oh no , π¦
#koth
stiff egret
can't gotta sleep, 2:15 AM here :(
ebon heron
you are lucky this time
stiff egret
all the best
dapper yew
whats wrong ?
ebon heron
you are fast
dapper yew
my fingers are frozen here ;
ebon heron
its snowing out side
dapper yew
i am surviving on heat of laptop
stiff egret
dapper yew
π
dapper yew
π
stiff egret
Which machine is this?
ebon heron
food
stiff egret
ah, nice, all the best π Imma go sleep.
ebon heron
have a nice dreams
dapper yew
have cold dreams
stiff egret
π
green axle
ebon heron
we need good players https://tryhackme.com/games/koth/join/fcbb652db217d35694a2b2e0
like sniper
dapper yew
π bro food has sl installed , dang .
dapper yew
if its hogwarts , i am exiting . i havent even solved it once
i mean i never got the chance to play it
ebon heron
i was trying to find how to solve
but i cant find anything
i didnt undersatnd
understand*
sniper are you using split screen?
dapper yew
nope.
sonic belfry
https://tenor.com/view/hacker-typing-busy-ruining-gif-11563231
The typing banana is classic.
green axle
The typing banana is classic.
Yea π
harsh obsidian
π bro food has `sl` installed , dang .
How did I never see that?!
nova tide
How did I never see that?!
You mean you never mistyped ls? π
dapper yew
ππ James , you created food box uh? Or you modified it?
harsh obsidian
You mean you never mistyped ls? π
Apparently not on food
quiet schooner
ππ James , you created food box uh? Or you modified it?
I created it
Hackers and Food
stiff egret
Apparently not on food
that's some big haxor sign
harsh obsidian
that's some big haxor sign
Lol
harsh obsidian
that's some big haxor sign
food says sl not found π¦
harsh obsidian
you in the shell with PATH removed
no, i ....... account for that
stiff egret
π€
stiff egret
candid geode
Is anyone else experiencing long machine boot time at the beginning of games? Sometimes, machines like Hogwarts and Offline takes about 15-25 minutes to fully become available.
stiff egret
Offline is windows machine, hence slow boot times
regarding Hogwarts, it's different, so it's not actually booting slow, but the port scanner that you are using is dropping packets to speed up the scanning
to check if it's booted, always scan for port 22.
if that's open, then chances are everythingis
candid geode
Yeah, that makes sense, thanks.
stiff egret
to check if it's booted, always scan for port 22.
that is specifically for Hogwarts, and not a general advice
ebon sleet
koth someone?
dapper yew
@stiff egret just a reminder regarding the hacker of the hill , any updates ?
stiff egret
I got the info, just confirming rn with skidy If I can post that here.
dapper yew
π π
stiff egret
@dapper yew Just confirmed with skidy, there is a detailed post to be released soon. If there's nothing by tomorrow, I'll post the info here. :)
dapper yew
thanks holmes π
nova tide
<@!804990978728394752> Just confirmed with skidy, there is a detailed post to be...
gib labyrinth
nova tide
i don't believe you anymore.
stiff egret
me too
nova tide
you are getting lazy day by day.
stiff egret
me too
dapper yew
you are getting lazy day by day.
stiff egret
candid geode
What should I do if someone kills the services on all ports?
candid geode
What should I do if someone kills the services on all ports?
Any suggestions?
quiet schooner
Report them
candid geode
Report them
How do I do that?
quiet schooner
Check the pins
candid geode
Check the pins
Alright, thanks.
last ether
I didnt kill the services by the way
π
Just playing the same way you do
@candid geode
candid geode
I didnt kill the services by the way
Then what did you do the ssh service?
last ether
It is available
candid geode
I can't even scan for it.
last ether
And there are many other ways to get onto the machine
Send them the room id if you think I am not following rules
candid geode
The website backdoor is also down.
last ether
That was just working for me
stiff egret
Spectate link?
candid geode
That was just working for me
stiff egret
Really, it'll be a lot helpful if you'll just upload the game ID here
last ether
nova tide
Removing that whole folder doesn't count as patching.
last ether
I was getting kicked out in nano seconds
dapper yew
I was getting kicked out in nano seconds
right , that happens with me too . he uploads a kill script when hes in .
last ether
So I actually just copied the index.html from the parent directory into the backdoor folder
dapper yew
can you share the joining link
dapper yew
wow this is about to end
candid geode
wow this is about to end <:kekw:658061932577816606>
I don't think the match has even started yet.
stiff egret
Here's a free advise/method I use in these scenarios:
You send commands using this method, you won't have a Process ID, so you can't be killed.
candid geode
Here's a free advise/method I use in these scenarios:
```ssh -i id_rsa user@IP '...
