One more?
#koth
grand delta
stiff egret
Uh, alright, lemme boot my vm back up
grand delta
If your busy or something... Then we can play after dinner
stiff egret
your call, my VM is up π€·ββοΈ
grand delta
Umm... Ok after dinner actually π€
grand delta
how bout now /?
stiff egret
sure
stiff egret
grand delta
lol
errant verge
grand delta
none can find the other 2
stiff egret
Actually food machine is also a regular box on thm, you can start that and look for flags alone
grand delta
lol , i'm out
grand delta
juz not able to get in ; the cookie trick doesnt work
stiff egret
there are other methods
nova tide
Quite a few of them
grand delta
@nova tide dont see you playing nowadays ?\
nova tide
Because I'm already #1 attending an event.
grand delta
Because I'm ~~already #1~~ attending an event.
what event ?
stiff egret
Because I'm ~~already #1~~ attending an event.
LMFAOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO
nova tide
what event ?
A personal one.
grand delta
nice
acoustic shadow
howdy
fringe fog
someone want to bring along a newb? maby teach a few tricks?
primal shoal
vital tide
hi everyone, im still new to hacking but was wondering how much I need to know to try this out
nova tide
Doing easy-medium boxes on THM would be enough.
KoTH is not for beginners, would suggest doing some rooms that will help alot.
vital tide
ohhh interesting
do you have any room reccomendations?
also this generally has the same principle as hack the box battlegrounds right?
nova tide
@stiff egret wanna write about koth for beginners? Or the suggested rooms before doing KoTH?
nova tide
also this generally has the same principle as hack the box battlegrounds right?
!docs koth
pearl gladeBOT
TryHackMe
nova tide
vital tide
i finished the mangaa a dakd a
nova tide
It's from Haikyuu
vital tide
yeaaa I finished tha manga for haikyuu
stiff egret
<@580609268261191680> wanna write about koth for beginners? Or the suggested roo...
Interesting π€ it can be done tho
broken berry
@delicate cedar did u close the port?
delicate cedar
Nope
broken berry
21/tcp open ftp
80/tcp open http
3306/tcp open mysql
8009/tcp open ajp13
8080/tcp open http-proxy
9999/tcp open abyss
broken berry
ohh ok
autumn iron
patent forge
anyone playing?
carmine flame
@wary zealot @fair adder and xxanny please stop reset the machine there are multiple ways in that aren't patched
pearl crane
fair adder
hi
fair adder
hi
delicate cedar
@rotund topaz found you
delicate cedar
lol
delicate moon
nooo it was me
lmao
si keep getting disconnected so as soos as i wanna do something boom
rotund topaz
somebody got their tools used against them
delicate moon
yeps
delicate moon
lols
rotund topaz
if you give me your thm ip, I'll give you a root shell
delicate moon
no probs it was a probleme with openvpn at first now its not lols
rotund topaz
ah right
delicate moon
sorry for those who dont have root shell rn
rotund topaz
well, I sent a rev shell to someone
delicate moon
i has something listening always nothing
nova tide
**Thatβs your THM IP**
^
delicate moon
i made a typo
rotund topaz
that doesn't sound like your thm ip
delicate moon
its 10.8.118.208
nova tide
10.10.x.x is for THM machines i guess
rotund topaz
the shell could've come through
delicate moon
thaaax
rotund topaz
Stellanix is on pts/9 by the way ;)
delicate cedar
Damn
rotund topaz
that's what you get for using chattr ;)
delicate cedar
I should've set buffer size
delicate moon
losl
well that was a nice clean up now only 2 people onm box
and how did ya guys prev esc
rotund topaz
uh there were a few ways
delicate cedar
https://tryhackme.com/games/koth/join/a3db79231001da9558e719ce
Spectate link?
delicate cedar
No, the spectate one
fringe fog
Yo! In the Shrek machine I found a salted hash. How can I Crack that? 4.hourse and nothing π I've tryed hydra -a 0 -m 10
quiet schooner
Hydra does not crack hashes
broken berry
Yo! In the Shrek machine I found a salted hash. How can I Crack that? 4.hourse a...
you can unshadow the passwd and shadow file and run john
or use hashcat
quiet schooner
Do you mean hashcat?
Perhaps you're not meant to crack it
Hydra does not crack hashes
fringe fog
Yeah I hashcat sorry for that. My brain is melting
stiff egret
Perhaps you're not meant to crack it
^
fringe fog
Lmao I'll try, could be
nova tide
π€·ββοΈ
delicate moon
heeelp carnage
stiff egret
Can't spoil machines, All I got for you is Try harder :)
fair adder
anybody interested in playing king of the hill?
game is starting in 5 minutes everybody
delicate cedar
It's just us 2 then
delicate cedar
I already have
delicate cedar
Hmm, I think it's normal for me
fair adder
port 8080 doesnt even wanna load for me
delicate cedar
yeah, ||u can see it's content using curl though||
fair adder
yep i did that lol
its fine im in
yo @delicate cedar do i need to add tyler.thm to my etc hosts
?
delicate cedar
you can add it though, so you can access the host easily
but i don't think its necessary
grand delta
you guΓ½s playing now ?
delicate cedar
ahhh so there is no virtual host routing. alr perfect
exactly
delicate cedar
Wait, did i?
