#koth

kinda getting outdated

the log4shell room was good because its in the present

we need some new rooms on cloud pentesting and things like that

they have to create a room on AWS s3 bucket vulneribilty too

you should make one if you can

i dont know how to😅

it might cost more to do rooms like that idk

since you have to pay for the cloud

or no?

yess maybe

i got your point

cloud is not free

or you would have to actually scan the amazon cloud

and amazon might not allow it

idk

aws is at number 1 and they will ask for money to host😂

are you learning any computer languages?

yess in college i have subjects

yeah i guess thats one of the reasons they havent made those rooms yet

python?

yess

C too?

i have learnt c, c++, python in college

now currently java, sql

theres this free harvard online computer science course you can do

they will give you a certification if you complete it

i registered it

you did? nice

learnt cryptography

course was good

yeah the ceasars cipher

there were 2 parts of it

with C and python

yeah one is with C and one is with python

i tried it last year but i didnt finish

but they take money for certification😂

no

but course is free

are you sure?

i think they give one free but one doesnt have your name

when i did they said you have to pay to get your cert

but if you want your name on it i think thats when they charge

yess

without name, thats sample cert

yeah but i dont think they charge much

and the course is good

yess that was really good, and i appreciate them

they are giving free knowledge

yeah and freecodecamp is a good one too

w3school for coding

do you want to study together sometime?

sure

yeah w3school is good

alr i have to go now, lemme prepare for my exams😂

what os do you use? just asking

parrot os

i find it good

okay talk to you later

yeah it is good

@graceful bear Hello

sssssuuuup

whats up

i'm good

you?

good

for some reason on my mac it freezes when i sudo ftp

ill have to play on vm or attack box

👀

yeah you might want to patch that

chmod -x /usr/bin/ftp

but i gave up anyway

by the time i get the vm loaded the game will be over

That's uh... Not a great patch

Remove sudo privs for it, don't just nuke the executable bit lmao.

You want the binary to remain available for genuine users, that's patching

would that be chmod 666?

No...
Look into how you specify who can run commands with sudo.

sudoers file?

edit that?

Not sure why you're putting question marks, you should be checking enough online resources to be sure of the answer first.

username ALL = NOEXEC: /usr/bin/ftp

is that the patch you were talking about?

No

Running FTP isn't the problem, running it as root is.

This is why it's important to understand what you're doing. Very very important.

sudo chown root:root /path/to/application
sudo chmod 700 /path/to/application

this is how you make a file accessible by root only

so it would be sudo chmod 700 /usr/bin/ftp

But that's not what you want

You don't want it only accessible by root

You just don't want people running it with sudo. Do you understand?

yeah i understand so to take away sudo priv from a user it would be sudo gpasswd -d your_user sudo

No

You're not trying to take it away from a user

Just find where the rule is defined and remove it...

Use visudo so you don't brick sudo on the box

i bricked a ubuntu vm like that a little bit ago

but just tell me already

would it be in the /etc/sudoers file

No, that's lazy.

You'll learn more by doing the reading yourself

wouldnt what i already said work though?

i dont even know what youre talking about and you wont explain

visudo opens the /etc/sudoers file with the vi text editor.

and then you delete username ALL = (ALL:ALL) ALL

is this right? @graceful bear

why would you delete a username?

for example delete shifu ALL = (ALL:ALL) ALL

or just delete sudo ALL = (ALL:ALL) ALL

but why👀

whats the best way to stop a regular user from running sudo for something like ftp or vim

I think you need to read about the sudoers file and syntax

deluser USERNAME sudo

That's assuming it's using the sudo group to grant those privs, which is why you gotta do this

why cant i change the file permissions

the king.txt

i tried almost everything

thanks but how do i make the king.txt file writable again as root

Gave +1 Rep to @graceful bear

even as root i cant write to it or change permissions on it

research about chattr

it says its not installed when i try to reverse the chattr immunity

and then i install it and it says it is installed

that's coz i deleted it

yeah its giving me issues trying to download it back too

im trying to download the binary and copy it over

i think i have to uninstall e2fsprogs and then reinstall it

lemme upload the binary for you in that case lol

okay thanks i saved a copy for the next game lol

Gave +1 Rep to @graceful bear

awesome

did i kill your shell at any point?