It works well.... until they delete the .ssh.
stiff egret
Or password.
hazy geode
It works well.... until they delete the .ssh.
π€£ π€£ π€£ π€£
tidal juniper
Hello everyone loves to play on TryHackMe especially KoTH, I just played KoTH but there are some tricks that I don't know yet like what is using urandom for? and how do i do that?
candid geode
Hello everyone loves to play on TryHackMe especially KoTH, I just played KoTH bu...
Players usually output the contents urandom into some else's screen.
cat /dev/urandom > /dev/pts/<number>
tidal juniper
means it will pop up random characters that fill people's terminal screens? and how to find the number of pts?
stiff egret
You can google details about that, but for a start, you can find the PTS by typing, who command.
tidal juniper
Nice, thanks for help! @stiff egret @candid geode
but how to prevent such urandom attacks?
login with command ssh -t?
stiff egret
As I said, research, google around. There's also a blog on tryhackme related to this.
tidal juniper
okok thanks before
candid geode
candid geode
https://tryhackme.com/games/koth/19051
5 minutes.
stiff egret
Post the invite link, no one can join with this link
ebon heron
holmes dada
candid geode
Sorry, I used the wrong one.
ebon heron
kill him
stiff egret
not playing lol,
blissful kettle
https://tryhackme.com/games/koth/join/8b4bd709a409adfbf11d60e2
How long left til starts?
candid geode
How long left til starts?
I could extend it, if you want.
blissful kettle
Nah it's fine
oof Offline
never done this one before
Now have to wait a bit cause Windows 
blissful kettle
Yea I just cba now I setup my vm then closed it
Too hot in my room for me to concentrate
candid geode
Wait, you are king now, when did you come in?
stiff egret
haxor
ebon heron
how
stiff egret
lmao really?
blissful kettle
Yea
blissful kettle
Well your king again well that was weird
Have I found a secret way to win KOTH π
stiff egret
lmao
blissful kettle
Unless you changed my name and are tricking us
candid geode
The flags are so easy to find on offline.
candid geode
guys is there chattr for windows?
icacls?
candid geode
I never tried it though.
candid geode
It comes installed.
ebon heron
yes
im trying to figure
out how it works
yeah i found it
to lock file
cacls <Folder Path> /P everyone:n
to lock folder
cacls <File Path> /P everyone:n
candid geode
I tried it and it also works.
ebon heron
to lock file
candid geode
icacls "C:\Users\Administrator\king-server\king.txt" /deny everyone:(DE,WD,AD)
I did this.
candid geode
More windows boxes.
stiff egret
change passwords π€·ββοΈ
candid geode
how i can disable other players to join the windows box
Task manager > users > disconnect.
ebon heron
ohh thanks jiakang
brazen cloud
#koth message omg that picture -- the background has the grids on it ewwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
brazen cloud
Wait I'll delete that before I create even more work for myself
stiff egret
brazen cloud
Oh no
brazen cloud
I have created an issue that wasn't an issue
stiff egret
I am guessing your response is restricted due to PG13 policy of this server
stiff egret
I have created an issue that wasn't an issue
I'll add that line to my resume
stiff egret
I have created an issue that wasn't an issue
@terse willow ^^ #764491023127674910
dapper yew
anyone wanting to play ?
stiff egret
I can actually play one game. π€
dapper yew
I can actually play one game. π€
uh , till when you awake ?
stiff egret
this long
dapper yew
1-1:30 hours . lets just wait for 30 mins . if more joins , let's play . 2-4 people is not fun .
stiff egret
agreed
dapper yew
if anyone down to play , please message here π
opal dove
ye, same here
I really need to improve it generally
feel like koths are a good way of doing that
stiff egret
not much in koth for windows, only one machine at the moment.
