#koth

The loop I m using is one liner

ahh smort

How did you hacked the machine??

I saw attack.sh

the attack.sh was a script to gain a root shell

and all i did was manipulate the ports to find creds

Which vulnerability did you used??

Demm pwfeedback

nvm not that one whoops wrong one

Woah! I don't know about this

Cool thanks

lmfao you removed sudo noice

Hi

You know

The exploit you used from saleem rashid

yeah

It is a not a local exploit

yeah i realised that

You can use it directly to go to root

Yeah! I was confused for a bit

I thought you shared another exploit

i was stupid lol

Umm! Naah

I just learned about chattr from you lol

😆

it took me a while to even remember the chattr syntax

Lol! I just deleted chattr

yeah i saw you deleted chattr and sudo, smort moves

And then downloaded it again to unset king.txt

Then again deleted chattr

I was like wtf am I doing

Bro but it was amazing thanks

np ❤️

do you see the messages when i use wall?

Yess

hahaha

I was thinking that what is this ! I saw that for the first time lol

I was killing your shells

Umm! Were they getting killed on your side??

nah

i have a stable one now

with ssh

Demm

i found pasta's creds

I was wasting my time lol

Woah! Where??

Ooo I haven't saw that

But that's great 🔥🔥

the "pneumonoultramicroscopicsilicovolcanoconiosis" or the binwalk stuff

Okay the loop!

lemme guess it was just something simple like echo "playgue" >> /root/king.txt | <some command>

Yeah something like this

While true; do echo playgue > king.txt ; sleep 1;done

Credits as usual @Lammm#7495

is that it

Yeah

wow, in a .sh file or command line?

while true; do echo username > king.txt; sleep .1; done

you need "do"

Yeahhh

Nope just type this

It will run in bg

ahh smort big brain

to run a while loop in bg just add &

exp

Yup! Otherwise this will not let you do anything on that terminal

while true; do echo "1trick" > king.txt; sleep .1; done &

whos xxx

two words i can say to him

Lol

I will reach master today

you can also use the watch command, watch -n 0.1 echo "king" > king.txt

/usr/bin/chattr +i king.txt

takes up your terminal but if you're doing a loop race not really much else to do

loops are for noobs

But what if I remove chattr?

So what to do ?

You can just import chattr

its a binary

there are people who remove the whole damn system

Aah!

So what to do???

basically this guy

he needs to be banned

from tryhackme

Why?

who?

Well first of all he isnt playing koth by the rules

Yeah I saw he just won a match

message support with the game ID and proof

yes ill screen shot

What did he do?

ahh im guessing he did something like the dreaded rm -rf command

for now lets just not mention stuff about this

we might alarm the guy

yes

ooooooff

the only things i think you can delete/fix are suid's sudo perms and chattr

and small vulns

all i know is you patch the vulns and dont remove anything

can't delete binaries afaik

not sure but as long as it doesnt break the game

i thought you could delete chattr

big reason I stopped playing is one or two idiots always ruining every game

You can del chattr

yes

if someone brings it in you can delete it

look at the rules!

it even says you can

only chattr

btw gg

nice

im quite familiar with esox

i think ive played with him before

Yayy thanks

Gave +1 Rep to @static aspen

👍

that cat profile tho

Please keep it PG13.

@dull jacinth

@stiff egret check dm again pliz? :))

if u free

I just woke up, will get on the system in about 2 hours.

yo, koth anyone?

k

https://tryhackme.com/games/koth/join/010d9d60dc8122bfd8254ca7

Hi join 20MIN remaining

@unreal jasper

https://tryhackme.com/games/koth/join/8ac08496a1da89ac395473b5

join it starts in 15 min

easy machines only

Not working

its over

Lol how

insufficient

Ook

players

if u wanna play i will create another one

will uplay

Yup

Which Macchine?

ok gonna create an random easy

is it ok with u

u there

Yes

I m herr

https://tryhackme.com/games/koth/join/3b803eb6df04f1768814146b

starts in 5 min

rq

Join koth vc

a min

Wait what did I send

I forgot

nice game dude

I've deleted the msg.

