@cursive ether feel free to play but its pretty intense depending on who is in ur lobby
#koth
fair meteor
cursive ether
yea hey, i just want to have fun
fossil pecan
You set it yourself in your profile
Near the bottom i think
It's mostly just a guide afaik
So can set it whatever you want
Cool
Np
fair adder
some people are cheating like in the first 2 minutes they have 4 flags
fossil pecan
Pretty easy to remember where to go on most boxes, that's not too crazy
King and all flags in 10-30s is probably autopwn lol
fossil pecan
Pretty easy to remember where to go on most boxes, that's not too crazy
After playing a few times
fossil pecan
And flags don't change π
graceful bear
@fossil pecan shall weπΉ
fossil pecan
π
you join?
im still afk on the phone
still have like 5-6 min, right?
oh dang u already king
lol
i'll be right there π
graceful bear
i'll be right there π
get here quick!!!
fossil pecan
graceful bear
fossil pecan
π
graceful bear
and you kept sending nyancat my way
fossil pecan
π β€οΈ
fossil pecan
I think I'll stream the next one (or two ... or three π )
https://f11snipe.live
edgy knoll
annoying bosses are online
stiff egret
?
fair adder
haha who did the nyan cat thing gj
fossil pecan
haha who did the nyan cat thing gj
π β€οΈ
stiff egret
Hit me up as well if you guys play another game
stiff egret
starts in 23min
that is a long time
fair adder
that is a long time
well good things take time to get build
stiff egret
this one is already going ... i'll pause my king if you wanna jump in
how much time in the game?
fair adder
oh im in that game didnt even notice
fossil pecan
14, 22min left
stiff egret
okay lets goooo
fossil pecan
so can be taken if in 6min π
stiff egret
ah, this was a new way to get in, had it in notes, tried it for the first time
king isn't showing up ?
whawt
okay got it
stiff egret
Hey
steep agate
@stiff egret how are you bro?
stiff egret
Hi, I am great,. just chilling, how are you?
steep agate
steep agate
Hi, I am great,. just chilling, how are you?
I was doing some tests, weekdays it's complicated for me to play CTF because I get very busy, school, work, gym, course, etc.
stiff egret
@fossil pecan you on the game or left?
steep agate
but i am fine
stiff egret
I was doing some tests, weekdays it's complicated for me to play CTF because I g...
yes, understandable, I can relate with that
steep agate
ah, injecting commands in other processes
basically you run a command in another terminal
stiff egret
Yeah., I assumed
steep agate
yes, understandable, I can relate with that
π€£
steep agate
Yeah., I assumed
I was addicted to koth, now there are more people addicted
stiff egret
been there, done that
steep agate
basically you run a command in another terminal
a friend of the team that I participate, is creating a tool that you can do this, only much more improved
steep agate
been there, done that
yeah
stiff egret
the thing is, the tool is awesome, but if you have to transfer it over to target machine to run, then it means it will be in the hands of opponents too
and they can reverse it/ find a way to block it
steep agate
and they can reverse it/ find a way to block it
yes this is true, but if this is to happen, it would be cool to put it in a directory that almost no one accesses
fossil pecan
<@118749350795935744> you on the game or left?
Nice snag! I stepped away for a few, but was kinda cheering for your comeback π
stiff egret
you know you can really monitor files coming in and executing, I mean the people who are able to do that would be less, but it is def findable if the person is monitoring the traffic
stiff egret
Nice snag! I stepped away for a few, but was kinda cheering for your comeback π
I was thinking about it, there was no resistence at all
steep agate
manipulating bytes of a file
stiff egret
Nice snag! I stepped away for a few, but was kinda cheering for your comeback π
I assume all regular footholds were blocked already
fossil pecan
idk, i don't usually block anything
stiff egret
generally the passwords were changed so
steep agate
you know you can really monitor files coming in and executing, I mean the people...
pspy does it
fossil pecan
^
stiff egret
that much I checked, then went with one very unusual method, I've had it noted down but haven't used that in ages
fair adder
if yall wanna chill hope in vc (my mic broken)
steep agate
if yall wanna chill hope in vc (my mic broken)
I'm broadcasting my screen
steep agate
what are you doing exactly
Testing bypass in XDR
and edr
and listening to some rave electronics
fossil pecan
if yall wanna chill hope in vc (my mic broken)
I can come join in a few
fair adder
I can come join in a few
ok nice
fossil pecan
Close game π
fair adder
Close game π
haha you good mate
fair adder
damn
swift laurel
Hey guys i would like to try koth for the first time , any beginner here would like to create a game ?
nova tide
Hey guys i would like to try koth for the first time , any beginner here would l...
You can join any online public game. Game will start if there are atleast 2 people available in the lobby.
Here is the link for a game that will start in 20 minutes: https://tryhackme.com/games/koth/join/7823293fddfd816a6d04cb96
Moreover, i recommend reading the rules and blogpost about KoTH.
!docs koth
pearl gladeBOT
TryHackMe
swift laurel
You can join any online public game. Game will start if there are atleast 2 peop...
Awesome i will have a read ! Cheers !!
fair adder
haha gj whoever got in first
steep agate
GG!
fossil pecan
haha i restarted sshd cuz i saw that too
still not working?
i can ssh ...
π€·ββοΈ
@steep agate ^
π
steep agate
i can ssh ...
yeah
fossil pecan
ya I need to keep working on those haha
getting alittle better, but still feel so lost on windows cmd/pwsh π
steep agate
getting alittle better, but still feel so lost on windows cmd/pwsh π
I understand
fossil pecan
@night sierra nice game π
cursive ether
hey Snipe
cursive ether
good boss, how about you?
fossil pecan
doing well!
getting workday going, playing a lil koth on the side lol π
what are you up to?
cursive ether
what are you up to?
just busy with some work, I'll play later on.
cursive ether
@fossil pecan are you in a game at the moment?
fossil pecan
<@118749350795935744> are you in a game at the moment?