opal dove
you make it sounds like there's plans for more π
stiff egret
I don't wanna leak too much, but if I am right, there will be more machines before feb ends.
stiff egret
huh?
dapper yew
you won an eJPT cert attempt
who won
dapper yew
as expected
opal dove
there's nothing this man doesn't win
stiff egret
I literally had no idea
dapper yew
I literally had no idea
did you do the room ?
harsh obsidian
it was hard and fun af
Which room?
stiff egret
The great escape
harsh obsidian
Nice!
stiff egret
It's actually an interesting machine, you don't/cant' get a shell except in the last part when AFTER you become root
harsh obsidian
It's actually an interesting machine, you don't/cant' get a shell except in the ...
Wait, so you get root before you get a shell?
stiff egret
yeah, the only shell you get in the end, it's of root
harsh obsidian
yeah, the only shell you get in the end, it's of root
That's awesome!
stiff egret
and it was a pain, because I didn't know that
so I tried every damn reverse shell there is to get a shell
opal dove
@stiff egret you could use the ||api|| to get a shell btw
stiff egret
||the 8080 api was running the commands in the internal docker||
stiff egret
pm, I can try and show you if you want?
sure, if you can send me the commands, I'd love to test them out
opal dove
what about the ||docker daemon on 2375||
stiff egret
what about the ||docker daemon on 2375||
that is after you get root
stiff egret
||oh, what I did was, ran the docker priv esc command directly on that port, so the shell I got was root mounted shell||
opal dove
ahh right, yeah
so you basically just ignored getting a shell
that's what I did as well
stiff egret
do you want me to try and live stream it?
uh, I don't think I can join, about to shut everything down, done for today
stiff egret
so you basically just ignored getting a shell
yeah, once I realised that this is it
stiff egret
oh yeah, def, didn't try that, but it is clearly possible
opal dove
you needed the docker *container name as well
opal dove
I can get the exact command for you if you want it?
opal dove
you needed the host in there as well I believe
stiff egret
yeah, ofc
opal dove
but yeah, it was pretty basic docker escape
I think it's common to use an exposed docker socket to do it
so I had never done it with the daemon before which was cool
stiff egret
yeah, exactly, escaping was easy, but getting to the point where you can see what you need to escape was hard
stiff egret
so I had never done it with the daemon before which was cool
I've been testing that out recently for the new box so actually used that a week ago
hence it clicked
stiff egret
you'll see, one of these days, I'll make enough coffee to last me for 24 hours, and next day new machine will be released
opal dove
well, maybe not for someone who's operating on you
candid geode
if anyone down to play , please message here π
I want to play, if you still wanted to.
candid geode
https://tryhackme.com/games/koth/join/b86ddef9cc85c5d98b92d1d7
Here is a link.
candid geode
Gosh, I didn't realized you joined.
candid geode
Here's another match.
https://tryhackme.com/games/koth/join/8cd6c0064322e323628e324c
opal dove
ah I'll probably sleep soon
I just wanted to make sure it wasn't just you playing
try reclaim it
candid geode
ah I'll probably sleep soon
Alright then.
tidal juniper
https://tryhackme.com/games/koth/join/4fcbc1d335a13376fd111f04
oucchh windowsπ©
fair adder
https://tryhackme.com/games/koth/19112
Spectator link?
candid geode
dapper yew
@nova tide totally not stream sniping
nova tide
if you go on your stream and see which people are watching, i am not one of them
short tusk
(Also, if you are streaming KOTH, you should be in the KOTH VC)
nova tide
i have seen your persistence backdoor a thousand time already
if you remember i stopped it once before
Also watching THM's kid stream not yours
that's the most common back door π€·ββοΈ
candid geode
opal dove
@nova tide did you ever get that rootkit up and running
nova tide
i don't have rootkits.
stiff egret
There's a 65536 port for the koth-leads
nova tide
never needed one
nova tide
There's a 65536 port for the koth-leads
stop telling everyone my secrets.
dapper yew
holmes π
stiff egret
πππ
nova tide
now they know how i have root shell that fast.
stiff egret
Hey @dapper yew
stiff egret
now they know how i have root shell that fast.
but they don't have that superVPN that can open port 65536
nova tide
but the password for root is in rockyou so they might be able to bruteforce it
harsh obsidian
@candid geode you know you're not allowed to kill ssh altogether, right?
candid geode
<@!510116322722447360> you know you're not allowed to kill ssh altogether, right...