https://tryhackme.com/games/koth/join/8dba1b6c2688e08b80bdca19 (20min)

https://tryhackme.com/games/koth/join/fa2d8c2ed6ced2caf0781ccf (24min)

https://tryhackme.com/games/koth/join/827be1adfab9d540ebf2d77a

Koth anyone

hi

@latent osprey send link

okay

this is already intimedating

is it like singleplayer?

yes it is singleplayer

you got to defend it yourself?

damn

oaky

correct 😄

i dont know blue team shit

but sure lets go

not like that

you attack and then defend

@latent osprey ill make actually

Are you making

Or should I make??

@fair adder

how good do you have to be

Ook making

i was making

good luck guys

https://tryhackme.com/games/koth/join/b4fa15d630b998ec6bd8f510 @latent osprey @novel galleon

good luck

Ook joining

what

oh gotta change your dificulty

oh

where

settings?

go to setttings

yes

then join again when your done

okay how do i join now

Join

https://tryhackme.com/games/koth/join/b4fa15d630b998ec6bd8f510

okayy

joined

now what

we wait for game to start :)

okay

😉

what should i know

@strange escarp join

done

eyyyyyy

Woah

Gonna be a gg

what should we try to do

yes

try to get in the machine before anyone else

and make sure they dont get in

VC?

i mean i wont talk but sure

you can screenshare

i only know how to hack but idk how to stop imao

i dont know anything lmfao

google very easy

yeha

"how to kick people out of my ssh session"

so

haha

will the box start off with any vulns?

of course

they have 3 to 4 or more

vulns

and then

you have to log in

yes

and patch those vulns

right?

but get flags

and flags will be anyhwere

correct?

yes you can look around

could be in ..

whats the machine lvl

@latent osprey

i think we gotta wait

curosity

im gonna wear my hoodie

Idk

oh ig ur the authon of the game

nah i am but we cant see yet

when game starts then we can

ok

please dont be a windows machine

haha

yea

okay

idk what im doing

but im doing sometihng

haha

OMGGGG OH GOD

IDK WTF IS GOING ON

WHAT DID YOU GUYS PULL ME INTO LMFAO

i know what i need to do

good for you,hacker

gonna do it on my kali vm though

😭

what are you on?

sshed kali vm

you got ssh?

what?

on my kali?

#koth-voice-chat

willl be a good place

for disss

yeah

god damn

ok im gonna get something now i think

Any Beginner who is interested in playing koth for practice with me

me

me

if any beginner wanna do koth for practicing DM me or ping me

@latent osprey

ping me back when ur in

Hi

hlo gonna have my lunch

2:30 or 2 oclock

fine with u

,?

Any Beginner who is interested in playing koth for practice with me

hey I just woke up

let do it, after I done eating

Pretty new to all this stuff, what's the best way to get to know the basics of KOTH. From a complete beginner standpoint.

just start playing and you'll learn, there's a group that regularly plays in voice chat you can always hop into and will give you some tips

Got it, thanks 👍

why koth not currently work?

Be a little more specific?

It said "EXPIRED" when the machine starting, atlteast for the private match

It seem to work fine is public match, except that when the match started there no IP and machine not show

It is repetitive or happened for just one match?

it repetitive

it been like this for almost 2 hours now

cc: @lusty portal
This same issue keeps popping up everytime there are some issues with site. I am guessing this has something to do with earlier problems today?

why always the same people play koth?

i don't know what mean cheating and how far we can go with the machine!

That where the rules come in. You need to read the rules before you play the game.
You can find them here in FAQ section: https://tryhackme.com/games/koth

i read all the rules but i was two time have root priv but then the connection is lost and other time i can't change the king.txt file even with root priv !! and there is no rooms talk about that kind of priv!

1. someone killed your shell.
2. Read about chattr binary.

!docs koth

it would be super helpful for you as well. There's also a blog post linked you can read that too.

thank u can u suggest any books for patch vulns ?