fair adder
lol i was in with default creds and now theyre not working lulzzz
delicate cedar
hmm, I think i only deleted the id_rsa
fair adder
looool, then idk whats wrong with ut
delicate cedar
There's another way in, but I'm putting back the id_rsa
grand delta
u guys able to reach out pentest monkey ?
fair adder
There's another way in, but I'm putting back the id_rsa
yep i didnt go thru with the libre
im choosing another way in
lolololol
nooooooo
whgat are yoy doing ro meeee
NOOOO i seriously got to root
ahhhhhh
even the ssh passwd is not working
delicate cedar
u got root?
fair adder
omg YOU HAVE CHATTR ON?
fair adder
u got root?
yep suid
delicate cedar
omg YOU HAVE CHATTR ON?
yeah
delicate cedar
is it?
fair adder
i think si
delicate cedar
maybe haha
fair adder
busybox is bb
delicate cedar
oh, i see the binary
delicate cedar
did u remove chattr binary or remove the attributes?
fair adder
the binary
delicate cedar
^
delicate cedar
https://tryhackme.com/games/koth/join/1f3a41f8f3996a6ea461c443
@fair adder
grand delta
why is tha happening ?
delicate cedar
what do u mean?
grand delta
kexit ?
delicate cedar
idk, did u kill ur own shell?
grand delta
π
delicate cedar
Damn, definitely not me
grand delta
i am having a clean shell ... even your nyancat isnt working lol
delicate cedar
I don't even use nyancat
delicate cedar
@fair adder did u the one that use while loops?
compact viper
hy
glad turtle
Are we allowed to have write-up for the koth machines?
According to https://tryhackme.com/games/koth - "You can stream and post writeups on KoTH machines."
And according to https://docs.tryhackme.com/docs/koth/king-of-the-hill/ - "we do not want any writeups or hints for this game mode"
nova tide
You are allowed to keep notes but not really a good idea to spoil the box for others.
terse willow
@glad turtle @nova tide, the docs site is deprecated -- help.tryhackme.com is where the up-to-date documentation is.
Writeups / videos are allowed, essentially as there's no way to enforce it
So whilst it's not necessarily encouraged, it's not an issue if you do
compact viper
@fair adder hy
glad turtle
<@333257383189151744> <@267010557889085440>, the docs site is deprecated -- help...
Alright cool, thanks for the detailed answer
fair adder
<@456226577798135808> hy
hi sup
fair adder
r u not playing?
yea, i had to do other task first
compact viper
yea, i had to do other task first
ohkk im waited for u a long
compact viper
ok dude Np
fair adder
ok dude Np
on a side note, how did you find me
on discord
you are from india too hehe
compact viper
lol
fringe lodge
hey guys just joined koth
harsh obsidian
hey guys just joined koth
Nice! How are you liking it so far?
stiff egret
You are gloria user, maybe the flag is read only for alex user.
fair adder
How many times can a vm bei resetted in one koth Session? I counted 5 to 6 times in my last koth which is a little bit annoying
nova tide
i tried reading others in gloria too
Screenshot if possible?
nova tide
How many times can a vm bei resetted in one koth Session? I counted 5 to 6 times...
Yeah it's a bit annoying when people reset the box when ssh passwords are changed. Instead of finding more ways people tend to reset the box instead.
Machine should only be voted to reset when machine is broken not when it's patched.
carmine flame
How many times can a vm bei resetted in one koth Session? I counted 5 to 6 times...
I played a game were my 2 opponents reset the machine 10 times xD at the end I just had an auto patcher lol
nova tide
I played a game were my 2 opponents reset the machine 10 times xD at the end I j...
Resets might be a pain but that(auto patcher) is totally against the rules.
carmine flame
Resets might be a pain but that(auto patcher) is totally against the rules.
I mean a long code line that I made for the machine not an auto-patcher
nova tide
π€·ββοΈ
carmine flame
To me the rules meant that you can't use an external auto-patching tool
correct me if I'm wrong tho
nova tide
External patching tools??
You can't use scripts that automatically roots/hardens(patches) the box.
carmine flame
External patching tools??
Hmm is there no such things?
carmine flame
You can't use scripts that automatically roots/hardens(patches) the box.
So that would mean that when the machine is reset I should write my code instead of copy pasting it? seams very strange to me
nova tide
Never tried one
carmine flame
Never tried one
I assumed such tool would exist but now that I think about it it may not even be a thing
fair adder
@nova tide
deleting the king.txt and the binary that's inside the /root is against the rules isn't it?
cause i'm playin right now and a guy with the nickname of Edd13M0ra is deleting everything
he even deleted ls but nah i can usr printf '%s\n' * so because there's an alternative that wouldn't be a prob
quiet schooner
the king.txt itself, I think is fine because you can just remake it
fair adder
he deleted the binary for the king
quiet schooner
But yeah deleting the king binary is against the rules
fair adder
the entire /root
quiet schooner
It shouldn't break it, but depends on the implementation
quiet schooner
Legal? Yes. Against the rules? Also yes.
fair adder
i wanted to say the binary for king.txt anyway
quiet schooner
Have you read the new rules?
quiet schooner
The new rules on the site?
fair adder
i've read them yesterday
but i'll again now
Do NOT delete system binaries (except chattr) or change executable permissions on them (or their directory).