I didn't kill ssh.
harsh obsidian
someone sure did
candid geode
I also can't seem to use it as well.
Just use a reverse shell and hope no one kills it. That is what I am doing.
candid geode
Just use a reverse shell and hope no one kills it. That is what I am doing.
Nevermind, someone closed the port.
candid geode
someone sure did
I think this is the problem.
stiff egret
Someone messed up with stuff, report and reset.
candid geode
nova tide
I think this is the problem.
spacejam?
stiff egret
Ah it's the || chroot||
nova tide
someone did mess up with the service though
fair adder
who is Jack Napier
candid geode
who is Jack Napier
Random guy on Koth.
severe cloak
who is Jack Napier
Hey! Iβm new to koth, so have me excused if I do something weird. Having fun so far tho!
fair adder
Nah it s ok
glacial mantle
anyone available for a KOTH?
gritty tapir
last ether
It says there are only two flags. But I think there is an elite in the game. Is that a bug or what?π
stiff egret
It's a known bug, I'll keep an eye on the user, being first time, I am presuming it happened accidentally, it repeats, then the user is getting a warning.
stiff egret
Please ping anyone in koth-staff if you see the same user doing this again :)
last ether
Hey abood
stiff egret
π uh hey abood
stiff egret
google can help more then I can, Also I am half asleep
ebon heron
kaz any ideas?
last ether
Nice little chat we had
last ether
Busy box is just an executable that provides for other binaries
last ether
you teach her how to hack
Of course
harsh obsidian
anyone else having issues getting on to THM or is it my local network acting up?
normal arch
dapper yew
no one joined ^^ one , i am going AFK π
twin obsidian
anyone who knows how to fix this? The game is done now, but would like to know how to write into the king file for my next game.
opal dove
smells like chattr to me :(
ebon heron
there is a machine
sorry box
to echo your name to king
not > >>
echo vistimalik >> king.txt
i dont remember the machine
ebon heron
i dont remember
nova tide
anyone who knows how to fix this? The game is done now, but would like to know h...
Read the blog post. Check pinned messages
twin obsidian
Read the blog post. Check pinned messages
thanks, i think it's the noclobber, cuz tried chattr and it that didn't work
nova tide
thanks, i think it's the noclobber, cuz tried chattr and it that didn't work
They might be running chattr in a loop.
broken jackal
ANYONE WANNA PLAY KOTH?
nova tide
ANYONE WANNA PLAY KOTH?
sure
broken jackal
sure
Hehe join
i mean
i am doing this for the first time
so idk if you have to make a room or something i guess you can just join the public room
@nova tide
nova tide
Just join the public game.
Also for more info about koth read the koth docs and blogpost
broken jackal
I am already in a public room
nova tide
!docs koth
pearl gladeBOT
TryHackMe
broken jackal
@nova tide i am that deku773
Oof it is all well and good but how tf are we gonna protect the machine xD
nova tide
Oof it is all well and good but how tf are we gonna protect the machine xD
- PG13
- Read the blog post/docs.
broken jackal
1) PG13
2) Read the blog post/docs.
okay
broken jackal
1) PG13
2) Read the blog post/docs.
can we encrypt the main king.txt after adding our name?
stiff egret
As long as the file is readable, you can do anything with it.
broken jackal
Ohh okay
you mean i can hide it and do whatever i want the user just have to find it right?
stiff egret
NO, the name and location of file should remain '/root/king.txt'
broken jackal
ugh okay then
stiff egret
Please do read the rules before you start
stiff egret
nova tide
??
broken jackal
i can't even get the reverse shell
i mean
you got into the pc right
how did you even did that
i cant even get a little of command execution xD
well amma noob
stiff egret
he is streaming in #koth-voice-chat @broken jackal
delicate cedar
@stiff egret Can I dm you?
stiff egret
Sure
nova tide
how did you even did that
sorry i was in vc, didn't saw your messages here
nova tide
yup
dapper yew
@nova tide what was the last root pass you put .
nova tide
<@!267010557889085440> what was the last root pass you put .
what?