Gave +1 Rep to @nova tide

i haven't read any but if you are looking for blue teaming books then you can ask for suggestions in #bookclub

i read blue team books but no thing similar to koth

and why always the same people

around 4 or 5 persons always winning

When I see their accounts, I lose hope in the game

There are multiple vulnerable services running that you can explore. Try patching the one you got in through and after that explore the box a bit and see if you can find anything.

okay

thank u by the way for your time

@lilac basin

Send me the link

Ookk np

generally speaking, they just have writeups for the machines, and a simple chattr script

the current meta for the game is to learn the machine, then quickly get your scripts on the machine before anyone else

I'd focus against trying to win initially, although it seems counter intuitive

if you want to learn patching, don't run offensive scripts, just try learn what the web applications etc. are doing

and how you can patch that

if you run offensive scripts it can piss people off and they start killing shells :(

okay

i found that koth isn't good for learning . it's just let u type quick and race the time. but the same web app and the same vuln no thing new .

Try hogwarts then

Any beginner who wants to play koth with us for practice

Hey @ashen parrot

U here

Ping me back when u want to play

Please tell me how to kill other people's terminal in koth

google : how to kill someone ssh or reverse shell

You find the PID of the shell/bash/ using ps and kill it using kill -9 PID

If you google about it, you can find way faster and way better ways to do this.

Any tips and tricks to defend in koth

dont kill shells, dont run while loops.

Killing shells isn't a great defense. Patching vulns will do much better.

Persistence -> Patch -> Purge

• Set up your persistence so you can get back in with ease.
• Patch the systems vulns so you can prevent others getting in.
• Purge those who may have gotten in

I'd also break down patch a little further: If people can get in but can't get root then that's a little less serious than if they can get root and kick you out

patch comes before persistence

Eh, not much point patching if someone then locks you out, means you can't get back in

but if you path before someone else get root you will remain the only one that obtain root priv

instead if you dont patch and someone becomes root he can kick you off and remove your persistence

also he can kick you off before you get persistence

what if someone is already root and we have to kill them

I'm not saying don't do it

but how to do it

You've been told what to research

kill -9 PID

?

Yes

but when i do ps -a

i find only two-three process

Am sorry but I'll help you after this

That's how I learned and is the best way

do ps -aef

ps -aux

use this that looks better

hey

can we make infinite no of broadcast msg using any script

"no of broascast" is the message?

like this

i cant stop that

no my bad
can we make infi no of broadcast msges

oh this is done with wall

haaha there is no remedy right then

yeah cuz i think it is a while loop

I think there is...Muiri said in general that this could be escaped..I don't know how coz wasn't able to understand that properly what solution he said

i think my team mates are making use of koth writeups and getting root in less that 10 min

and making this nonsence

oh cool

Not for sure

someone is doing infinite infinite loops in koth

how to stop it

plz tell me now

ur friends are doig it bro

i have noting to do with that

mesg n

This will stop wall msgs on your Pty.

@strange escarp

Oh thanks

Noted

Thanks 😊 gonna use this next time

Gave +1 Rep to @lapis linden

+rep @stiff egret

What

Not working

Cool down ig

dumb bot I tell you, dumb bot.

+rep @stiff egret

Gave +1 Rep to @stiff egret

there we go

I got your back

lol thanks

that doesn't change the fact that you dumb @sour vector

There's a cool down to give rep.

https://tryhackme.com/games/koth/join/4f7df9364f3802c4cb7a357f (22min)

https://tryhackme.com/games/koth/join/840a317c3de2662a374f9e5e

koth game tonight at 5PM pst time be there or be square

like madden square? xD that's 2 am EST but i'll be there xd

Heyo let's make that at 6 I'm still downtown :p!!

sure, i was about to refuel on energy so no worries :p

I'm trying to hurry my guy!!! 😄🤗

take your time! i've got all the time in the world 😉

that gives me time to organise a koth folder together

@modest rock https://tryhackme.com/games/koth/join/0340f028557c217f360939d5

spectators link: https://tryhackme.com/games/koth/24872

here we go

My gobuster and nikto aren't working

Actually nikto started to return some results but gobuster i keep getting errors

Which machine is it?

koth

h1: easy

🤔 I don't think directory brute force will work on that one.

i know where one flag is but i can't get to it

i'm half asleep haahah, 6am grinding koth xD

LMAOOO dude this is super fun!!!!

nmap is taking for ever !

ooh yh i feel ya xd

I found the php admin login

I know thers a flag in here !!!