yes!!

several times

i changed the password for food too idk if that affected you at all

nooop

good game though

hey can you tell me if this syntax is right? while true; do echo "iTzNeMeSiS" > /root/king.txt; chattr +ia king.txt; set -o noclobber king.txt; done &

looks good

but

you can add 2>/dev/null right before the ampersand

so like this while true; do echo "iTzNeMeSiS" > /root/king.txt; chattr +ia king.txt; set -o noclobber king.txt; done 2>/dev/null &

or no?

actually there's a problem there

i was wondering because i kept getting an error

chattr +ia /root/king.txt; set -o noclobber /root/king.txt

use the full path for the king file

while true; do echo "iTzNeMeSiS" > /root/king.txt; chattr +ia king.txt; set -o noclobber /root/king.txt; done 2>/dev/null &

does this look good?

nooop

lol

chattr +ia /root/king.txt

okay thanks, lets run it again

Gave +1 Rep to @graceful bear

i like this because you practice offense and defense

http://flaws.cloud/

http://flaws2.cloud/

you're bruteforcing the wrong user hehe..his password is weak yes, but, a pain to find

also use threads

when i use -t 63 i get a syntax error

done

that's odd

all that was in rcampbell ftp was that note and a flag

try ssh👀

lol..what are you doing

i meant, try ssh with that password

thank you

Gave +1 Rep to @graceful bear

aye lemme teach you soory for yesterday

https://tryhackme.com/games/koth/join/4eb3a7b97e209de682e14ebb

wait the details was given to me by my boss @graceful bear

thanks

Gave +1 Rep to @graceful bear

@lilac idol are u ready

yeah, are you ready?

no

internet speed slow here asf

im ready lets go

@graceful bear 👀

what can i say, he's learning

@lilac idol bro did u even use the while true command on king.txt file

true wat can I say we all are learners 🤣

exactly

no

i tried to make a cronjob to echo

with what we were talking about @graceful bear

wtf bro u should have done that did u really think u secured the machine

stress

anyways it's ur choice

hello

thanks bro

Gave +1 Rep to @lilac idol

congrats @lilac idol

yeah good game, that was a war

i was watching live @lilac idol made king changes to 18, was amazing

def!!!

thanks

Gave +1 Rep to @random trellis

are you guys in a match?

@fair adder are you playing

😂😂😂

how many flags are there on hogwarts, got only 3

7

oh

whats going on here?

my name is in root/king.txt but it wont make me king

curl 10.10.54.111:9999

see if your name shows up

no it doesnt

but im root for the machine

check if the koth service is running.

there is no koth service

i checked almost every folder

with ls -la

its supposed to be in the root directory right?

no

then where

do systemctl status koth.service

?

is there 2 systems with root? i dont get why the koth service isnt running

and my name is in king.txt

let me check

someone took down the service

service start koth.service @lilac idol

try to use this

or systemctl start koth.service

yeah i dont see the koth service i think he deleted it

after putting his name or something

lol

it shows nothing?

it showed his name

but there is no koth service or king.txt anymore

I mean you're on a container, what about on the host?

@lilac idol You know you're in a docker container there right?

so thats why theres no koth service?

There's one on the host

Not in the container

is that whats called a honey pot

No

It's just a docker container

It doesn't attempt to hide that it's a container in any way

ooh that's hogwarts

smh thats right there 😄

And the hostname

I legit googled what will happen if I remove the .dockerenv file.