^
cursive ether
haha I'll hop in one of them
fossil pecan
36min left of lion:
https://tryhackme.com/games/koth/join/5b532dc7d1f5ecbb79e4a97d
empty scores sofar
cursive ether
I'm on lion haha
fossil pecan
Oh my
cursive ether
@fossil pecan i thought you'd be a king by now
fossil pecan
I'm just chilling and coaching today π
I'm AFK now haha
Coming back now
Are you in?
fossil pecan
<@118749350795935744> i thought you'd be a king by now
^
cursive ether
Are you in?
yea I am still looking for a way in on that mysql
fossil pecan
i found LFI on http 5555 π
cursive ether
nice
fossil pecan
king has been unlocked π
cursive ether
haha
cursive ether
i'll be right there
you were still finishing the other one
cursive ether
I'm trying to find a way to get into ssh, because I hit a dead point with the web server
fossil pecan
Here's a fitting riddle for this box....
The way to SSH is thru FTP π
cursive ether
thought about π
swift laurel
Im trying to figure out how to access FTP if port 21 is closed ?
fossil pecan
@swift laurel need to scan more ports ... 22 + 9999 and 4 more open ports π
fossil pecan
food game starting now
https://tryhackme.com/games/koth/join/c97e1ba03722994e64b37e84
fossil pecan
ooo
hackers
kinda fun one
gotta brute force all entries i think ...
after some initial recon***
swift laurel
Good morning all !!
fossil pecan
great game! π
fossil pecan
!docs verify
pearl gladeBOT
TryHackMe
fiery drum
Sweet!
fossil pecan
ya
cobalt dome
Gg
swift laurel
Good morning everyone !
cursive ether
hey guys, anyone wanna play?
swift laurel
you still playing scully?
cursive ether
let's create a game, if there's no public ones
edgy knoll
ok
topaz crane
GG @fossil pecan
fossil pecan
GG <@118749350795935744>
Ya! That was a good one π
jovial field
anyone up for koth? https://tryhackme.com/games/koth/join/b4edde2395cf4edfd8b6f453
leaden knoll
yup
leaden knoll
i think it is a problem with ssh
i found the user and password but doesnt work
@jovial field
jovial field
i dont think so
leaden knoll
are you sure ?
leaden knoll
oh really ?
jovial field
maybe
leaden knoll
hmma
did you change the password ? :)))
@jovial field after this match, you will want to play another match ?
jovial field
yes
jovial field
why?
ok
then just lookup some services
you could for example try to bruteforce the ftp service with the given users like tyche
or amechania
stiff egret
Anyone playing rn?
nova tide
Anyone playing rn?
YES
fair adder
Hi
fossil pecan
just hanging out, getting ready for work ... and playing a couple koth games π
you playing?
fair adder
you playing?
At the moment, no
fair adder
@fossil pecan did you find any flag?
in the Shrek machine(koth)
i can't find any flag inside the /home directory
is it kind of cheating????
naive goblet
it is not named user.txt then???
fossil pecan
Ya each user should have one
fossil pecan
i can't find any flag inside the **/home** directory
^
nova tide
i can't find any flag inside the **/home** directory
Try looking inside each user directory, you might find some.
fair adder
Try looking inside each user directory, you might find some.
I did that
fossil pecan
<@118749350795935744> playing rn?
ya! in queue, next in 17min here
https://tryhackme.com/games/koth/join/137642dbfb6dabb751999315
stiff egret
Ayy i am travelling, but let's see as long as the laptop battery lives imma attack that king.txt!
See you in terminal! (:
fossil pecan
yay!
stiff egret
You in game? @fossil pecan
fossil pecan
You in game? <@118749350795935744>
oh ya, just watching π
doing some enum + recon
fossil pecan
@stiff egret getting some fun things setup π
stiff egret
Ay man
Just left the box, dropped the king setup and laptop is on 50 %
So saving some battery now
stiff egret
ππ it'll be fun, tho it only sends revs to my box, so unless you reverse it and change the IP, it's gonna make me king and send me shells everytime you use it π
stiff egret
Damn, gg @fossil pecan that was one hell of a game
fossil pecan
Damn, gg <@118749350795935744> that was one hell of a game
that was awesome! was sweating haha
stiff egret
I swear my co travellers think I was hacking something illegal, it's 2 AM here and I am in a public bus
fossil pecan
hahaha
@stiff egret i'm having so much fun with these koth games! ... i know it's kinda taboo haha, but about new boxes ... i have a lot of fun + cool ideas, and would love to chat with someone about possibly helping to build out some new koth boxes in my spare time π
are you the person for me to talk to? if not, can you point me in the right direction? β€οΈ
stiff egret
Generally Skidy would be the person to go to for that. There are 4 indev boxes with me, but I am just not able to cut out time to QA test them and push to Skidy
shoot a msg to them, obv rule of thumb ask for DM first.
fair meteor
u sure ?
stiff egret
Starting in 20 minutes, depending on how fast people join in so
15 minutes out, gods it takes forever to start.
prisma roost
π
stiff egret
ayy, gonna be fun!
prisma roost
lemme see if @placid fable is up, π
stiff egret
Not the saturday morning I wanted, but gotta say this is hopefully gonna be fun, as long as it isn't Hogwarts./ or windows in general
prisma roost
stiff egret
lol
radiant sun
β οΈ
stiff egret
prisma roost
O.o
stiff egret
man I am not on system, just about to get back, went to get waterbottle
fossil pecan
looks like holmes brought the same kit as last time π
stiff egret
looks like holmes brought the same kit as last time π
reverse and it;s yours (:
fossil pecan
i''ve already got a copy π .. but building my own too π
prisma roost
shell killer?
fossil pecan
haha ya just any stable ones at least
prisma roost
nice but you didn't change the ssh password,
just logged back in
kick the people out and close the doors too
fossil pecan
im just observing
prisma roost
10.17.1.8 who is this guy, just killed his shell
lool
nice, who's done this neat trick?
fossil pecan
was testing something for king, now lagging soo hard most cmds hang forever lol ...
prisma roost
yep, people spawning a bunch of processes trying to overwrite the king file
prisma roost
damn, machine is hella slow
fossil pecan
radiant sun
h00dy and holmes battling it out on king.txt
Holmes is legendary I couldnβt even touch king.txt
stiff egret
One hell of a Saturday Morning (: β€οΈ
radiant sun
wow whoever this is, you have trust issues <:kekw:658061932577816606>
Bro dass meπ
Was hella fun π€© ππΌ
stiff egret
def π
placid fable
lemme see if <@785660045496025108> is up, π
Oh, sorry. Have been busy lately.