hmm
Do not attack, modify or stop the service(king/KoTH service) on 9999 (this includes a 'KoTH' binary placed by default in /root and things like changing service locations.)
so it's ilegal to delete it
terse willow
Given the site you've got linked in your bio is full of illegal content @fair adder, please do not advertise it in here
fair adder
i'll change it now, even tho this sounds little bit stupid, i am not explicit advertise it
terse willow
Oh, I know you're not. If you were pasting it in the chat you would be getting chucked. We're more lenient about statuses given they're obviously Discord wide, but I draw the line at illegality
fair adder
done, i've removed it, now we can concentrate on the things that happened during the last koth, deleting the binary and explicit everything from /root is ilegal
keen shell
edd13m0ra is the 3rd person who got in, i was with meowless for 30 minutes or so and everything was fine we battled with eachother and when he came in he deleted /root
fair adder
not to mention the fact that he deleted the flags, which is again against the rules @quiet schooner
quiet schooner
I'm not koth staff
winged charm
Iβm looking into it
terse willow
Hey @fair adder -- could I get your THM username so we can check against your latest games? π
rancid pewter
Hello, seem like KOTH as some bug. Trying to join public game redirect me to 404 but it seem like it still scheduled me for a game. But the game in question doesn't exist. https://tryhackme.com/games/koth/16848
keen shell
why is it that every koth game is either panda or shrek lmao
broken berry
why is it that every koth game is either panda or shrek lmao
ikr
i always get the same machines shrek,lion and panda
keen shell
@hazy geode mind telling me why nobody can create tmux instances cuz all of the close imediatly?
everything work and we could all list working sessions and you closed them
keen shell
gg 4 minutes left there's no more competition
sad you had to ruin the only legit way to privesc, i have tried the kernel exploits and sudo cuz of the old version but no one worked
nova tide
sad you had to ruin the only legit way to privesc, i have tried the kernel explo...
I mean you are supposed to patch the vulnerabilities. Don't know what you are talking about?
keen shell
he patched the ONLY vulnerabiltiy there, go ahead and try that pip thing from gtfo it doesnt work
nova tide
There are more than one way to root the box, try finding more.
keen shell
yea well i guess im stupid should've looked more
nova tide
hazy geode
No not pip
keen shell
yea i saw
hazy geode
Since you had access as the Gloria user
nova tide
@hazy geode try not to spoil the box, please?
hazy geode
<@787125874188615732> try not to spoil the box, please?
Oh okay
hazy geode
i did and i saw everything i realised now
Yeah
keen shell
do you want to add you as friends, i have a group of people with which i play games and maybe i can text you 2-4 hours before so you can join us if you want
hazy geode
do you want to add you as friends, i have a group of people with which i play ga...
Yeah sure that'd be fun
broken ermine
zealous fern
SO I want to do a koth
then I don't know how to do it
is the problem on your side or is it that I don't know
stiff egret
Have you solved other rooms on tryhackme?
zealous fern
Yes
Those had open ports
I try nmap and rustscan and it says 0 ports open and ping scan says it is not online
stiff egret
Sounds to me like an openvpn issue
zealous fern
Hm let me try reconfiguring
tall cove
@broken ermine Please only post the link once.
unique coral
Can you use the THM attack box for KOTH or do you have to use your own vm?
blissful kettle
Yes you can
unique coral
sweet thanks
keen shell
let's see if today's koth box is panda or lion
rocky willow
let's see if today's koth box is panda or lion
Ig panda 
lmk
final elm
i got root on the box but can't add my name to king.txt
any suggestions ?
it says permission denied
delicate cedar
keen shell
i played today a koth game before i went to "school"
i played Food, it was a super nice room with, finally, a good method to exploit and i could use my coding knowledge, albeit little
stiff egret
i played Food, it was a super nice room with, finally, a good method to exploit ...
:)) if you wanna do it alone, food machine has been made into individual room, search for foodCTF in hackitivities!
keen shell
yes i know, i got to exploit it on that koth game but someone patched it or something happend, i'm watching this https://www.youtube.com/watch?v=9WhQUItNNMw and after that i will do that until the end
delicate cedar
unfortunately non subscribe players cannot learn certain machines without relying on luck getting the desired machine in private games
quiet schooner
Hackers and food are available standalone
delicate cedar
Only hackers and food
nova tide
One of the perks of subscribing
delicate moon
i am having some serious problem with the hogwarts box ... no spoilers please but i can not access port 22 in firefox and google didnt help at all all advice is outdated please anyone that got around thiss not fun having no one able to access it
stiff egret
That port is not the only way to get in the machine, you can try for other ports,
Although, how to access that port on firefox comes up pretty easily on google search, I don't know what you are searching, but try again(?)
delicate moon
lols i am at that point where i was searching long sentences but figured i just used curl to just see whats up and i am still waiting for an all port scan to come back maybe im just stupid and not seeing something
nova tide
In future instead of waiting for scan results try installing rustscan to stay ahead of others.
delicate moon
i have been saying i need it lol no one on the box yet just cus offportscann
terse willow
Although, how to access that port on firefox comes up pretty easily on google se...
Did you steal a trick from Jack of all Trades for that one...
delicate moon
lols
stiff egret
Did you steal a trick from Jack of all Trades for that one...