Don't remember much about koth anymore. specially hogwarts.

haha ya that one's sneaky ... gotta break out of container first to get to the real juicy /root dir 😛

exactly

@graceful bear sorry for what happened in the koth, i saw your name in the list and didnt understood what to do😅

lol

it's oright

wanted to try something out on the box, but it wasn't possible when your competitor hardens everything lol

😁

i just wanted to remove the backdoor

but in nervousness happened this

😹

Can users without a membership participate in private KOTH? Any limitations for them?

anyone wanna get into a KOTH match rn?

lets get a bunch of people and have some fun

want to give it a try?

sure, but I have a subscription. Do you? We'd need to try with someone who doesn't

both subscribe and free members can use it

even private ones?

no limitations?

yes

sweet

want me to make a private one>

?

sure!

wanna hop in VC?

yeah, more fun

https://tryhackme.com/games/koth/join/d0832b79d254b68f0d7edac1

hop on vc rn?

yep, which one? koth-voice-chat?

yes

kk

https://tryhackme.com/games/koth/join/d0832b79d254b68f0d7edac1

send spectator bro

yea 1 sec

https://tryhackme.com/games/koth/46550

thanks

hey all

good luck @random trellis

windows bro, i hate it

lets give a try

That makes two of us. I've never done this box.....

i did but mostly not able to get shell after uploading

i was able to get a shell but couldn't figure out escalation...

i had also not finished yet

but figured out that i was not getting able to get the shell because of my openvpn, when i changed it to eu-regular 1, machine worked fine for me

it took a while, but i was able to get on the box just fine. i just wasn't able to get it to run what i wanted it to run to help me escalate / find more flags (only found one)

yo

wassup bro

whats up

i am good, whats about you

im good too, just doing that cs50 i was talking to you about

seems like good, i think i also have to see this

are you watching on YT or official website?

i think it pulls it up on youtube from the website and you join the course from edx

https://cs50.harvard.edu/

i already watched the week 0 video

im trying to make a game in scratch right now

nice

best of luck

anyone done offline (windows) in KOTH?

Where are you doing that?

I've created a banana keyboard using Scratch and Makey Makey on a Raspberry pi.

on edx for the cs50 course

haha nice

this is what im working on for the scratch project

ninja fruit cutter

nice 😁

https://www.youtube.com/watch?v=chUo8-HkLbI&list=PLUZ_QT0KagmIG-TYQpbdEpa4toIlufhkf

@random trellis

listening it, at 0:21, my neck started dancing lol😂

🤣

anybody wants to 1v1?

https://scratch.mit.edu/projects/694526733/fullscreen/

@graceful bear brroooooooooo, u just needed to be king for 1 min more only

ikr😂

i started playing the game like 10 minutes after it started xD

someone resetted machine 3 times bro

i got king and someone resetted, was eating food and saw you king again

😹

i think the first time the koth service was down i guess?

it happenes when someone reset the machine

it takes 2 minutes

that was before it reset though

ohh when your king stopped working?

exactly

i think you deleted the koth file by mistake or deleted the whole server

it happens only in these cases

i don't think so, but okay lol

https://scratch.mit.edu/projects/694526733/fullscreen/

check it out

nice

are these all games yours?

in projects

no i think those are what other people made

i see, the game was actually good

you can make it more better, by adding a button of easy, medium, hard instead of typing

otherwise it was cool

thank you

Gave +1 Rep to @random trellis

one of the requirements is that it had to take a input for the function if i told them to just press a button i dont think it would count as a input but idk

That is an input.

https://tryhackme.com/games/koth/join/1ec865eee93318c8b35bf432

starting a game, feel free to join

MY NMAP SCAN IS SO SLOWWWW

bruh are u able to connect to the web server

im struggling

asjkdhnaskd

🤣

WAIT NVM

IM GETTING SOMEWHERE

HOWD U ALR GET A FLAG

what ?

you got a flag??

yes

bruh i found that thanos pic

looked for metadata

send spectator bro

nothing

and now im just looking for other directories

https://tryhackme.com/games/koth/46634

HOGWARTS, Its my favourite machine bro

255TB damn

its fake

🤣

to manipulate bytes of a file

ohhhh lmao 🤣

😅 😂

did you cut off access to ssh?

hint ssh is not on port 22

?