Moreover, I haven't played any KoTH for a while, so hands aren't prepared well enough to go against Holmesπ
placid fable
I kinda missed your random nyancating my shells, wasn't the same honestly
I wonder if it worked correctly. Like me and you having the same terminal window size (rows, columns) or else it would just show glitchy
prisma roost
It used to work perfectly for me, maybe we do have the same terminal sizes π
placid fable
Maybe, oh I could have read your size first. stty -F /path/to/tty is it?π€
Anyway, it was fun π
placid fable
Hasn't Mathew updated his?
placid fable
Ahem, more boxes..ahem Holmes and Naughty
prisma roost
stiff egret
HMU if anyone plays in a while
stiff egret
hmu
https://tryhackme.com/games/koth/join/9557fef9d09499392000bf13
Starting in 21, depending on when you join in.
stiff egret
it's gonna be a bloodbath
I don't know who JohnHelarry is, but I do feel bad for them.
prisma roost
power went out here, so I'm out too
stiff egret
ah shit, tc.
prisma roost
welllll, I have mobile data tho
stiff egret
another match then?
Hogwarts or Windows and I click on leave game button
it's just dumb to try to fight with a knife if you don't know which side is blade
stiff egret
lol I told you, Hogwarts for unfair advantage
and windows because I believe KoTH is for when you know your way around the machine well enough to defend it. And I simply am not that good at windows. So
prisma roost
well, how are you gonna get with windows if you straight up give all the time
stiff egret
exactly, so when I said KoTH is for advanced level, that means I am learning on basic level, I just haven't reached the point yet.
I don't believe in the way of jumping in the river and learning while drowning
so I'd rather learn first which side is blade.
stiff egret
I don't believe in the way of jumping in the river and learning while drowning
(though I must admit I learned linux that way only)
prisma roost
just jump into it, most that happens is we laught at your inadequesies
and mattew is king already
stiff egret
just jump into it, most that happens is we laught at your inadequesies
fair enough, I think I will at one point, and now that I will have more time to work on my skillls from this week, I will be able to jump in.
stiff egret
and mattew is king already
They are good at it. And, well, clearly better at windows than I am. GG
prisma roost
I mean, you guys have done more than 200 games, it should be easy at that point
stiff egret
Man, it's been over 2 years, since KoTH was launched.
Very few of the people who were there when it was launched are here anymore, or even play KoTH anymore.
prisma roost
stiff egret
it is, very.
stiff egret
I mean, you guys have done more than 200 games, it should be easy at that point
keeping in mind that for more than one year, there was just one machine with Windows OS in pool.
prisma roost
maybe cuz the're more resource heavy to run and not that popular either
stiff egret
Yes, plus devving a windows machine is comparatively not very dev friendly. At least for KoTH. Where we have to add 4:4 foothold:privesc in the machine.
stiff egret
lol
prisma roost
prolly should've left and kept my dignity
stiff egret
Personally speaking, attacking and gaining admin in windows is not an issue for me, it is the defending in Windows where I lack behind.
That is also, generally, the area which requires a better understanding of the OS to gain expertise in.
prisma roost
well, I've got a user shell so π€
stiff egret
ay, best of luck! (:
unreal jasper
Anyone playing?
fossil pecan
Anyone playing?
^
unreal jasper
Ty for the ping. My vm decided to nuke itself and Iβm to lazy to reimage it so imma sit this one out
stiff egret
tag me if any match about to start, wanna do a game
stiff egret
**!**me
fossil pecan
what a game! good one for me to end on haha , need to sleep π
jovial field
Is it allowed to forward the traffic on the Box from Port 9999 aka. The koth service to an own service and send the own name?
quiet schooner
Is it allowed to forward the traffic on the Box from Port 9999 aka. The koth ser...
You are not allowed to interfere with the KoTH service
jovial field
ok
nova tide
Also specified in the rules, i would recommend reading rules as well:
jovial field
Yeah i know i thought it could be allowed because you are not actually touching the service
stiff egret
....
jovial field
anyone up for koth? https://tryhackme.com/games/koth/join/21c4fb5dd923e4823f2fbc70
(ca. 24min)
steep agate
im baaaaaaaaaaaaaaaaaaaaaaack
steep agate
windows is pretty cool, on windows i like to test AV/EDR/XDR, it's a really cool subject
.ps1 scripts, powershell tricks
orchid kelp
Hello
steep agate
Hello
orchid kelp
@fossil pecan ESEY
proven garnet
would it be unfair to change an ssh password for user in koth
fair meteor
its fair
orchid kelp
oh the match! π π€¦ββοΈ
jovial field
i hate carnage!