I never solved that one lol
I legit saw that months after I released hogwarts
terse willow
smh π
delicate moon
@delicate cedar have you done hogwarts ???
delicate moon
last time i hadvpn isues so didnt get anything done
terse willow
Hey, if you don't want spoilers you shouldn't use tricks that have been written up hundreds of times π
stiff egret
I DIDN'T SAW IT! smh
delicate cedar
I wonder what the ||openssl enc do||
delicate cedar
<@!611070377971679243> have you done hogwarts ???
Still studying the box
delicate cedar
<@!611070377971679243> wanna join box or you bussy
Not on pc rn
delicate moon
wanna join a vc and spin up a private room and then check it
drop me a dm then we can go check it out
blissful kettle
Who available
?
grand delta
holmes you released HOGWARTS uh ?
nova tide
holmes you released HOGWARTS uh ?
yeah he did
willow thunder
vital tide
anyone have any suggestions for rooms to do before i am ready for koth?
keen shell
this current koth rotation makes puts new players at a disadvantage
i played yesterday or something a Panda box vs a new player and he was able to become root eventually but it took him like 10-15 minutes
meanwhile i had that machine already enumed and just had to redo what i did
now i play this production machine against a guy who became root in 10 minutes, and i just test stuff to exploit it [no spoilers]
delicate cedar
That's because it's all about who's first getting to root and maintain it's persistent, everyone who has done the box has an advantage
grand delta
someone playing ? pl send the link
stiff egret
meanwhile i had that machine already enumed and just had to redo what i did
The newer machines are randomised a lot to help with this, examples being Hogwarts and hackers. Passwords change in hackers, and a lot of stuff changes in Hogwarts, you can't just repeat the steps to get back.
Plus there are plans in works regarding this problem :)
stiff egret
holmes you released HOGWARTS uh ?
Yep
grand delta
The newer machines are randomised a lot to help with this, examples being Hogwar...
they are the toughest machinesπΏ π―
i literally take down notes for hogwarts
stiff egret
There isn't much you can make notes of in Hogwarts.
grand delta
There isn't much you can make notes of in Hogwarts.
yea whatever is there is to be noted π
stiff egret
π
keen shell
The newer machines are randomised a lot to help with this, examples being Hogwar...
same machine "rotation" panda for like 3 times, we need a lot more machines and some thing to keep track per user and randomize accordingly, same as it does now with 1 minute left before it shows the machine but it should take into account what was the last 5 boxes for everyone so it won't happend like yesterday when i played Lion 3 times or something like that
nova tide
New Machines? Soonβ’οΈ
Keep track of each user? I don't think that's really necessary. You will get one machine that someone have already done from 10 users that can join the game. Machines are already randomized. If you get a machine again, you can always try finding other methods when you have already rooted it one way and try patching those as well.
compact viper
hy
stiff egret
same machine "rotation" panda for like 3 times, we need a lot more machines and ...
Rotation is randomised, so it's actually your luck. New machines, are Naughty said, as coming soon. But keeping track of every user is just not really applicable at the moment, as there are around 12 machines. As the pool increases, so will the strategies for KoTH.
keen shell
idk, this needs a lot of more work, or at least make every koth room public so everybody can prepare in advance
stiff egret
It says on site, 'Beta'
keen shell
idk if it's okay for me to try and hack a box at first sight meanwhile stellarix or whatever gets king in 3 minutes
stiff egret
You can create private matches
delicate cedar
study the box on priv games
keen shell
that's a decent workaround
stiff egret
Invite those who are new to machines as you are, then hack them together, it'll be more realistic that way.
Plus, usual non-strict rules are not applied to private games.
keen shell
"invite" i don't really have friends to invite, or if i have i have like 2 of them
i play 1-2 games with them but that's really not a big competition since we vary in skill alot
stiff egret
You can create an ALT account for that as well
nova tide
@ me if you want to compete?
stiff egret
'If anyone is new to koth and wanna start, DM me and we can play together' you can post msgs like this here.
keen shell
yea it's very decent stuff you are saying but i want the koth game to be like the best, with tones of machines and everybody to start fresh and have no prior knowledge of that
box
stiff egret
You can do that when any new machine is released π
keen shell
idk i think im just butthurt cuz stelarix kept king for 50 minutes without claiming any flags
stiff egret
That happens, get in the box and kick him!
delicate cedar
I think u can still do something since i don't patch anything
keen shell
yea i saw
stiff egret
Find methods to persist your shell then start patching and kicking others!
That's the fun of this.
keen shell
can i dm you to give me some hints about that box we played today? or if you have a writeup for that production box
stiff egret
Writeups for many boxes are public,
If you google around you are bound to come across them
keen shell
yea but production is exclusive to koth aka it's not on the learn tab
stiff egret
No, I meant on internet.
stiff egret
can i dm you to give me some hints about that box we played today? or if you hav...
Sure you can, I'll be of limited help since I am on phone rn.
keen shell
okay, can you tell me do you even know what box i'm talking about? that production box
stiff egret
I know production box in KoTH.
And you'll understand what I am saying if you google king of the hill writeups
keen shell
okay i will dm you cuz im about to tell spoilers
nova tide
okay, can you tell me do you even know what box i'm talking about? that producti...