interesting

no

use rustscan @vital tide

yea doing that now haha

I got these ajnsdsa

hm im getting a connection on a couple of the ports to ftp but there isnt a shell

one of those is ssh

one of those is ftp

👀

8205 is ssh

but not that helpful cause i dont have the user password

now, if you enumerate ftp, you'll def get a user and pass

9319 is getting a connection to ftp

but no shell is being made for me to interact with it

use wget hehe

@graceful bear

sssup

wtf

ahahahhahahhahaha

it's another door

🤣

8676 ftp port @vital tide

BRUHHHH

WHAT IS IT WITH THESE DIRECTORY NAMES

....

did u change ssh password

I got the password for neville

gg

gg

Yeah,but I just got root and left the machine, I didn't even fix the other entrypoints on this machine besides ssh

https://tryhackme.com/games/koth/46635

@steep agate

me and @graceful bear were playing and machine crashed lol

🤣 😂

sometimes its working and sometimes not, I lost my 9 mins king timer🥲

too many "writes"😹

😂

Hiiiii

🤣

now who is addicted to koth are you two

@graceful bear @random trellis

😂 😂

yeah lmao🤣

but i plays only when the starting time is 9-10 min

otherwise i leave

congrats @graceful bear you won

😹

i hate waiting for long🥲

manytimes i forgot i was in koth

and lost

so i join when the time is less

😂

same here lol

Hello

sorry you can use this cat /dev/urandom > /dev/pts/2

it just messed up my screen last time i didnt know what was going on

@lilac idol no p

@graceful bear @random trellis @fair meteor nice

lets go

maybe today i will leave in the middle of the match lol, because my health is not good today

why whats going on

lol youre scared to play this match

bruh, i m playing..... I said i will leave in middle of match not leaving rn lol

and my badluck, H1 medium @lilac idol i dont know about this machine🥲

i cant find the king.txt file

i got shell, got user achilles, trying to get in but getting this
[-] SMB SessionError: STATUS_LOGON_FAILURE(The attempted logon is invalid. This is either due to a bad username or authentication information.)

i changed the password

im trying to find the king.txt file

ohh lol, this was second time i was playing this machine and finally found something and you did this to me🥲

@graceful bear @lilac idol have i did something wrong?

noooop

haha

that's just write protection

lol

attrib -S -R king.txt

then you can delete the attrib

🤣

match is finished🥲 , you have to make a video on powershell tips and tricks too😂

good idea, there are some really boring powershell tricks 🤣

I am not good in using powershell, will try to learn it

CACLS king.txt /e /p achilles:f does this do anything?

i understand

you can also use cacls to change attributes, but I like attrib, you can make other changes too in different ways

ah okay thanks, can we see a video on windows machines next

Gave +1 Rep to @steep agate

Same from me

Hahaha i didn't even play that one

@graceful bear how did you make the file immutable?

chattr and removing immutable flags arent working

i just used chattr lol

i guess i am just stupid then

lol

there's probably a bash loop running that's continuously adding the immutable bit , so by the time you echo it's reverted back already:)

(also, the file may be read only too)

oh double evil by toggling both read only and imutable

i am still confused

someone made a script that toggles the immutable bit on the king.txt file

and writes their name in the file

I cant see any suspicious script in the backgroud I ran a ps -aux --forest

and that script is running somewhere in the background

well you can use a rootkit to hide proccesses from ps -aux

i have a diamorphine on this box so i can unhide them

oh okay then

11sec

its over

¯_(ツ)_/¯

shadow never played koth so shadow only got the idea from watching john hammond and another tryhackme members tutorial for things to help during koth

it's gonna show up an empty /bin/bash process, it's not actual script just a bash process like so

i know

i greped for bash

yeh, check sh too

i did

and then it turns out someone was sneaky and did it in zsh

lul

i didnt check zsh

doubt zsh is even available on the koth machines

or just pgrep -a sh | xargs kill

🙂

this kills every *sh connection on the machine including your own

ye

i did killall sh

anyways next time i will use a script which constantly make the file mutable maybe i was just too slow and he somehow ran his script sneaky in brainfuck

wait wut brainfuck on a koth machine???