nova tide
You need to figure that out on your own π
dapper yew
ayy , cmon games over . π¦
nova tide
Can't really tell you, i'm used to use that in every game π€·ββοΈ
stiff egret
it's not like he can crosscheck
nova tide
oh right
dapper yew
*it's not like he can crosscheck* <:kekw:658061932577816606>
i tried like 40-50 passwords , manual brruteforcing with brain
dapper yew
it cant be
nova tide
i was trying to change back that to the old shifu password π€·ββοΈ
stiff egret
it cant be <:kekw:658061932577816606>
i know, Naughty is lying, correct password is 'tryhackme123'
dapper yew
but whatever you tried to replace it with something very small
oh ya i dint try this
i was sticking behind his name
nova tide
i know, Naughty is lying, correct password is 'tryhackme123'
stop telling everyone my secrets 
stiff egret
now we might even post the correct password and you won't know @dapper yew
nova tide
now we might even post the correct password and you won't know <@!80499097872839...
He's already making a wordlist of every word you are typing atm
stiff egret
lmao
nova tide
ofcourse you are not, you are 0x5
dapper yew
ofcourse you are not, you are 0x5
i dint mean that . its a password for something . π get hints .
nova tide
π€·ββοΈ
broken jackal
@nova tide oof you are soooooo good in this how did tou learnt?
broken jackal
OwO okay
candid geode
https://tryhackme.com/games/koth/join/4e9b19e9a578bdf08c907065
It's going to be a crazy battle, so many players.
candid geode
And imagine that being space jam.
candid geode
Voice chat anyone?
I am in class.
last ether
π₯
candid geode
The machine is tyler, great.
candid geode
Who removed the narrator user in https://tryhackme.com/games/koth/19188 ?
last ether
@candid geode you can still get king
last ether
<@!510116322722447360> you can still get king
I havent set up any persistence
candid geode
The whole directory is gone, alongside with the flags.
candid geode
The whole directory is gone, alongside with the flags.
Or is it just me?
Wait, nevermind, I can see it now.
last ether
nova tide
The whole directory is gone, alongside with the flags.
Make sure you are not in chroot
dapper yew
spectator link ? match seems smoking .
candid geode
Make sure you are not in chroot
I made sure that, not sure what was the issue.
dapper yew
i dont understand why half of them go AFK ,
last ether
Other commitments? π€·ββοΈ
dapper yew
another game ? now ! vm booting .
candid geode
New match here:
https://tryhackme.com/games/koth/join/5be736d396fcc4747d2f50fb
dapper yew
put a spectator link , i will join at last if more people are there.
candid geode
It's starting in like 1:30 minutes
dapper yew
oh , i will join next one . i am setting up tmux .
candid geode
candid geode
oh , i will join next one . i am setting up tmux .
Here's the next one:
https://tryhackme.com/games/koth/join/0dcc09e8103512543b4ace31
obtuse heart
Ok
dapper yew
@candid geode did you just patch that ?
candid geode
<@!510116322722447360> did you just patch that ?
Patch what?
dapper yew
i just found something amazing ,thanks for patching everything .
candid geode
i just found something amazing <:kekw:658061932577816606> ,thanks for patching e...
Howdy?
dapper yew
?
dapper yew
uh no , i am not even there on the box .
candid geode
Oh okay, nevermind.
dapper yew
whoevers in my game , whats with the resets .
blissful karma
lilac basin
someone for koth
ebon heron
is deleting users at koth legal?
harsh obsidian
is deleting users at koth legal?
!docs koth
pearl gladeBOT
TryHackMe
winged charm
I mean
Itβs not expressly stated
You should really look at other options as there are far better options
harsh obsidian
gg @lilac basin
lilac basin
ahahha
uneven sedge
is deleting users at koth legal?
I'd assume no, as that disrupts the normal operation of the server
Might need a referee on that though
lilac basin
bruh when i was connected to ftp i tried to switch dir with cd .. but it remained the same so i was blocked ahahhaha
harsh obsidian
bruh when i was connected to ftp i tried to switch dir with cd .. but it remaine...
lol
dapper yew
anyone koth ?
harsh obsidian
anyone koth ?
dapper yew
uh , if you told a bit earlier , i wouldnt have started room 
harsh obsidian
uh , if you told a bit earlier , i wouldnt have started room <:blobknife:6896265...
