

I even made it easier for you guys

Why would I delete the flags

I gave ashu all the privileges so you all could get root xD

you delete yes!

Wow !

you delete yes!
@unborn wigeon are you really gonna do this man...

dont be buzz kill

aff

my ssh was not working the whole time that does not mean that i blame him

@unborn wigeon I wasn't the only one with root privleges there were 7 people

So don't just start pointing fingers at someone

you can report the game if you want

someone removed the ssh, but it wasn't me, i just took root at the end, i would be 2nd if the flags were not deleted; -;

really

there are three routes to get the machine ssh is one of them

@unborn wigeon Even ssh was failing you could have found the other way also it is not against the rules to patch ssh

someone removed the ssh, but it wasn't me, i just took root at the end, i would be 2nd if the flags were not deleted; -;
@unborn wigeon did you find other 3 flags

It's against the rules to close ssh, typically

Seeing as there are other ways to patch it

you can change the port or play with creds

Delete ssh keys is against the rules?

deleting it is against the rules

Delete ssh keys is against the rules?
@fair adder i don’t think so

So, someone deleted the ssh keys

Deleting id_rsa and authorized keys are not against the rules

I think

Deleting id_rsa and authorized keys are not against the rules
@opal pond Idk

James is typing

Someone change the SSH port is against the rules ?

If a private key is leaked, the first realworld step would be to remove the corresponding public key

Someone change the SSH port is against the rules ?
@cerulean maple nah

Someone change the SSH port is against the rules ?
@cerulean maple No ;-

Y’all in a game ?

Hop in https://tryhackme.com/games/koth/join/c5570e328691f51f98129c35 @opal pond

Did you get shell? @cerulean maple

Nah XD

XD

@fair adder You ?

I guess not

Hop in https://tryhackme.com/games/koth/join/c5570e328691f51f98129c35 @opal pond
@cerulean maple how long till it starts ?

It is started

@opal pond Has started

45m are left for it to end

Which room

Hackers

Hackers

Noice

@fair adder you speaking english fluent?

@fair adder you speaking english fluent?
@unborn wigeon lol, of course not

Ay yall give me a head strat

Start

Lol

Did you get shell? @opal pond

Yea

Already patched tho 😦

Reset maybe ? 😄 i came in late

Nah I think no one's in

Im in

Someone is already root

Oh XD

You lose

xD

Patched stuff

Sorry, i patched it and killed my shell 😞

Lol

xD

Hey!

anyone up for a koth?

So, if you want to find another way to privesc, i will be waiting

Hackers has a writeup 👀

So, if you want to find another way to privesc, i will be waiting
@fair adder thats what im doing rn

Hackers has a writeup 👀
@quiet schooner even better the box is offline

I mean outta koth

Thanks to u I believe?!

Hackers has a writeup 👀
@quiet schooner Will not help xD

how much time is left ? @fair adder

30 mins

ooh

Feel free to join

We will reset

i'll join probably the next game

Y’all wanna reset ?

Wait, don't reset...

https://tryhackme.com/games/koth/join/58dbcc2f5507c0ccbc12c173

starts in 20

Make it 28 so we can join

its public

Wait, don't reset...
@fair adder why

I'm looking for another way to privesc ;-;

Yea im running linpeas not seeing anything

So sad

Ok, reset if you want

Already voted

Oh XD
@cerulean maple u wanna vote ?

Voted !

@cerulean maple which room did you create ?

uhhh... hackers

So sad
@fair adder idk want to read files tho lol

I don’t *

You can create a revshell with that

I guess

Not enough time eh

Gga

Ggs*

Btw with what script to u write in someones terminal ? > I guess
@fair adder

Yea

Are you right

Someone playing in the public koth?

um.. no not this one

i had a new install .. configuring some stuff

Someone playing in the public koth?
@fair adder Nah , gonna play tomorrow xD

GG btw 😄

GG

arz are you not playing ?

anyone wanna play KOTH

https://tryhackme.com/games/koth/join/4d6d08b432847908a83d595e

anyone wana play?

https://tryhackme.com/games/koth/join/e22f741d0dd6b8397cec9941

https://tryhackme.com/games/koth/join/bd5607630179b82990c8332c

anyone up for a match?

starts in 24

U there hackermansam?

lol i joined

@wraith geyser thx for posting I have been wanting to try one of these boxes

dang i need lower peeps in this KOTH so i can get clap TwT

ehh im not that good I just have been practicing alot, Im just doing it for fun

same it fun af

anyone wanna join KOTH vc?

I do want the real experience first than I would be down

koolz

3 minutes left get ready bois XD

hints anyone

hack gooder

@fair adder you ready/ wanna hop in channel??