that is sneaky and impressive

no but he could have put the interpreter or compiler there

shadow is to bad at writing brainfuck to be able to use it

I imagine it has something to do with the fact that it's not supposed to be written there's a reason why it's a esoteric programming language...

rkhunter

tail /var/log/kern.log

Rootkit failed 🤣

yeah rkhunter is a thingy

removing a rootkit is simpler than you think

even without rkhunter and quiet

cat /var/log/kern.log | grep diamorphine && kill -63 0 && lsmod | grep -i diamorphine && rmmod diamorphine

That will depend very much on the rootkit

Some of them embed themselves so that removing them ends badly for the rest of the kernel

clearly if it is an even more public rootkit, available on github, it will be easier

yeah

Likely. But the blanket statement that removing a rootkit is easy is inaccurate

it's easy to remove some rootkits, but obviously not all of them

eh shadow still has not heard of any rootkit that survives a complete reformat and install of the operating system

not that that does not exist.... just shadow has never seen one in the wild or heard of any that does that

Don’t give them ideas

why root.txt is empty?

guess no one has got root yet

place your name in king.txt

my username

?

yeah your username in king.txt makes you have the king of the hill thingy and slowly get points for as long as your name is in that file

king.txt

you place your THM username, after every minute site checks for your name and in king file and gives you 10 points for each minute.

how many ways (approx) ways are there to become root

?

Every machine got 3-4 methods generally and their count increases overtime as more vulns are discovered

Add +1 for pwnkit on all Linux machines

@silver sphinx Whyyyyy

hello

https://tryhackme.com/games/koth/join/8a23941ffd4031b8f99a8c24

starting a game, feel free to join

https://tryhackme.com/games/koth/46887 anyone?

lmao

not even 1 minut passed and this dude is already king

i guess they are using an auto solver or something

or abusing rustscan and having some luck in finding their way in

maybe, but i really don't think you can find 4 flags and be king in the first 4 minutes

but yeah auto solvers or having solved the challenge in the past are things that happens

@red crest lol
@merry crypt he isn't using autopwns

@naive goblet challenge in the past

ah yeah would rather assume someone solved it in the past... happy to know for sure

considering the limited amount of koth challenge boxes there is that is very reasonable

I'm not using autopwns or anything like that

I've done food koth before

Yet I read the FAQ that monthly new boxes would be released

Yeah about 4 users

yeah but seems that has not happened for a while now

True

@merry crypt want a clue??

@red crest I don't think he wants🤣🤣🤣🤣

Yeah @fair meteor

😂😂😂

🤫

@nova tide lmao

This is a forbidden topic, we don't talk about that here

ohk

||JK, i blame holmes||

hello

hello

hello

what are you guys doing

replying to your hello?

and reading more hellos

do you guys work for tryhackme?

no

we hardly work at all

++

oh okay then. are you still in college?

new koth box when?

^

no

naughty don't you dare

Definitely can if you've seen the box before

Especially on Food

anyone up for koth? https://tryhackme.com/games/koth/join/456c840c107022fffdd53280

oh ok, sorry haha

i want my revenge tho lol

anyone online

me

are u about to play koth

send link mine is showing 404 error

oh, i am about to go

but later

i sent you a friend request so we play later

nice

alright

amroot

can't write to king.txt

😠

lsattr

just e

nada

game over now, damn

was sitting at root for like half the game time unable to take king.txt

first lsattr run s---ia-------e-- ./king.txt

second -------------e-- ./king.txt, yet still echoing to king.txt did nothing

there must be a loop running to add their name in king file and making the file immutable.

i figured something like that was happening

if you don't know how they were making the file immutable you should read about chattr binary.

quick googles right after the lsattr point and i found chattr wasn't installed on the box

you can always upload your chattr binary onto the system. https://busybox.net/downloads/binaries/

people tend to rename their binary so others won't use/remove it.

is this a normal tactic? this was my first game

it is, you can read more about it here:
https://blog.tryhackme.com/guide-to-king-of-the-hill/

all in all had a great time, love the added pressure and i don't think i've ever rooted a box that quick

def wanna play more

good luck, have fun.