If you have folks in your room, I'll just leave this one. it's just me
dapper yew
lets play once i do this room @harsh obsidian will ping you π
harsh obsidian
lets play once i do this room <@!692486061762543718> will ping you π
Okay. There's 17 minutes until this KotH kicks off
fair adder
anyone up for a game?
fair adder
can i dm you?
ebon heron
ofc
dapper yew
is redirecting traffic from port 9999 allowed ? its not mentioned in the rules .
stiff egret
Port 9999 is out of scope, means nothing related to 9999 should be messed with
quiet schooner
...
peak oriole
is it on?
harsh obsidian
Oof, there are new machines.
Hell yeah!!
candid geode
I feel like they are harder than the old ones.
sick turtle
Been trying to find a flag this morning π¦
candid geode
I finally found a flag after 40 minutes of going around the box.
sick turtle
Yep, looks like I've a lot to learn
candid geode
I found several ways of entering the box.
sick turtle
which one?
vocal shell
i was in the box the entire time ._. i didn't find a way to privesc or find any flag
vocal shell
what did you grep
candid geode
grep -R "THM{" /var/www
candid geode
The flag was in www.
vocal shell
|| did you see the txt file on how to privesc ||
candid geode
|| did you see the txt file on how to privesc ||
What txt file?
vocal shell
|| i think it was like topsecretprivescmethod.txt ||
it was gibberish for me like unicode characters
i spent 50 minutes just trying to privesc
sick turtle
Can't even get a shell 
harsh obsidian
lol
Public game starts in 15: https://tryhackme.com/games/koth/join/59b7db5bfec642f57faba3f8
trim marsh
A quick question, H1 Easy is part of the KOTH? i.e. other users may mess up configuration?
harsh obsidian
has anyone managed to get all eight flags on panda?
dapper yew
has anyone managed to get all eight flags on panda?
naughty , he has 7 . ( stored in the cherry tree )
candid geode
has anyone managed to get all eight flags on panda?
Grep the whole machine.
harsh obsidian
Grep the whole machine.
tried that. it takes longer to do than the hour we get
dapper yew
Grep the whole machine.
you really cant search for flags in panda , you dont know its name , also it doesnt have any "THM" as prefix .
harsh obsidian
you really cant search for flags in panda , you dont know its name , also it doe...
yeah, i tried it with regex, but still takes too long
dapper yew
i wish we could exclude the stuff . like we know that the flag isnt in x directory , then it would be much easier
harsh onyx
Is here the correct place to chat about Hacker of the Hill?
vocal shell
@harsh obsidian did i kick u out ?
harsh obsidian
<@692486061762543718> did i kick u out ?
I haven't found another way on that box so i'm gonna head to another while i think of other ways
fossil jackal
harsh obsidian
peak echo
Joined π
harsh obsidian
sweet
harsh obsidian
it's a lot of fun. can be frustrating as you look for initial footholds. just make sure you enumerate subdirectories and look at versions and look at ALL ports. just make sure you leave port 9999 alone always
fair adder
im doing space jam and patched it by changing port to start again i did node server.js but it doesntl let me use the terminal
how to i fix that?
peak echo
#room-help/hints
lusty crown
Is there a new koth machine called "tyler"???
i just subscribed yesterday and saw that in the koth section......
stiff egret
Tyler is there from the beginning.
The table size on site can only latest 10 values, hence tyler isn't visible there.
fair adder
https://tryhackme.com/games/koth/19371 is not working well
only 2 open ports
22 and 9999
fair adder
ik
stiff egret
If port 22 is open, that means the machine is perfectly fine.
fair adder
there should be port 21 and port 80 opened
stiff egret
No
fair adder
i did -p- at first
stiff egret
there should be port 21 and port 80 opened
there is no port 21 open on the machine.
stiff egret
:) No probs
toxic thistle
Join the koth starting in 9 minutes
stiff egret
Usually sending the invite link here is helpful.
stiff egret
Ah, all the best :)
candid geode
Has anyone figured out and managed to root the 3 machines yet?
stiff egret
I don't think so.
last ether
Has anyone figured out and managed to root the 3 machines yet?