I am finally in but cant escalate to root
π¦
This will literally take two or more matches until i master this machine
edgy knoll
@tranquil pewter
ripe yoke
anyone wanna play koth? starting soon
nova tide
anyone wanna play koth? starting soon
you left?
ripe yoke
no, i got beat by you xD
cursive ether
anyone wanna play a game?
cursive ether
alright joining now
steep agate
ok
fair adder
3 more minutes to go
steep agate
3 more minutes to go
GG
nova tide
@steep agate you have a shell?
steep agate
chmod everything?
no
nova tide
that's not how you patch lmao
steep agate
I just fixed the backdoor, removed the .ssh, changed the passwords, and patched port 3000
nova tide
yeah i can see the patching
nova tide
π€·ββοΈ
steep agate
nova tide
counts as machine broken. If you wanna reset or just stay alone in machine where whole sytem is chmod.
steep agate
nova tide
nova tide
dont cry π€£
huh?
steep agate
just no simple command injection, backdoor port, remove .ssh keys, and change passwords
nova tide
dont cry π€£
We are literally discussing it in koth staff who broke the rules and asking you as only you seem to have the shell..
smh
steep agate
We are literally discussing it in koth staff who broke the rules and asking you ...
oh
but it wasn't me, if you want I'll send you more evidence
nova tide
enjoy the free win. Just patch the things the way they are supposed to be. Whole system have already been chmod.
nah its fine
GG's
steep agate
there was someone using while with pts kill, but I ended these processes
nova tide
i have that in koth staff π
nova tide
but it wasn't me, if you want I'll send you more evidence
mind wanna check the permissions on bash binary?
steep agate
someone must have changed the apache settings
steep agate
mind wanna check the permissions on bash binary?
yes
I have a clear conscience, it wasn't me
steep agate
and I wasn't even supposed to be in this match, I joined for fun
nova tide
So you can fix it as you have the shell?
^
steep agate
So you can fix it as you have the shell?
as well ? I'm using google translate, did you mean
you mean to put things back?
steep agate
lol
just went into the backdoor that no one had fixed, got the id_rsa from bunny, escalated privileges, kikei all shells, fixed port 3000 first, then the backdoor, then removed the .ssh keys and changed the passwords as shown in my screenshots terminal
nova tide
If anyone else sees someone breaking rules again like happened in this game please report at koth@tryhackme.com
- chmod whole machine
- closing ports (61432)
steep agate
lol, so backdoors can't be fixed?
stiff egret
Alright, not what I expected to read on a Sunday morning one hour after I woke up.
So, MatheuZ, clearly there is a communication gap here as you mentioned using gtranslate. That is fair.
About the rules, someone, broke the machine, by essentially braking chmod permissions in it for almost everything.
And the person with the active shell is bound to be blamed.
You do not kill a service to fix it.
steep agate
About the rules, someone, broke the machine, by essentially braking chmod permis...
yes someone broke but it wasn't me, i entered the shell later
stiff egret
I don't understand what is the hype of winning a game, it's about enjoying it. Whoever it is in the game right now and is breaking the rules.
I'd suggest please read the rules first, because for precaution, we will send out a warning to all users in this game. Please be aware of what you(all users in the game ) do when you are playing a public match.
steep agate
And the person with the active shell is bound to be blamed.
I was in a DM with the @random trellis
steep agate
I don't understand what is the hype of winning a game, it's about enjoying it. W...
if you want I can show you more evidence, I really wasn't the one who took the permissions from port 80
stiff egret
I do not have a shell and nor am I on my system right now to monitor anything. I am just saying as a general precautionary measure to you all that please read the rules, understand the difference between patching and basically breaking the machine.
This is supposed to be a stimulated environment for how you tackle real life attacks, and killing all pts is just a dumb and the type of move that will get you kicked out of a job in industry.
stiff egret
if you want I can show you more evidence, I really wasn't the one who took the p...
As I said, I am not on system right now to actually verify any evidence. Thank you for cooperation.
sour vectorBOT
Gave +1 Rep to @steep agate
nova tide
Public game starting in 19 minutes:
https://tryhackme.com/games/koth/join/ddb43ca006e4b22d7ad6092a
stiff egret
steep agate
I do not have a shell and nor am I on my system right now to monitor anything. I...
kill process and pts itself is stupid, when you hide in the machine, or you already have rootkit + persistence and you already have your C2 prepared, but since it's koth, the goal is to stay in king
stiff egret
Posting this again here, so incase someone can't find the rules page, can read these here and ask if you have any doubts.
steep agate
As I said, I am not on system right now to actually verify any evidence. Thank y...
right, I have a clear conscience, if I need it I'm willing to help with anything π
fossil pecan
Posting this again here, so incase someone can't find the rules page, can read t...
COUGH COUGH @random trellis - remember what I said the other day about chmod -R / ?? ... ya, not a good result π
stiff egret
I mean how hard can it be to understand rule 8?
steep agate
I just won the match out of honesty... but I understand anyway, you guys are employees and you do a great job, that's right! good work, thanks but still, thanks for the game, space jam is really an interesting machine
have a great morning/afternoon/evening, if you need anything you can call me π
stiff egret
Edit: not employees, just volunteers. Again I am guessing that is another gtranslate gimmick.
random trellis
**COUGH** *COUGH* <@899296404906868766> - remember what I said the other day abo...
i used chmod -R a+x /root just because the root folder was locked and i thought a+x is used to permissions
random trellis
If anyone else sees someone breaking rules again like happened in this game plea...
i havnt closed any port, i tried to login with 61432 port but @steep agate fixed it
and the pkill i used just because someone removed command injection from port 3000
@nova tide also sent me nyncat and breaked my shell in KOTH whats about that
is it not against rules?
stiff egret
@random trellis
Give the rules a read. Breaking shell/killing shell is not against the rules. But setting a while loop to do that is just. Well.
random trellis
<@899296404906868766>
i am sorry for that, i used while loop but that gave me an error, i havnt cheated trust me, even i was asking matheu that command injection is closed and there was port 61432 that is not working
so i quit the game
see this bro
stiff egret
As I said before, since we do not have any enough evidence against anyone, we just warned everyone in that game for rule check. Other than that, all the best for future games and just keep an eye out for rules.
It's a game in the end and playing by the rules is the only way it can be entertaining.
I mean imagine if no one can get a shell at all, then what's the fun in that?
random trellis
okk bro i was just gone afraid to get my account banned
steep agate
i am sorry for that, i used while loop but that gave me an error, i havnt cheat...
the port 3000 I had fixed, the port that had a backdoor too, but someone had used chmod on port 80 and no one knows until now
there were several "whiles" of kill pts running in the background
stiff egret
there were several "whiles" of kill pts running in the background
That, I know, were from RamghariaSaab.