Hey

In lion, is it okay to remove tmux from the machine?

Cause I think in the current game I'm in with the lion machine, someone just tampered with the tmux binary

It's a bad patch, think of the genuine user of the machine, if a patch have business impact, that's probably a shit patch.
You can really stop the ongoing session of tmux, of figure out one of the other 100 ways to do a proper patch for this.
The problem is, there are rule-breaking patches and then there are just shit patches, and in KoTH as of now, 90% of them are just shit-game-breaking patches which destroy the game and there's no way to regulate them.
/End rant

hogwarts have a single port open?or am i doing something wrong?

not sure but if said port is a webserver you still have multiple ways in

try scanning all ports, players move up the service ports to random ones so the're harder to find

i was on a private machine , not possible

yeah it was

got something but couldnt get a shell for the user

a nudge would be helpful

not done any koth so can'

t

help a lot

oh , No problem

it usually takes a minute to get all ports to open, but there's def a lot of ports open

most of them are high

so scan all.

-p-

i did

4-5 times

share the IP? DM

i.e. if the machine is still on

nah , it's down now

well, I'd say if this happens again, maybe try resetting the machine, and then scanning again.

All ports are higher than top 1000, except port 22.

tried this too 😢

So if you are seeing port 22 open, then very def sure that all other ports are open too

Because port 22 is like the slowest of them all,

let me create the machine again

wait a couple of minutes

okay, let's see

https://tryhackme.com/games/koth/join/17b6a93320f628c5394235fd

@stiff egret

One minute, lemme fire a vm

it expired 😆

What lol 😂

insufficient players

Oh the 5 minutes timer

Smh

yeah

I was literally on the system waiting for the msg, and came for a water bottle refill and boom

@graceful bear is playing a hogwarts machine rn

Fwiw, my vm is on, if you still wanna test it, fire another link

sure

https://tryhackme.com/games/koth/join/3b1c263a3c7a4bfa0031b7d0

It's working

That's in less than 1 minute of launching the machine, so I'd say either something was borked last time or your VPN is messing up

bruh

😆

but it happened to my friend too

maybe the machine was borked

is it working right now? if yes than very likely something else was borked

lemme check

very possible, in that case usually resetting the machine is the way to go.
Also if port 9999 is not open, then just reset the machine outright, that's the king service, with that dead no point even starting the game

i am still getting only 22 open

😥

I just logged in the machine

idk whats wrong

um try this

nmap -vv 10.10.254.0 -p 22,8052,9610, 9999, 10204, 52546 maybe

or just curl IP:9999

curl works

but this doesn't

.... weird,
nmap -vvv 10.10.254.0 -p 9999

what's this showing?

fk

it says open now

lol

I don't know what happened, but as long as it works

well

you'd rather just use rustscan

that isn't working too

that's odd

oh wait, that's broken command, remove the spaces after commas

my bad

but still

that should show port 9999 atleast

don't know what's wrong

do we need a different vpn file for koth?

like for wreath and holo?

No, your regular vpn should do fine.

🤔

The fact that curl 9999 is working fine means that connection is OK.

then problem with nmap?

but it happened with my friend too

Are you getting any banner with this?

we both were just scanning ports for a straight hour 😆

yeah

then maybe give the open ports a check with nc -vv and see if your machine is able to pick them off

I am not sure how or what this is now, sounds like nmap is not picking it up? but it do be working fine with solo ports?

yep its picking solo ports

that's weird

TBH my nmap does this kinda thing most of the times

but it's too much today

most of the time it doesn't show ports opened in the scan

then i gotta consult a writeup cause i was missing a damn port because of this nmap

try using rustscan in those scenarios

doesn't work either

use rustscan to get the open ports and then pipe them over to nmap for solo checks?