Don't want to be rude, but do you even know whom you are talking to? 
keen shell
no, why, are you a divine being?
keen shell
okay, can you tell me do you even know what box i'm talking about? that producti...
it's relevant for me to know if he knows about that box since im going to talk to him strictly about that box, so it's a must that he knows what's that
dusk cave
Dude you should check out their profiles..
nova tide
||Check koth leaderboard||
keen shell
didn't really cared to check profiles, i just asked a people responded, idk what's so important if you are top 1 or never even played, if you know about the production box i will talk to you
nova tide
Ok i know production box, what questions you got?
keen shell
i will answer them myself since holmes spun up a box for me to test
nova tide
Good luck.
keen shell
ah so there was no problem, aparently somebody who got in the box deleted that cuz i did the exact same thing as i did earlier today and now its working
nova tide
random public game:
https://tryhackme.com/games/koth/join/f7e6685b1c6690aa37d6ac72
Starting in 3 minutes
stiff egret
might join kekw
nova tide
No you won't.
nova tide
random public game:
<https://tryhackme.com/games/koth/join/f7e6685b1c6690aa37d6a...
Carnage, starting in a minute.
keen shell
oh, you can join the room after it already started
that's a problem
lmao king time for 57 minutes, so 3 minutes to root
knowing the room before hand is like having walls in csgo smh
stiff egret
oh, you can join the room after it already started
I thought invite links not expiring after an hour was a reported and fixed bug?
Pinging the super user: @lusty portal
stiff egret
knowing the room before hand is like having walls in csgo smh
after that it becomes the battle to control the king file, whoever owns that, owns the game.
lusty portal
I thought invite links not expiring after an hour was a reported and fixed bug?
...
Let me add that in now, its on my to-do's but its so easy to implement.
stiff egret
:))
stiff egret
It'll be live sometime this weekend/poss early next
WoW that was fast, NICEE
nova tide
lmao king time for 57 minutes, so 3 minutes to root
actually it was less than 1 minute king, they reset it once.
delicate cedar
lusty portal
Speaking of KoTH, we have some new exciting boxes for it coming out next month
nova tide
knowing the room before hand is like having walls in csgo smh
Some people don't patch the machine but fight for king instead.
stiff egret
Some people don't patch the machine but fight for king instead.
it is actually a better way to win, as I said, own the king file own the game.
stiff egret
lmao king time for 57 minutes, so 3 minutes to root
also Naughty has like 90+ wpm typing speed, smh one of the reasons I can't beat him sometimes
keen shell
omg
i just killed my session and that was the only way i knew to get root and i patched it
nova tide
also Naughty has like 90+ wpm typing speed, smh one of the reasons I can't beat ...
Imagine having 60+ WPM
stiff egret
i just killed my session and that was the only way i knew to get root and i patc...
always, always, plant a backdoor before patching
keen shell
ah lol i didnt, actually if you are already root it also asks you to input password if you type sudo
didnt knew that
stiff egret
~~Imagine having 60+ WPM~~ <:kekw:658061932577816606>
my response is restricted because of PG13 policy of server
keen shell
i have a backdoor but it's as a user cuz aparently i cant passwd since im not root
but if i type whoami it says root lol
stiff egret
because you are not proper root, maybe with EUID of root and UID of user.
keen shell
yea maybe that's it, i still need to learn the real things about privesc i only know the surface level
nova tide
my response is restricted because of PG13 policy of server
I can write a paragraph before you can say anything π€£
nova tide
π
nova tide
*still I beat you*
took you an hour to type that π€£
nova tide
π€£
stiff egret
my system is asking me to let it go
nova tide
wrong screenshot?
stiff egret
kinda
final elm
i'm doing one koth machine .....i got ssh session but commands aren't working in it ....for every command it says
-bash: <command>: No such file or directory
stiff egret
If the KoTH machine is food, then it is intended, if something else, you need to set the PATH variable.
final elm
yes it's food
stiff egret
It is intended, check the PATH variable.
grand delta
am i supposed to get this ? i tried ftp twice and then this came
||or is it because i am trying Hydra on it !||
stiff egret
It's probably hydra. Which box is it?
grand delta
HACKERS
stiff egret
Yeah, it's probably hydra
grand delta
but now that i have the pass , how do i login
keen shell
if it's box related go to #room-help
grand delta
bro by box he means the machine
stiff egret
Hackers is a KoTH box, so he is in right place.
stiff egret
but now that i have the pass , how do i login
Is the hydra running?
grand delta
but now that i have the pass , how do i login
yup
but if i stop it and then try .... its the same
stiff egret
Give it a few minutes, it'll calm down
grand delta
ohk
fair adder
@rancid pewter :c
rancid pewter
Hey
fair adder
well u gonna bully me
rancid pewter
Hope you are all ready for some tetris
grand delta
nova tide
working fine for me:
https://tryhackme.com/games/koth/17000
grand delta
keen shell
well, since the bug isn't fixed and i can join an in-progress game
imma boot on linux and join you guys lmao
nova tide
your internet working?
rancid pewter
@nova tide Ssh onto the box
grand delta
it is supposed to cuz i am chatting in here
nova tide
<@!267010557889085440> Ssh onto the box
I don't want to
stiff egret
stiff egret
<@!267010557889085440> Ssh onto the box
.
rancid pewter
I don't want to <:kekw:658061932577816606>
Good old memories
nova tide
REEEEEEEEEE
rancid pewter
If anyone want to try out tetris ssh on the box myDonut:theDonut
nova tide
and get the root shell when you win the game
grand delta
If anyone want to try out tetris ssh on the box `myDonut:theDonut`
ok i am curious i am logging in
rancid pewter
Oupps my bad seem like when you win it doesnt spawn a shell
rancid pewter
Should work properly now
keen shell
well took me 30 minutes
but im logged in
well with 2 flags in the bag ends my journey, can't access find
rancid pewter
@stiff egret
rancid pewter
What is labyrinth ?
frail narwhal
mydonut > did you get in through the xxe?
rancid pewter
mydonut > did you get in through the xxe?