About chmod, we have no clue who did that, tho F11 did pointed out that RamghariaSaab had a conversation about that.
This chapter is closed now.
random trellis
That, I know, were from RamghariaSaab.
About chmod, we have no clue who did tha...
the chmod f11snipe was talking about, that was a match betwee us when f11snipe locked the king i used chmod -R a+x /root; chmod -R a+x /root/king.txt, and then i asked f11snipe about it and he told me that it doesnt unlock it , it will break it
proven garnet
Use chattr
naive cradle
random trellis
@stiff egret how to take action against someone who resets the machine for no reason
steep agate
<@580609268261191680> how to take action against someone who resets the machine...
after no one can take it king or they can't get access after fixing the box they just click reset, don't test other methods to gain access... π€£
random trellis
after no one can take it king or they can't get access after fixing the box they...
true
stiff egret
<@580609268261191680> how to take action against someone who resets the machine...
Honest answer, there's no action against dumbess in rules.
It's just that people are dumb and irritating who doesn't value the game who go ahead and reset uselessly. Best case, stop playing with them. If they spamming a lot, then report with game IDs and whatever evidence you can gather on koth@tryhackme.com
random trellis
Honest answer, there's no action against dumbess in rules.
It's just that peopl...
okk bro thanks
sour vectorBOT
Gave +1 Rep to @stiff egret
jovial field
did someone delete the user folders out of the home dir?
there is only the folder i created left
i guess we should reset the machine
steep agate
WTF
naive goblet
nearly 30 mins of king that is a huge amount of time to be king
probably have done the box before if they can do it that quickly
steep agate
nearly 30 mins of king that is a huge amount of time to be king
I don't think you noticed, I'm not even in the game, I joined as a spectator and I can see the IP of the machine
naive goblet
oh haha
steep agate
π€£ π€£ Wtf brrrooo
naive goblet
now wonder if that is a bug
steep agate
now wonder if that is a bug
too π
naive goblet
could always send it as a report in #site-bugs if it is
or even if it is not and see what the response is
solemn raptor
hey everyone, does anyone know how I can spectate KOTH games? the THM link just takes me to the game page. (unless that's considered the spectating?)
oh nvm it says there's a spectator link to share hmm...
nova tide
hey everyone, does anyone know how I can spectate KOTH games? the THM link just ...
Some people join koth-vc while playing KoTH and some also like to screenshare so others can learn/see what they are doing. Other than that there isn't much of a spectating option on site except for viewing the scoreboard.
solemn raptor
Some people join koth-vc while playing KoTH and some also like to screenshare so...
ooo okay ty! will check that out
proven garnet
Ik f11snipe would play in vc now there isnβt many people that join vc for koth tho
random trellis
I don't think you noticed, I'm not even in the game, I joined as a spectator and...
it happened with me too 2 days ago, I was spectating @tranquil pewter match of offline machine and was able to see the machine i.p π€£
steep agate
it happened with me too 2 days ago, I was spectating <@776565870809841715> mat...
WTFFFFF π€£ π€£
tranquil pewter
it happened with me too 2 days ago, I was spectating <@776565870809841715> mat...
You should have hopped on. See if taking King would get you listed. Haha
random trellis
You should have hopped on. See if taking King would get you listed. Haha
i tried it once in a private match, but it doesnt work
tranquil pewter
I see. That's cool to know. Haha
stiff egret
I don't think you noticed, I'm not even in the game, I joined as a spectator and...
It's an active and already reported bug on the site that reveals the IP of the game you are spectating.
gentle bloom
Asked in #general a few days back, but it got buried before I could get an answer
Considering playing some KoTH with friends, suggestion on the easiest KoTH box to start with (since we haven't worked the whole defending side yet)?
brazen cloud
Asked in <#680459914828972076> a few days back, but it got buried before I could...
Spacejam (the easiest out of the following), Panda & Food is pretty nice to play. Food is also available as a room on THM, so you can get some practice in
Shrek too, I think.
I need to get onto KoTH myself πͺ I haven't played it outside of the internal beta testing & with colleagues once or twice
steep agate
It's an active and already reported bug on the site that reveals the IP of the g...
oh
i understand
nova tide
I need to get onto KoTH myself πͺ I haven't played it outside of the internal be...
π
prisma roost
π
stiff egret
π
plain badge
hello, the hogwarts machine does not have king.txt?
prisma roost
hello, the hogwarts machine does not have king.txt?
blame @stiff egret π
prisma roost
of course
plain badge
I saw that I didn't have king.txt, so I created one, is it against the rules? I can correct
stiff egret
No, it is okay to create /root/king.txt in Hogwarts.
As by default, there isn't one in there.
plain badge
I understand, it makes sense. "Feature" π
Thanks, I was afraid to break some rule as I couldn't find a king.txt. Thank you anyway
radiant sun
Lol guys be hitting reset without any reason
random trellis
Lol guys be hitting reset without any reason
they dont try to find any new way and just hit reset π€£
hahahaha thanks bro
sour vectorBOT
Gave +1 Rep to @radiant sun
digital horizon
anyone want to do a KOTH? im new to those kind of games and want to try it out
radiant sun
Yea kk
edgy knoll
i want to report a child
prisma roost
i want to report a child
koth@tryhackme.com :)
be sure to include proof, screenshots etc.,
edgy knoll
okay
radiant sun
lol bro you were the one messing up with ssh conf file
random trellis
@radiant sun is absloutely right
we have proof @edgy knoll
you messed with sshd_config
near lily
If you have proof, submit it to the Staff and leave it to them.