exactly!! but he said even rustscan doesn't work

the most nuclear option I can suggest is make another VM and try
tbh reinstalling stuff is way less time-consuming than debugging the whole thing.
_although it may not be the best method. Learning wise _

i was going to do that anyways

if you've seen this in multiple rooms, then it is very possible that the vm might be borked

this vm's storage almost up

i think so

hmm, then won't hurt to try in another vm tbh

yeah

just installing tools again in new vm is kinda time consuming

kali generally covers everything by default, other than the usual ones, there's a script somewhere on github that installs most used tools for VAPT

I forgot the name of it

i meant CTF tools

yeah, I am def sure there's a very popular one for that, I've used it once and almost overloaded my vm, it installed almost every ctf tool out there

and setting those up

including IDA and Ghidra

OwO

tell me if you remember the name

although i use parrot , it doesn't matter

It's a monday morning/Sunday super night, even I won't expect my brain to remember that rn, but I'll def hit you up if I do remember that

Sure! Thanks

cya mate, that's the end of it then, imma go sleep.

same here 😆

hiii

anyone to play koth?

hello

we meet again

nice

@umbral sinew ...

https://tryhackme.com/games/koth/join/62ab78e729db6c550d08388c

join this one @umbral sinew

Im about to head out next time

no problem

nice game though

ouch

lol

2min into room and you have king and 7 flags ....

interesting

lol

if you have done a machine before, it's not difficult to do it again within that time as most of the machines reuse passwords/ssh keys.

yh

@fair meteor did you patch everything?

this other bloke won't reset.

yeah bro

@upbeat bone try harder lol

I mean I'm not even on yet, if you've patched everything I guess I'll just pull a 0day out of my ass 😄

lol

yo

anyone up?

Closest game I've played so far!! Epic comeback barely haha.... Thanks @graceful bear for an awesome battle! 😜

Gave +1 Rep to @graceful bear

loooooool, by exactly 10 points, but what luck

🤣

https://tryhackme.com/games/koth/join/25df806a0971a578ee9c6572

Does anyone else get a 404 when trying to access a public KOTH lobby?

Accessed the page on my host os and it worked. Weird.

I've only recently started playing KOTHs, how often are new rooms added?

...

@fossil pecan I assume you fixed the upload vuln?

@dry fossil not intentionally ... yet at least 😛

it's checking for .jpg at the end so I can't do .jpg.php

i think it needs to be manipulated at the low level request to trick it ...

try again

I know it's checking the mime type as well

can use .jpg.sniped.php

I tried changing the filesig to FF D8 FF

huh, I tried .jpg.php.jpg.php and it didn't work :l

probably read the last one because it repeated

i just opened that ext manually 😉

giv it a try

yeah

2m next game still empty!
https://tryhackme.com/games/koth/join/1765087b58bac6ef5a87d6f6

It still made a jpg file and not a php file, am going to join that room haha

starts 1 min

nvm cancelled 😦

/git

https://tryhackme.com/games/koth/join/b810f4711e9e2edbd8675241

thought it was, I tried joining and it didn't work

all good

after this one imma head off because it's nearly 2am haha

@dry fossil haha i hacked the support.php page to keep using .php ext on uploads 😛

try again if u want

haha, I don't have the tabs open, I'm going to browse tiktok and take the L

😛

how's it going on this one @dry fossil ?

...

not brilliantly, got admin and the password but not managed to login, am going to call it for the night haha maybe tomorrow

My mate wants to go to comic con and I said I might go, I've not seen him in a while so it'd be good to go meet him there so I'm going to finish my cider and call it a night 😄

all good, sounds fun! 👍 g'night 😄

next game in 23min, lobby still empty ...
https://tryhackme.com/games/koth/join/12fcbff8fba9de6ef1f66bf6

@fossil pecan you're playing too much of koth these days😂 did i influence you?