I'm going to run burp

Now burpsuite if frozen smh

ugh i can't even ls properly smh

Dude i'm bashing my head

burpsuite completely broke my machine

it's subzero frozen

just burpsuite being burpsuite

*dude i found the upload page but fucking burpsuite is just freezing on me

i can't see the uploads button to upload my .php shell!!

all i see is the browser button fml

you don't need burpsuite to get a shell from that foothold

Ah shit you are right!!!!

webshell????

here we go

my netcat is broken it won't connect with the webshell lol

You sure you are calling it back right?

try curl localhost:<PORT IN REVSHELL> on your machine with nc open, to see if the netcat is dead or you are doing something wrong

if netcat catches the connection, then you are calling the php/jpg file wrong on the webpage.

restarting my entire machine FML

Any other suggestions????

I can't seem to upload a php file without having to use burp

||extensions matter|| that's all I can say

Dudes i'm so freaking close !! smh

i can't get this stupid webshell to work 😫

i upload the .php rev shell and i navigate to /uploads/webshell.php?cmd=whoami

and nothing 😦

GG

I was just about to use pentestmonkey and start up nc

I couldn't get webshell.php to work 😦

same XD

did you try to upload a shell through here also lol ?

jup i uploaded an embedded jpg

so it was .jpg extension?????!?

I kept using .php extension are you kidding me.

How many directories did you find ?

aaah that's unfortunate

not a whole lot

i stopped gobusting midway when i saw the ticket page

Man that was a good game

did you manage to rev shell?

i tried curling but it got a connection but then dropped if i hit enter

Do you know of any good koth videos on youtube that walkthrough the linux machine ?

John Hammond's YT is the way.

That's the ones i'm watching right now lol

Honest advise, do watch his Bsides Nova KoTH video, it's 3 hours long or something I think. Not sure, but I watched it on 0.25x to see what they were doing and it's awesome

I saw that one! I'm watching that one next 🙂

Totally worth it

I love this !!!

anyone wanna do koth

Duuude i just got my ass handed to or else id play with ya 🙂

i'm probably worse than you

I need a new laptop

I can play one too if you send the invite link

Can you guys send spectators link!!

hmm

XD

why?

Mine is super slow!!

after metasploit is done installing on wsl, i'll send invite link @stiff egret

Burpsuite froze my machine

What are your specs? @fair adder

we're gettiing there

You guys started already?

nope just installing my metasploit

metasploit was my next option

when I found the service it was running

that's a good enough system I think

Super glitchy

Burpsuite froze and i had to restart my entire machine

nothing was clicking or running

🤔 I've used i5 2nd gen with 8 gigs for 1 year, it was smooth af and I usually had a kali VM , discord, Firefox, notion open at almost all the time

I had Burpsuite, NMAP, gobuster, nikto running and boom it just froze/crashed

You on SSD?

Is there a way to keep your machine clean and fast?

Yes

then I'd say use linux in dual boot or as main OS

On my main primary drive????

instead of windows?

I had arch as main OS and kali in VM. Did everything in vm,

i wanna do that but i get errors on my computer downstair's i fully switched to ubutnu and it doesn't find my internet

Use this to make sure your main OS doesn't die bc of your VM

Execution cap

that way your main os will have 20% of the CPU even if all processors go 100% in VM

That's insane i'm not that elite yet lol

🤷‍♂️ you can use regular Ubuntu as well

in the one koth game john hammond did he had nothing installed

lol yeah, I remember

I love my windows

i rememeber

yeah 🤣

this love is gonna get you killed

Lol

https://tenor.com/bfJOc.gif

By far it's been a smooth ride so far except for today

don't know what happened

The only one i found is 44 mins long

yeah that's the one, at 0.25x feels like 3 hrs 😆

LMAO

sudo?