Not that I'm a mod or anything.
edgy knoll
we have proof <@800814635744886859>
wtf bro
random trellis
why there is no SSH in this machine
edgy knoll
which machine is that
radiant sun
lol, lion
edgy knoll
?
random trellis
lion
radiant sun
why would you send that audio message
edgy knoll
because im angry asf
radiant sun
then who deleted half of sshd_config data
radiant sun
i want to report a child
who are you talking about
radiant sun
oh, okay sorry then bro my bad we misunderstood
edgy knoll
@random trellis really reporting while i didnt even play
radiant sun
nah i reported
edgy knoll
nah i reported
did i win
radiant sun
nah
edgy knoll
did i even play
radiant sun
idk
radiant sun
okay calm down, i'll take back the report
edgy knoll
is not on attackbox
edgy knoll
okay calm down, i'll take back the report
next time actually check I'm sure there were other guys in the game why think it's me
and I didn't win
radiant sun
no comments
edgy knoll
π
random trellis
<@899296404906868766> really reporting while i didnt even play
@radiant sun reporting
not me
random trellis
sorry bro @edgy knoll
edgy knoll
while i was busy with you
random trellis
now we have too many proofs we can report him
radiant sun
yea seeing the other guy is lvl 3 i didn't thought he could change the conf file too
but who knows you made him king, just saying no offenseπ
so , im not reporting anyone right now
but i'll make sure to collect every proof from next time
edgy knoll
yeah you know i was level 1 too right
edgy knoll
but who knows you made him king, just saying no offenseπ
when i started beating up losers ;like u
random trellis
same here, changing ports are allowed but stopping services is cringe
radiant sun
π
edgy knoll
but who knows you made him king, just saying no offenseπ
they reset dummy
Bye i'm going to spam resets
they started it π₯±
steep agate
willow thunder
anyone to play ?
willow thunder
`
steep agate
anyone to play ?
π€
stiff egret
If anyone starts any match and need a player, ping me too. Around here for a while
sonic belfry
If Mr. Holmes joins, it becomes King of the Holmes π
fossil pecan
plain badge
@random trellis you're very good man
prisma roost
If anyone starts any match and need a player, ping me too. Around here for a whi...
Hi.
random trellis
<@899296404906868766> you're very good man
but i lostπ₯²
i had all flags, but havnt submitted because i knew that i am going to lost this match nowπ€£
plain badge
i had all flags, but havnt submitted because i knew that i am going to lost this...
even so, that was close π
we will see now
stiff egret
Alright done with it people @nova tide @prisma roost @near lily
Give em kids permission to tag and watch them go berserk
prisma roost
random trellis
we will see now
you won again bro, i came late too kingπ₯²
near lily
Alright done with it people <@267010557889085440> <@717250576747986955> <@958383...
I was just wondering if it's ok to share your KoTH notes.
plain badge
bro i almost lost π
stiff egret
I was just wondering if it's ok to share your KoTH notes.
Since you asked politely, what part of them?
stiff egret
public notes
Alright, imma public my backdoor system/payload gen thingy as soon as I get my next job
stiff egret
That will, also, almost break all public matches from thereafter tho
prisma roost
honestly, if it's public people will come up with fixes for it
stiff egret
It will either kill KoTH to boring level or will make it super exciting
prisma roost
like just find stuff it needs for basic functionally and make your own script to kill it
stiff egret
Yes
That's basically what me and Naughty did for hours to almost everything there is publicly for KoTH
Hmm this got exciting
Feeling like an iceberg, might hit a Titanic and public the notes tonight lol
@nova tide what say?
prisma roost
That's basically what me and Naughty did for hours to almost everything there is...
just pgrep -a sh | xargs kill
stiff egret
LoooooooL
I remember when I once posted that
And someone used it
And said
Burh it killed my own shell wtf
prisma roost
near lily
Since you asked politely, what part of them?
Someone asked for some tips on KoTH and I thought your github was simple enough for them to understand, and then build on their own.
stiff egret
Someone asked for some tips on KoTH and I thought your github was simple enough ...
Fair enough, that repo is history tbh, just direct methods to root of some machines.
It do, tho, gives them an idea about what they should do. But not much
stiff egret
Yeah, @random trellis I don't know what it was, but it seems to be working fine right now.
Just tried joining a game on phone
fossil pecan
what's up peopless?!? anyone playing today?
random trellis
Yeah, <@899296404906868766> I don't know what it was, but it seems to be working...
i was gone afraid thought i am the only one getting 404 error
stiff egret
Gods I wish the cloudflare would let my bot go through, that way I'll be able to print out a leaderboard of who's spamming the matches with bots or alt accounts. And the frequency analysis will also tell a great deal about it.
smh
@grand ember how the hell
did you join the vc exact same second
szy#bot confirmed
grand ember
i joined like a minute after you lol
random trellis
@stiff egret i was outside and just came and saw you were in the match and kingπ₯² , I was trying for king but gone kickedπ€£
random trellis
ohh so you changed port once again
stiff egret
ah, I am not in the game/VM/
random trellis
i am going king rn with 30 mins timingπ
stiff egret
oh GG lol When you said you were kicked etc, I left the game thinking no one is playing anymore
I don't remember there being a flag on /flag
π€
random trellis
there was i guess
stiff egret
I could be wrong tho, will have to check notes and I am off the desk now so
π lol
random trellis
oh GG lol When you said you were kicked etc, I left the game thinking no one is ...
Example of overriding settings on a per-user basis
#Match User anoncvs
X11Forwarding no
AllowTcpForwarding no
PermitTTY no
ForceCommand cvs server
DenyUsers ftp
Port 65534
i found it so rejoined
random trellis
I could be wrong tho, will have to check notes and I am off the desk now so
there was flag at ip/flag that was double encrypted with hexadecimal and base 64
quiet schooner
Gods I wish the cloudflare would let my bot go through, that way I'll be able to...