Easy is rootable
steel herald
I only entered one flag is that normal?
stiff egret
Hey, It's a known bug.
ebon heron
someone start wall loop
dapper yew
is there like a partiucalr container for breaking out and getting root . in the hard box .
candid geode
I have a question. Are the machines from https://tryhackme.com/room/hackerofthehill , the same machines Koth used?
dapper yew
I have a question. Are the machines from https://tryhackme.com/room/hackeroftheh...
yea
candid geode
these new machines are hard
Yeah, I found multiple ways of getting inside, but havenβt a way to gain root access.
winged charm
avoid spoilers mates
stiff egret
Private or public?
last ether
Public
stiff egret
π
All of my backdoors will break if one day THM decided to tell everyone to regenerate their vpn configs
last ether
π€£
stiff egret
ah damn
stiff egret
delicate cedar
@stiff egret Is there a difference between the hoth challenge box and the koth one?
stiff egret
no
delicate cedar
oh
last ether
Why are we resetting?
stiff egret
Def not me
stiff egret
one less l in kill
last ether
π
last ether
what is core.d?
stiff egret
π€
last ether
sdDSFSDsdDSFSD
Frustration
stiff egret
yeah guessed that much
stiff egret
<@!580609268261191680> bro I have a lot to learn from you
:))
ah damn
that was so so close
I was AFK dmanit
last ether
Are you still in the machine?
last ether
I was AFK dmanit
Lol
stiff egret
I was, but went to do some work
stiff egret
ay it was a fun match
stiff egret
also, you can add -ia in one argument
last ether
Ah
stiff egret
doing that in 2 commands slows it down
stiff egret
last ether
π€£
dapper yew
rooting the hard one is pretty hard , tho i have a nice ssh shell
@stiff egret is it completely docker based and requires a docker privsc , ?
stiff egret
rooting the hard one is pretty hard , tho i have a nice ssh shell
ah nice
stiff egret
<@!580609268261191680> is it completely docker based and requires a docker privs...
I honestly have no idea, I am aiming to solve it first.
dapper yew
I honestly have no idea, I am aiming to solve it first.
aiming to solve what ? the hard one ?
stiff egret
yeah
dapper yew
whered you reach
stiff egret
the windows one?
dapper yew
mhm
stiff egret
no
stiff egret
eh, I am very bad at windows, been practicing windows hacking from last week,
dapper yew
btw , are these machines gonna remain forever in koth ?
stiff egret
yeah
stiff egret
yeah, they are permanent addition to pool, asleast as far as I know
dapper yew
i am excited for first koth in these boxes . πΆ
stiff egret
just played one in h1-easy
dapper yew
oh . there are many ways in that box !
stiff egret
3
dapper yew
its kinda hard to patch everything while playing koth
been working on a script to patch all 3 at once .
delicate cedar
hmm, auto patched script
dapper yew
uh no , not exactly , it should be done manually , but yea its a script π
runic breach
damn that hard box is hard
opal dove
if it makes you feel better
in the hour that it was streamed when it first came out
I believe only naughty got a shell, and that was it
stiff egret
been working on a script to patch all 3 at once .
Uh, please read the rules.
Rule 7.
candid geode
toxic thistle
The current lion machine is up for like 30 seconds then go down for 30 seconds on repeat. Anyone else have that problem?
stiff egret
Vote for reset? If everyone/anyone else is also getting the same issue, then they'll vote in too.
If not, then you know it's probably not for all
toxic thistle
Yeah, I'm the only one who voted for it so it might just be me.
nova tide
Going home.. Won't be able to for the rest of the week.
candid geode
Finally, I have properly rooted easy.
candid geode
Finally, I have properly rooted easy.
That took longer than I expected.
candid geode
I have rooted the hard box
mint girder
Sorry
didnt mean that in response to you
The flags are missing
So wanted to ask in here
opal dove
yeah @mint girder I think szy had the same issue
ebon heron
I have rooted the hard box
is it hard
candid geode
jiakang what about you
I just started the medium one.
dapper yew
i rooted the hard one , finally
opal dove
ayyy nice
@candid geode @dapper yew you down for a chill koth and vc?
haven't done one in a while
dapper yew
i am down , ofc , so happy π
dapper yew
yea .
opal dove
@dapper yew ready when you are
opal dove
we can always do a calm warmup
dapper yew
lets play hogwarts box
opal dove
have you got vip?