Okay watching this now 🙂

windows

wsl

they say nmap is broken on wsl

I thought it were installing stuff in wsl

^

oh i am

it's just they say wsl and nmap don't go hand and hand

huh, no idea, never tried WSL

it's a cool thing :D

yeah lemme show you what happens on my wsl

Will give it a try someday.
You can't skip windows in corporate field.
It's a nightmare that's gonna come weather you like it or not

Yo what notepad is he using on the left side of the screen do you know?

sublime

no way !

ugh

lol why?

so nano < sublime 😦

can i create .php with sublime?

anything > nano

Noooooooo

my mind has been changed 😦

Um, You do know that sublime is a text editor? You use text editor to edit files? last I checked php comes under the criteria

stupid question. sorry

well, it got the job done so

🤣

wonder what happpens when i use multiple flags 😳

try 2>/dev/null?

that should pipe away the errors

tried that

and same thing but

noticed this at the top

i scrolled all the way back up

eh just use a VM

fax

Broooooooo

look at all this shit john was running

what the flying hacker life is all this

lol

I watched this video so many times, I almost memorised it

OMG

You are a true hacker

no that's John

lol

you have to multi task to work at mc donalds shit is hard

look at all those screens

yeah I get it

It's like flying a plane

hence 0.25x

he can almost be a damn pilot lol

This is amazing

thank you @stiff egret

the bot sux anyway nvm 😄

+rep @stiff egret

Gave +1 Rep to @stiff egret

Hopefully i don't get in trouble

But it was a really cool video you suggested so thank you for that

v4 sublime looks great by default

naah, that's Ok I think

Hold up, you are koth lead and koth staff???

And author/blogger XD

KoTH-lead is the lead of KoTH staff

Lol you are amazing !

ayyyy

Hey man you suggested such a great video actually... I now truly see what it means to "fly" using linux and your hacking skills. This is such a great vid

I also understand now why hackers like to have multiple screens

naah that's just a scam, all we do is hack on one and have spotify/discord on another

IKR! this video helped me A LOT

Is it really ?? i thought it was so that you can have multiple terminals and process running?

Hey would anyone like to play KOTH? Cause I am really bored right now

I am on a public room...

https://tryhackme.com/games/koth/join/a204272df174a5c215dd0326

i kinda wanna play now :p

it was a joke (my comment on multiple screens)

care to join? @fair adder

I've joined in, although I re-installed my VM so I might end up losing bad. but eh

yes but only if we do h1: easy

make it public so others can join

It's a public game, that's random box selection

Its a public server

I cant choose box

you also have the option to create private

should I?

No

K making

make it public

ya we can play public

i think there were others who wanted to play

boy i need to get my notes straight

VC?

??

nah don't feel like talking rn

just hacking 🙂

fine........ 😄

I just played one yesterday and GOSH I WAS supposed to be king, but the last moment, someone changed the permissions for king.txt 😫

Interesting

can't you chmod +x again?

u left the game?

no?

I was root.... tried everything

i never was in ?

did he block the chmod feeature on you

y werent? 😞

as I said, it was last moment

I also guess he used chattr

immortal

oh thats too much 🤣

LMAO

that is elon musks laptop

my VM thinks I have a nuclear core attached to it 😆

it would be crazy if tesla came out with their own laptop and cpu

I am on dual boot machine, so I don have to worry about ram or other resources....... I left VM months ago

it would probably be a chargeless laptop

VC? Mr holmes? @stiff egret

I can't turn the mic on. Can listen and reply in chat tho

8 GIG 😵

Daaamn son

sickkkkkk

that's probably the lowest around here

Cry in Celeron 6gb memory

What is this yay -sY gobuster and yay -sY nmap command john is using here everytime he tries to run those tools and gets an error ?

yay is package manager/installer for arch.