Sounds like you need to chat to Skidy
quiet schooner
there was flag at ip/flag that was double encrypted with hexadecimal and base 64
Neither of those are encryption
stiff egret
Sounds like you need to chat to Skidy
I am thinking of maybe getting one aws IP whitelisted if he will. Then can use that with openvpn
random trellis
@fair meteor lol cant you play a fair match instead of kicking and resetting machine
plain badge
π π
fair meteor
lol am serious
i know hw to do it but i tried it on production machine and i enter using skidy
@steep agate u removed that youtube content
fair meteor
i know hw to do it but i tried it on production machine and i enter using skidy
but after getting root and i use chattr its saying
on kind of thing ion what it is
stiff egret
that is an intended troll
steep agate
@stiff egret
jasper05 is closing services
several friends of mine are complaining about jasper05, because it is using autopwn, and it is closing the services
Do I report here?
stiff egret
Drop an email with whatever evidences you have, (from your friends as well) to koth@tryhackme.com
steep agate
right
stiff egret
so we have something in the lines incase needed. Discord chats are not preferred way to report
steep agate
I'll send
stiff egret
Thanks
steep agate
ok, I'll send it to the email, it's not the first, second or third person who comes to my DM to complain about jasper, who is closing all services and using autopwn, deleting pages
report sent
lol he just killed ssh π€£
Now that I've gained access to the machine, I'll get more evidence and send you holmes
it actually stopped the ssh service π€£
more evidence about jasper5, sent by email sir holmes, now it is proven that he play dirty in koth xD
random trellis
more evidence about jasper5, sent by email sir holmes, now it is proven that he ...
there are many players who are trying to report jasper5, yesterday in h1 easy he edited port 8002 webpage, but after that when i got root from port 8000 he stopped every service of the machine, i was getting only errors for opening webpages
steep agate
there are many players who are trying to report jasper5, yesterday in h1 easy he...
yes, the same thing happened to me, he stops all services
random trellis
i know hw to do it but i tried it on production machine and i enter using skidy
chattr in production machine dont work, so i used my own chattr
fair meteor
chattr in production machine dont work, so i used my own chattr
@random trellis oh thanks so u uploaded it from ur machine
sour vectorBOT
Gave +1 Rep to @random trellis
fair meteor
but when i do that it shows me error
i also tried using chmod +x chattr but still i keep getting error
random trellis
@fair meteor download busy box chattr from here
https://busybox.net/downloads/binaries/1.31.0-i686-uclibc/
fair meteor
okay thanks
next grotto
Is there anyone who would like to do a king of the hill H1:Easy ?
random trellis
Is there anyone who would like to do a king of the hill H1:Easy ?
sure
steep agate
here everything is normal bro, and I just killed the pts, when you entered the machine
random trellis
hint:- in smbclient you will get password of another user
random trellis
i hope you left tigress door for themπ€£
steep agate
i hope you left tigress door for themπ€£
hahahah it's been open so far, but it only enters through the writeups path...
steep agate
hahahah it's been open so far, but it only enters through the writeups path...
he*
relax buddy, it's just a game, why do you take it so seriously? i was playing watch dogs while i was playing this machine π€£
and I just fixed the .ssh and the shifu password, you didn't even try other methods to enter
steep agate
<@957876172962791435> port 139 and 445 are still open
and there's still another backdoor
steep agate
try and give some time
are you seeing? that's why people get irritated, don't try another way to get into the machine, it's always the same....
I'm not even in the machine anymore, it's already gone, now I'm raising my C2
random trellis
are you seeing? that's why people get irritated, don't try another way to get in...
every machine have atleast 3 doors, and its written in the KOTH description too
steep agate
every machine have atleast 3 doors, and its written in the KOTH description too
yes, but many don't try any other way and come all irritated π€£
youtube videos machine koth... π
random trellis
π₯²
random trellis
@jovial field it was a good match in H1 easy
i hope you are not the one who clicked on reset when i fixed the crontabπ
jovial field
yeah was afk after the middle of the match but was a good game
doing a new match now: https://tryhackme.com/games/koth/join/f4da8715441ea9bd7e173a1c
median tapir
Helloπ
next grotto
I'm up for an H1: easy koth
limber rune
Whoever is playing Koth rn I'm so sorry for continously kicking you off π but it was so funny
@junior pulsar Bro I'm sorry ππ
junior pulsar
<@564596189719166979> Bro I'm sorry ππ
No problem i do it sometimes XD 
limber rune
No problem i do it sometimes XD <:laugh2:945365991704100864><:gigachad:963063788...
ππOng
jaunty gyro
Ahh that's no fun
plain badge
user infodarms.ch created a file king2.txt in /root with his nick. lmao π π π π
naive goblet
did it work???
plain badge
no, I just thought it was funny
stiff egret
lol
random trellis
user infodarms.ch created a file king2.txt in /root with his nick. lmao π π π...
π€£ π€£ π€£ π€£
Its funny but it also happens when we try to edit read-only file with vim, sometimes it creates a new file instead of editing itπ
dense sun
@random trellis damn, are you in two koth and leading with 15 flags at the same time? Geez, nothing gets past some of you here π
rose fern
is using hydra allowed for koth?
nova tide
is using hydra allowed for koth?
Yes, there are a few rooms where you need brute forcing.
rose fern
Yes, there are a few rooms where you need brute forcing.
Interesting, I thought brute forcing was a cheap tactic to get into a room. Are you sure you have to brute force to get those few rooms? I thought there is a way to get in every room through existing vulnerabilities or random clues.
nova tide
Interesting, I thought brute forcing was a cheap tactic to get into a room. Are ...
There are multiple ways to get foothold and brute forcing passwords could be one as well.
rose fern
There are multiple ways to get foothold and brute forcing passwords could be one...