dapper yew
uh no . i thought you had it ! lol
opal dove
nah mine ran out :(
we can just start a couple and see if we get a good machine
one of the new ones or hogwarts
dapper yew
fine , but if its a medium box . i cant play , havent rooted it yet
dapper yew
yea np , lets root it
opal dove
join vc :)
dapper yew
but , i dont really talk sorry . i will stream
fair adder
koth anyone?
opal dove
sure, but can only play for tops 10 minutes
fair adder
ok
fair adder
sure, but can only play for tops 10 minutes
join the vc when ready or just ping me when your ready
wooden bluff
last ether
Same one buddy π
pale mulch
Hey, closing ports is not allowed right ?
ebon heron
i rooted the hard one , finally
well done
candid geode
There are so many ways of entering the Medium box.
stiff egret
IIRC there are 3 ways each machine (hackerone ones)
fair adder
with all those writeups, koth is just who is reading the writeup faster, koth just has 0 fun
candid geode
with all those writeups, koth is just who is reading the writeup faster, koth ju...
Yeah, some players just search for writeups online instead of doing the machine themselves.
stiff egret
There's a part, that says, defending the machine. You don't just have to hack, but patch too. I don't remember those writeups showing how to patch.
fair adder
Yeah, some players just search for writeups online instead of doing the machine ...
exactly, that sucks, if there would be new machines with 0 writeups on the web, that would be awesome
stiff egret
Really mate, did you see the announcement? There were 3 machines released in last 3 days.
fair adder
im talking about the other ones
quiet schooner
At the end of the day, people have notes on the machines. Writeups do more to level the playing field that they do to cheat.
last ether
with all those writeups, koth is just who is reading the writeup faster, koth ju...
You are in a game with me. I can assure you I rooted the machine myself and haven't patched much. Still got hope buddyπ
candid geode
You are in a game with me. I can assure you I rooted the machine myself and have...
What machine is it?
candid geode
Yep, that machine has lots of ways in.
stiff egret
All machines have a lot of ways in. Really it's the game of defending more then it is of hacking in. The machines are made in such a way that they are usually hack-able in 10-20 minutes.
fair adder
You are in a game with me. I can assure you I rooted the machine myself and have...
wasnt talking about you
last ether
I was just giving you a chance to have fun. Cause you said KotH is 0 fun. π
ebon heron
*All* machines have a lot of ways in. Really it's the game of defending more the...
thas true maybe you can get in but you cant defend
candid geode
20 minutes before it begins.
last ether
@candid geode good game bro!
haughty cypress
New Game? https://tryhackme.com/games/koth/join/3ce32ada9a37f72186c7ad98
Never played koth before, but I will join
candid geode
My VM just froze. Maybe you might have a chance.
candid geode
The machine got a reset.
candid geode
3 minutes before it starts.
candid geode
I will probably get destroyed.
candid geode
Ah crap, it is the H1: Medium.
stiff egret
nonono
dapper yew
i havent solved this yet
candid geode
i havent solved this yet
Neither have I.
last ether
I havent solved it too
candid geode
Gotta improvise.
stiff egret
wanna start another?
last ether
Yeah
stiff egret
EXITED OUT, sharing another link
last ether
Cool
dapper yew
EXITED OUT, sharing another link
how to exit
dapper yew
wait , i could submit 1 flag , i have it stored .
candid geode
wait , i could submit 1 flag , i have it stored .
Easy win then.
stiff egret
nice
stiff egret
another reason to use clipmanager
last ether
How much time left for the game to start?
dapper yew
the helen user , i have it but its the backtothm
stiff egret
stiff egret
wish I could, but nope
get a shell, get one flag and get it over with
the foothold wasn't that hard IIRC
dapper yew
wish I could, but nope
skidy said if you give him THM flags , he will give backTOthm flags , what if i give him backtothm flag π€¨
will i get back THM flag ?
candid geode
It is tyler again.
fair adder
One Quick question
If one's get root access to the easy one and he changes the owner and group of that file...then there's no other way possible to get root
Am I right?
And changes the perms too
stiff egret
Most probably
fair adder
Thanks
candid geode
Did the machine just freeze?
candid geode
I can't move.