Nope got some saved ssh key
frail narwhal
okay
rancid pewter
I feel stupid now not sure what I was thinking
stiff egret
What is labyrinth ?
new koth machine which I was supposed to finish a week ago
carmine flame
@grand delta are you bgokjh?
carmine flame
y
grand delta
nah i am not
carmine flame
nvm then ^^
I just had a chat with him on the last 10 min of a koth game through echo pts and it doesn't seam like he is on discord lol
carmine flame
π₯Ί i always do this man
I mean, I might do that too from time to time xD
grand delta
i cant get the root now lol
carmine flame
you should always change the root passwd first lol
grand delta
no but i am a user
carmine flame
ah I thought you patched the machine
carmine flame
and you know what i mean by "patched"right ?
wdym then?
grand delta
carmine flame
how did you patch the machine without being root then?
grand delta
i was root ! > then i patched everything and then i killed myself
carmine flame
so when you were root you could've changed the passwd xD
grand delta
so when you were root you could've changed the passwd xD
eeyyy no i did that
carmine flame
???
grand delta
i changed the pass
carmine flame
so what's the problem?
carmine flame
ssh root if you also modified the ssh config file or su with a lower level user
grand delta
ssh root if you also modified the ssh config file or su with a lower level user
no no i am talking only if you have the pass for becoming root
then whats the command
for getting root
carmine flame
su
carmine flame
Y
grand delta
i thought i tried su
carmine flame
someone might have gotten root since then xD
grand delta
ah now i understand i changed pass for the shifu user ; man i am blind and a short time memory loss sufferer !!! gahh i am so messed up > i am sleeping bye
carmine flame
xDDD
grand delta
:))
carmine flame
There are like 3000 ways in on Panda ^^
grand delta
lemme delete that
carmine flame
xDDD I just can't
carmine flame
for sure ^^
molten wraith
what should my level be to start king of the hill ?
stiff egret
what should my level be to start king of the hill ?
Intermediate.
You don't need to DM. @finite turret
Any queries you have, you can ask here. Others will help too. :)
finite turret
Ok π
molten wraith
@stiff egret thanks
i got another question
is there is any way to connect to tryhackme openvpn except udp because udp is not supported in my country ?
quiet schooner
No, there is not
And we cannot help you bypass the openvpn ban as it'd be illegal
Use the attackbox
molten wraith
but hackthebox provide tcp connection
quiet schooner
but hackthebox provide tcp connection
Ok, but this isn't hackthebox
molten wraith
i know
light lake
any one up for some fun
https://tryhackme.com/games/koth/join/838459e371417d03634fa19b
fair adder
Okay
harsh obsidian
harsh obsidian
Anyone up for a game?
nova tide
public game starting in 10 minutes:
https://tryhackme.com/games/koth/join/a6164c8549a576e13c889543
grand delta
GG
compact viper
hy
fair adder
Hey, i have a question
what give the differents machines?
and my secound question is:
stiff egret
what give the differents machines?
explain that a bit more?
fair adder
for example did the Hogwarts machine will always have the same fails
fair adder
explain that a bit more?
what are their difference between them
quiet schooner
Hogwarts is a very dynamic machine
stiff egret
for example did the Hogwarts machine will always have the same fails
what do you mean 'fails'?
quiet schooner
It's different each time you play it
Fortune and Hackers have some dynamic elements
fair adder
what do you mean 'fails'?
flaws excuse my frenchglish xD
quiet schooner
Food, Production, Panda, and some others that I can't remember are not dynamic at all
fair adder
ok
stiff egret
If by 'flaws'/'fails' you mean vulnerabilities, then ofc, they can't change much. That's the point of having multiple machines in the pool.
fair adder
are their some "easy" machines
stiff egret
SpaceJam, Tyler are some of the easiest ones. Since you are a subscriber, you can start private games with specific machines π€·ββοΈ
fair adder
SpaceJam, Tyler are some of the easiest ones. Since you are a subscriber, you ca...
Tyler is easy, heck noo 
grand delta
Anyone?
nova tide
....
warm marlin
what level do we have to be to play KOTH
quiet schooner
1
warm marlin
im at 10 & it's showing you need to be intermediate & advanced !!
what level is intermediate ?
quiet schooner
1
sly atlas
You have to change it on your profile
dusk cave
someone up for some koth?
unique maple
hey is there a room where you learn how to play koth?
unique maple
ah thank you
deep wigeon
Heh, GL everyone. This will be my first KOTH
so how does this work? Break into systems and find flags, then patch to prevent other users from getting your flags?
quiet schooner
Within the rules, yes
Put your name in the king file
You don't have your own flags, you're patching the system to stop people removing you as king
nova tide
so how does this work? Break into systems and find flags, then patch to prevent ...