equivalent of apt

so he's using arch in this video????

yep

what!!!!!

fresh arch install

he said he didn't use arch!??

wow

lol

[john@arch]

I thought he used Ubuntu?

oh dang

uh, it varies

he must of switched a long time ago

the video is of a long time ago

yup

it's how anything is installed on arch

I had a late start guys 😩

had an urgent call

seems like @stiff egret king

dw nothing is patched

Not quite correct. Arch's package manager is pacman yay is used for the AUR (arch user repository)

true and you can install apt on arch too

so ya i'm wrong on that one

I wouldn't say completely wrong. Since you can install software with it

you guys are pretty cool

Hold up!!! you guys were playing koth???

Dw he won't patch until and unless it's required...

https://tryhackme.com/games/koth/24874

LOL still playing

I see Mr.Holmes is king of course lmao

can i ask you a couple questions after this game?

sure np

hey holmes wt the hell did u do? the machines too slow man @stiff egret

LOL

He's at 310 points smh

it's like that from the beginning

can we reset it plzzz?????? Looks like nik isnt alive

Uh sure

one sec

fasttttt man only 20 min remaining

it's working fine

u know wt? never mind

370 points 🤣

I just got the rev shell back, the machine is OK

@stiff egret after you get in and get root do you still give other people a chnace to try and at leas get something?

I haven't patched anything at ALL

the machine is in the same condition, I only added my persistence

that's just what i need

wanna play another one

Sure

yay

just ping me when

https://tryhackme.com/games/koth/join/33f63ea8a265b00be3ac4045

Starting in 24 mins

noooooo u changed password for ssh

Uh no I did not

and whats with the php? it just doesnt execute

first of all the machines all funky

can uuuuuu plzzzzz resettttttt

done

ladies and gentleman, we have a new king

Should have done this at first LOLLLL

lord I hate the machine..... its tooo funky

@stiff egret is this agaisnt the rules?

No

NOO..... LOL.... thats the thing of the game

u have to find other vulnsss

why have i never thought of that 🤣

https://cdn.discordapp.com/attachments/695343809726513292/797170397215719465/unknown.png

i coulda kept king all i had to do is change ssh password

You can change passwords, you can patch the machine

it was the only room i ever got far on

😭

times over

yeah

GG

I had a late start 😫

wanna join this one @iron cloud

hey holmes it was nice playing

ya coming

https://tryhackme.com/games/koth/join/33f63ea8a265b00be3ac4045

u wanna talk about it holmes?

how did ya gain access? Wordpress?

the password

for shifu

yeah

knew it

static machine, easiest way in

d u know wts with wordpress? I changed 404.php but I didnt get a callback

that should work

🤔

ya I was wondering that

you replaced the 404 with pentestmonkey rev shell?

ya I did copy paste, changed ip and port

and the machine was tooo funky

even tred curl to trigger

Wordpress does that to machines

it wasn't that bad, I was getting callbacks normally

yaaa........ I had expertience with mr robot ctf

Freaking dope

also u know wts with tomcat

CONGRATZ ya'll

yep, public exploit

can ya please sent url? if u don mind?

I cannot spoil machines here, I can DM you if you want

care to join? @fair adder ?

great

So by changing ssh password once you find the king.txt or root.txt flag you can stay king ??

unless someone changes king.txt

Can't right now I'm watching a couple videos 😊

hey @stiff egret , honestly, u changed chattr permissions right? 😏

Yeah, obv, that's how you stay king

knewwwww ittttttt

hmm lion

never done this

ahh might need new vpn file

i am innnnnnn

um i think i left

nvm all good

ok one of you patched ftp

not me

Time to start patching

get your persistence people, Patching starting in 3..2..1

someone used chattrrrrr

the question is where are you hiding that pspy @delicate cedar

whoooooo kicked my shelllllllllllllllllllllllll

lorddd

am still not in anything

I am not sure if you can get in now

lmao 🤣

although you can still find the vuln

if you see the vuln and the exploit doesn't work

that's probably me being a mean person here

i couldn't get into ftp in the beginning was it even possible

I honestly dont remember

no pspy 🙂

HEy wtff man...... the moment I echo to /root/king.txt, my shelll kicks offf

🤣

No idea what happened here, but someone messed up

did someone messed with tmux tooo

tis getting interestingggg

whoever planted that ssh backdoor, hats off. That was NEW

What happened to ssh server?