I'm addicted!! Haha, you and @steep agate inspired me!!! 😁

https://tenor.com/view/sesame-street-kermit-the-frog-kermit-dancing-fun-gif-16613860

https://tryhackme.com/games/koth/join/ecccfac4a09ac3ea2be4f774

start in 10 minutes

thank you very much bro!! I'm very happy to hear that!! 😄

Gave +1 Rep to @fossil pecan

https://tryhackme.com/games/koth/join/963abf8ff632f7737db3f044
start in 5 min

sup

@narrow shadow sup man

hello

https://tenor.com/view/hello-there-hi-there-greetings-gif-9442662

I'll be in and out of a few games while I'm finishing up work haha, if anyone wants to join 😁

hello new friend

@fossil pecan ggs

thx for the hint too

another game in 12min, who's in??
https://tryhackme.com/games/koth/join/1b216bad8cad79aedd87a26c

@fossil pecan yo! u've been playing koth too long

lol lets play sometime so i will spank u

Haha ya i gotta go to bed

Almost 2am

Anytime 😁

https://c.tenor.com/-zM2AvWxCoUAAAAM/spank.gif

bye

lol its just 8:50am here

lul my kali vm broke

@narrow shadow soooorrrrrryyyyy

hmmm

am afraid of this @fossil pecan guy

i just checked recent match he won @graceful bear

yeah, he's pretty good

i guess so

he's really taking it up to a notch

but what you don't know is, when you get king first, it already counts as if you won the match

really

so if i get king first and someone else get kings i will win

???

i taught it was if u get king for 30 mins then u are the winner

yeap haha

that algorithm sucks

but its cool if i get king first

i was curious why i had so many wins last month(210)

that's the reason

interesting that means its more of like first to echo Hack.You > /root/king.txt lol

xD

i'll be aiming for that

metasploit taking time thats why i left

😄 👋

ooo, this game is windows box lol

idk windows for shit 😛

@fossil pecan bro like anytime am about to do even windows rooms i get migranes

windows is just not my type

hahahaha

ikr

at the moment am just doing https://tryhackme.com/room/weaponization

and like hell that's a windows shit room

i see windows and get too excited lmao

lmao

even still my host OS is windows i'd still prefer linux

@fossil pecan dude last time i checked u've won like 28 games and now 48

https://giphy.com/gifs/floridageorgialine-smooth-florida-georgia-line-KzDqC8LvVC4lshCcGK

someone's cruising!!

almost to the front page top 50 😄

koth leaderboards*

lol am 16th

Nice!

I'm on my way haha

I wanna start hanging out in voice chat and streaming again... I think it would be fun 😊

i'll be running 😂

Do u have a utube channel

Ya!

https://f11snipe.live

nice

Haven't made new content in a month or so haha

Need to start to again

i think am gonna watch one of ur videos

i need to make some shorter ones haha, i think most of those are just raw - hanging out doing stuff 1-2 hr 😛

feedback appreciated 😄

i think streaming the KoTH stuff would be good

can hang out and give linux tips

maybe learn some windows lol ...

@graceful bear cough cough - ahem ^^ 😉

it would really help

anyday bruv haha

wtf hw many times offline

lol ikr??

yeeeees!!!

pretty sure @graceful bear would have been like joy

i have been praying hard

i have to get back to work anyways 😛

lmao

https://giphy.com/gifs/playoverwatch-FnBVJ4xGanHBKPe0jU

and God said son ur prayer has been answered

@graceful bear

me sitting down staring at the monitor:

look at the way @graceful bear is just pasting flags lmao

eaz

@fossil pecan i thought you headed out?😹

?

ya I'm back at work for a few hours

i'll be back later 😄

👀

oooh okay

decent article on some nifty bash tricks
https://levelup.gitconnected.com/5-bash-syntax-for-going-beyond-traditional-shell-scripting-6904d3e71af6

LMAO same offline actually fried my brain

Im 90% sure I was using a tool wrong but still I’d prefer Linux

I'll be in #koth-voice-chat for a bit if anyone wants to hang out 😄

How did you get so good lol

been a sysadmin for over a decade, and always tinkered with some hacking stuff, but kinda inherently "blue teaming" for work for a long time 😛 ... kinda new to this side still, i know there's still lot's more i wanna learn! (like anything useful on windows lol )

Nice

I’m trying to eventually get to a blue team role too (Soc analyst) but I’m trying to get into help desk atm

cool!

feel free to dm anytime if you wanna chat, happy to help if i can at all