!docs koth
pearl gladeBOT
TryHackMe
nova tide
would be a good read ^
deep wigeon
that was awesome!
stellarix if you're in here good job
@delicate cedar good job mate
delicate cedar
Oh that was you?
placid trail
okay thanku sir !
deep wigeon
Oh that was you?
Yes
fair adder
@rancid pewter bruh
rancid pewter
Hello
rancid pewter
Good luck then
fair adder
rancid pewter
Nice
rancid pewter
I know. I think you can just hold the space bar and you will instantly win
fair adder
ye
rancid pewter
Old program I made last year it doesnt even compile anymore
rancid pewter
Idk if you saw what happen when you loose
rancid pewter
Try it
delicate cedar
Hmm, find another way to root then
grand delta
stopp
enough man π
anyway i donno how to break that e2f thing
nice script you got there btw
i copied it for future π
delicate cedar
Which script?
delicate cedar
I see
grand delta
why do you always have the error attaching to pid -38
delicate cedar
It's a bug
grand delta
oh
delicate cedar
That was the command that you input
grand delta
hows the other guy spawning shell everytime
delicate cedar
So it was you who killed my shell repeatedly π
delicate cedar
Hmm, I only did it for less than 30s
grand delta
nah it went for like 170 seconds
delicate cedar
Really? probably forgot to stop it
grand delta
LOL
delicate cedar
delicate cedar
grand delta
tell me one thing , how did you get root so fast , like dont you generate ssh keys
delicate cedar
You trying to show me the demo.gif but I can't see it 
delicate cedar
How's the gif look like?
grand delta
get in , i will show how π
delicate cedar
Okay
delicate cedar
I didn't see a gif
Don't use cat -_-
Just execute the gif then write it to my pts
grand delta
yes thats what i am doing
delicate cedar
. /dev/shm/demo.gif > /dev/pts/?
delicate cedar
Sub?
grand delta
substitute
delicate cedar
Really, let me try myself
grand delta
u sure ?
delicate cedar
Yeah π
grand delta
nah i am not believeing you π
delicate cedar
I'm serious
grand delta
but i dont want you to get the gif either , you can take benefit from it
π
i am kinda selfish
grand delta
then do that
for that you need pass
oh no you have key ig
anyway , get it and test , ( I AM NOT LETTING ANYONE IN )
π
delicate cedar
grand delta
nice
delicate cedar
Does your gif worked before?
delicate cedar
Hmm
delicate cedar
-_-
grand delta
tell me how did you get in
like i took 3 mins to get root
you took less than that
just give a hint
or put it a spoiler
delicate cedar
I'm on phone, the text is small and typo is unavoidable
grand delta
tell me how did you get in
delicate cedar
-_- who reset the box
delicate cedar
Me neither
grand delta
tell how did you get in the box to get root
delicate cedar
||find another efficient way to root besides uploading kernel exploit to the box||
grand delta
||its either that or tmux session which was patched||
grand delta
||what else||
grand delta
Anyway, no one gonna take the king?
yea
delicate cedar
Just put ur name there, so we can get in to recent game π
delicate cedar
-_-
grand delta
pl pl ,, you got efficient methods
delicate cedar
Hmm
grand delta
||as far as i could explore the box , you used those code and scripts to get in||
||i copied them but isnt that what i did , i mean i tried to get attched to the tmux session by using tmux -S /.dev/session attach -t 0||
delicate cedar
||it took me less than 10s just by using tmux||
||you just haven't fully explore the box||
grand delta
||@delicate cedar tell noe||
nova tide
Instead of asking from him, always better to try on your own.
grand delta
πΏ
grand delta
https://tryhackme.com/games/koth/join/d2b10032f9df2e708530d9a4
When I click on this link... It says I won and I dint even play today wth smh...
I shouldn't be there in that game
Is it showing the same for everyone
stiff egret
When I click on this link... It says I won and I dint even play today wth smh...
It's a known bug which is supposed to be patched later this week. The invite links don't expire, so if any game had only one player (meaning it didn't start) then if you join using the link, you essentially become the last player to join, and hence on rank 1 and so the winner.
grand delta
It's a known bug which is supposed to be patched later this week. The invite lin...
Tho it's a bug... And according to the bug I won, so will it also change in my leaderboards?? ππ
stiff egret
But why it crabed information of my browser
smh, explain a bit more, also when you open a link of some site in browser, the site uses it's cache that was saved on the browser when you used it last time.
stiff egret
Tho it's a bug... And according to the bug I won, so will it also change in my l...
No it will not, as the game you joined was never an actual game, as in there was no machine selected for it, and it ended as insufficient players. So it won't count.