Died bc of that preload rshell

that's my guess

I did kill some of it's processes, but that shouldn't take down the server

Seems like no one trying to fix ssh server

Just coming back up -_-

daemon and main both are on

You've won @delicate cedar resetting the machine now at 20 sec gap to extend it

😂

oh nvm gg

who the helll reset at last

😵

It was fun lol

ya it wasssss

would be real fun if we were is VC

I forgot that machine content will be lost 😂 I wanted to explore it a bit more

I don't know what were you doing with that preload in ssh

I was just inside mysql db 😩

But that's something I haven't seen before

My backdoor is only ssh 😢

nd that is?

I'm basically doomed when that messed up

Yeah, I saw that, was trying to locate it

But the game ended

Ssh backdoor with preload somehow

gosh I have like 100s of tabs on chrome open here 🤣

😂

Looks like rshell is messed up, time for write rk show his true power.

Also @stiff egret you didn't stripped ur binary

I can quickly reverse the content

Also theres about 20 shells in terminator 🤣 BTW pwncat is too slow for me

hey...... does anyone know y I was kicked off while echo ying to king.txt

Oof, lucky me

I'll look for it

Which one is the question.

Pwncat is too slow for koth.

No idea, but most likely you were caught in the crossfire bw me and stellarix

stellarix got a new backdoor? 👀

Yep, most probably, can't say much until I see that binary

It's some sort injection in ssh process

Probably a custom reverse shell sending binary, hooked with ssh

oo, that sounds very smart

Yeah

Stellarix knows C? 👀

a pro

I'll need to read up on that one

I haven't played against stella for a while

sounds like we need a game

What is this channel never been here before

This is only for the l33t haxkors

Oh... I'll take my leave then 😢

KoTH > Certs.. give up on those certs and start playing KoTH.

nooooooooooop

Any beginner interested in playing koth with me for practice

We watch hills over here.

I got it by today 😑

Yeah, sure. I need to practice too

I mean i know what's going on, I also know the tools but I need to practice more

Anyone, wanna play koth?

Ask people on voice chat they might.

https://tryhackme.com/games/koth/join/8cfa1b8d0331f815a6a9133c

already 3 of us in here

uh oh naughty joined

already lost

9 people, its gonna be interesting

make that 10

did one of you patch the php reverse shell?

GG all

got crushed 😛

i cracked the ssh passphrase but it wouldnt except it

https://tryhackme.com/games/koth/join/cae5bf76151e1d3362ed767c

https://tryhackme.com/games/koth/join/f176eec2c9136955d9851226

3 min.

Any beginner interested in playing koth with me for practice

sure

nvm gotta go 2 bed

:(

I am deleting this msg, since it contains a spoiler for a fairly recent room, plus sharing spoiler information about koth rooms is not allowed.

@sour zealot

@stiff egret hey! The ftp part always crashes in my pc in hackers machine can you tell me something I can do about it??

You must be doing something wrong

I do this

But still

I don't get any password match

And after sometime my pc crashes

I have no idea how that command can crash your PC

that's hydra running on 15 threads.

It's just not possible

It runs in my pc but after 10 to 15 it just stops

And nothing happens

Which word list should we use in KOTH??

@quiet schooner Got any ideas here? (You created hackers, you obv know more about it)

For password cracking

Someone probably changed the password before you could get it

Context: They are running hydra on ftp with 15 threads

Hydra should be happy with 64 threads

Any tbh, it depends on how you hack

Nope! When I try this in private koth

But during hacker machine it takes too long to get the password with hackers

It's designed to be a good few minutes

It's also dynamic

Ummm! It been 8k passworda but still I haven't got the password for ftp