P.S. the leaderboards only count the games where some points were gained by at least one player. So if the game ends with maximum points = 0, then it simply won't be counted.
delicate cedar
@nova tide I really wanted to see ur stream π©
nova tide
welp you did try to stream snipe me at the start
removing my binary you saw while watching
delicate cedar
It's literally shown in process list
nova tide
lets do another one π
just give me 5 minutes, trying to set up something
welp GG it was a fun game
@ me whenever you play again
delicate cedar
π« okay
worldly needle
green axle
:(
blissful kettle
Yes they're static
fair adder
what does that mean
blissful kettle
So it's possible but you're better off going straight for king
The flags don't change
They stay the same
blissful kettle
Eh i'm not entirely too sure but flag hoarding is a bit unfair for new comers to it
fair adder
k cuz me and my friend were like woah wtf just 10 seconds of koth and he has 6 flags
winged charm
I mean
Itβs not technically against the rules but itβs also just not cool
Weβre waiting for THM to provide the ability for autogen flags
delicate cedar
Hmm, when the new machine will be released?
Also, Is it only koth staff that can submit koth box?
stiff egret
The one is latest queue is getting delayed because the creator haven't completed it yet.
delicate cedar
The one is latest queue is getting delayed because the creator haven't completed...
And you are the creator
stiff egret
yeah
winged charm
nah anyone can create them for the most part
delicate cedar
most part?
stiff egret
Mostly
delicate cedar
Just an OVA?
nova tide
Hmm, when the new machine will be released?
Really soonβ’οΈ
stiff egret
Just an OVA?
Yeah.
green axle
Just an OVA?
you play cheating
I think that the passwords and flags are no longer static since there are players who start the game and already have the credentials, they remain as king and the others do not enjoy the game
At the time I played a game and the second it started there was already a king that's not fair
delicate cedar
you play cheating
What?
green axle
delicate cedar
Didn't break any rules -_-
nova tide
you play cheating
wat?
green axle
Didn't break any rules -_-
Sure you don't violate any rules but the players don't like that
delicate cedar
Sure you don't violate any rules but the players don't like that
I honestly don't like that either, when I first getting in to koth, players just went straight to the king but I get used to it.
Then what do players have to do when they already know the box? Waiting for other player be a king?
green axle
That is an issue that must be discussed with the admins so that the flags and passwords are not static
stiff egret
Passwords are not static in newer boxes, like Hackers, fortune, hogwarts etc
RE. flags, that's also in works, but no idea if it'll be implemented soon.
It's more of a site issue then boxes.
delicate cedar
Flags in binary is really a good idea
delicate cedar
It could be, like RE challenge
stiff egret
It is like that in one or two boxes. Keep in mind, the boxes are intentionally made easy so they are solvable in 1 hr time frame.
Adding some hard/medium RE challenges in the mix will kill the fun.
delicate cedar
Yes, it must be make to not really complicated
stiff egret
Although, there are some boxes which give root on RE challenges.
sick turtle
I would suggest encoded flags but one of the machines already have it
But more wouldn't be such a bad idea
delicate cedar
Although, there are some boxes which give root on RE challenges.
Isn't it more like pwn challenge?
stiff egret
π€·ββοΈ
grand delta
I honestly don't like that either, when I first getting in to koth, players just...
Exactly. Even I got to used to it now. Though thats no fair
quiet schooner
I would suggest encoded flags but one of the machines already have it
But then the flags are still the same each time
idle harness
im acc confused i join a koth game and Stellarix has rooted the box
i then go to another game and he rooted the box under 1min
is that even possible
quiet schooner
Yes
idle harness
damn must have good notes then
shrewd zinc
Iβm new to hacking what is koth
delicate cedar
!docs koth
pearl gladeBOT
TryHackMe
harsh obsidian
is it ok if someone got 6 flags after 10 seconds of the koth ?
I just needed the submission for daily streak. Didnβt do anything on the machine so it was still ready for anyone to take king
delicate cedar
Wow, someone really destroying the box
stiff egret
If anyone suspects that someone is cheating in a KoTH match, please email: koth@tryhackme.com.
Please include your game ID, username, username of the player you think is cheating, what they did / any evidence you have of them cheating.
regal notch
stiff egret
?
nova tide
It's shrek, that's possible.
stiff egret
Can be, but also consider the box, shrek is like one of the oldest ever.
regal notch
automated scripts not allowd in rules ?
nova tide
they are not.
regal notch
whatever the box is
regal notch
they are not.
The screenshot was late
nova tide
you can root shrek within a minute without automated scripts.
regal notch
rooting the box, changing the passwords etc ??
within a minute ?
I wanna know if changing the ssh password is permitted or not
nova tide
You get in the box, you change password, privesc and add your name in king file?
nova tide
I wanna know if changing the ssh password is permitted or not
it is.
nova tide
^
nova tide
last time, i heard the opposite from a koth staff
i doubt that.
stiff egret
Pretty sure no one from koth-staff would've said that changing ssh passwords are not allowed.
regal notch
awesome
delicate cedar
It's shrek, pretty straight box -_-
regal notch
umm okay
delicate cedar
We need more like this but for flags
stiff egret
Can you be a bit more specific?
delicate cedar
Although, there are some boxes which give root on RE challenges.
.
rancid pewter
We need more like this but for flags
Wait you are hacking on mobile ?
delicate cedar
If it can be done on mobile
opal pond
GG
robust raptor
ehy
crisp needle
Is anyone keen for a game of KOTH?
worldly needle
me
lilac geyser
im also down to play
broken loom
hlo
opal pond
Anyone down to play a game or two ?
fair adder
i cant connect to ramen ? is it normal ?
opal pond
i cant connect to ramen ? is it normal ?
π