I see. Thank you!
sour vectorBOT
Gave +1 Rep to @nova tide
plain badge
wtf, I'm not even in the game, why am i able to see the ip of the machine? π
random trellis
wtf, I'm not even in the game, why am i able to see the ip of the machine? π
This bug is reported and i thought its fixed now, but it is still hereπ
nova tide
where is the flag file?
seems like someone might have deleted it.
stiff egret
@haughty turtle Please avoid posting direct solutions or spoilers in chat. (in this case, locations of all flags. )
haughty turtle
<@811988743417233408> Please avoid posting direct solutions or spoilers in chat...
sorry didn't know that
haughty turtle
seems like someone might have deleted it.
is it allowed to delete flag like that?
nova tide
is it allowed to delete flag like that?
its not.
sour vectorBOT
Gave +1 Rep to @nova tide
fair meteor
@stiff egret why........your riddles hogwarts..........so hard to decrypt π
steep agate
@random trellis π€£ π€£
random trellis
<@899296404906868766> π€£ π€£
π€£
@steep agate yesterday i did curl I.P:22 in hogwarts and found there is a webpage at port 22, but my browser was not allowing to access, was getting restrictionsπ₯²
and also found a sql vuln page, when i logged in it was all black screenπ€£
i think if i change my browser maybe next time i will understand them
haughty turtle
<@899296404906868766> π€£ π€£
this must be me for sure
and i need a hint why this password is wrong
random trellis
and i need a hint why this password is wrong
because its changedπ , he changed it for sure
haughty turtle
stiff egret
<@580609268261191680> why........your riddles hogwarts..........so hard to decry...
Original PoemsΒ©οΈ in there
π
haughty turtle
what is this letter guy?
random trellis
what is this letter guy?
G .... The word will be Glad may be
fair meteor
or if it was two G's it would have been Good Game
random trellis
or if it was two G's it would have been *Good Game*
its flag lol, in h1 easy machine.. Its written in asciiπ€£
i was also confused first time that what it is, so at last i got that its a flag
stiff egret
and also found a sql vuln page, when i logged in it was all black screenπ€£
I see the first interaction with Hogwarts machine?
random trellis
@stiff egret i get full black screen after login here in hogwarts
i did hogwarts many times with neville but just trying to understand other doorsπ
there is login.php so maybe i need to run sqlmap
stiff egret
<@580609268261191680> i get full black screen after login here in hogwarts
I am just gonna say what's the first thing we do when we see a webpage.
haughty turtle
G .... The word will be Glad may be
i was confused why the word is Gad cuz i didn't know there is a " l "
@random trellis i was doing the spacejam with u, can u tell me how to write into that king.txt or u patched it already?
and do u know how to revert the patch like make it vulnerable again?
random trellis
i was confused why the word is Gad cuz i didn't know there is a " l "
i made that file to read only
you can make it writable again after removing the attributes
random trellis
I am just gonna say what's the first thing we do when we see a webpage.
thanks, got user hermoineπ
sour vectorBOT
Gave +1 Rep to @stiff egret
haughty turtle
i made that file to read only
but when i do ls -la i see that it rw and how do i make it writable again?
cuz when i do lsattr it has the --ia--
random trellis
but when i do ls -la i see that it rw and how do i make it writable again?
i added attributes with chattr lol, not with chmod
random trellis
cuz when i do lsattr it has the --ia--
exactly i used chattr +ai /root/king.txt
random trellis
u removed it?
hahaha yess
haughty turtle
ahh i see cuz i read about that tip as well but when i do chattr -i /root/king.txt it said chattr not exist
so i assume it got removed
i don't know the way to download it back as well lol
haughty turtle
get it from your machine
i was trying to wget it but i don't much about the executable file
i did chmod +x chattr that i got from machine
and that's it, that's all I got i stuck there
do u have youtube bro?
i wanna learn about this koth
random trellis
hahaha no i dont have sorry
haughty turtle
u should have one hehe u're good
haughty turtle
hahaha no i dont have sorry
anyway thank you for answering
sour vectorBOT
Gave +1 Rep to @random trellis
haughty turtle
ill prob ask more in the future
haughty turtle
wget https://busybox.net/downloads/binaries/1.31.0-i686-uclibc/busybox_CHATTR
thank you i'll learn more about this
sour vectorBOT
Gave +1 Rep to @random trellis
random trellis
https://tryhackme.com/games/koth/join/273521cbb7426257b8920124
lol the trick you and cybersloth use for stopping all services for a while is really dirty
π€£ π€£
lmao resetted machine for no reason
edgy knoll
lol the trick you and cybersloth use for stopping all services for a while is re...
nope
thats a private game tho
random trellis
poβ1000:1000::/home/po:/sbin/nologin
shifuβ1001:1001::/home/shifu:/sbin/nologin
tigress1002:1002::/home/tigress:/sbin/nologin
turned to no login
edgy knoll
yup
edgy knoll
poβ1000:1000::/home/po:/sbin/nologin
shifuβ1001:1001::/home/shifu:/sbin/nologin
...
he told you lol
forwarded
edgy knoll
poβ1000:1000::/home/po:/sbin/nologin
shifuβ1001:1001::/home/shifu:/sbin/nologin
...
thats not cheating lol
edgy knoll
thats not cheating lol
aint specified in the rules
random trellis
lets leave it, it was private game
dense ore
can you use the in-browser kali for the KOTH or do you need to use your own machine?
fair meteor
anyone
dense ore
Where can i access the in-browser from the KOTH page? or do i need to start it in a different room?
random trellis
I can capture any password you put on ftp, ssh, etc.
yess i saw
steep agate
<@745672959804571742> yesterday i did curl I.P:22 in hogwarts and found there i...
yes
random trellis
π₯² '
steep agate
this must be me for sure
I think it was
steep agate
yes i know all hogwarts entry points
random trellis
yes i know all hogwarts entry points
how many are there are? i know only 3
steep agate
how many are there are? i know only 3
and here comes the mystery, i'll let you find out hehehe
random trellis
and here comes the mystery, i'll let you find out hehehe
π€£ alright
karmic beacon
anyone here want to do a koth?
edgy knoll
and here comes the mystery, i'll let you find out hehehe
The riddles for me @stiff egret π
karmic beacon
Anyone want to do a koth
inner nexus
Whoever is down for a koth tourney dm me
random trellis
Whoever is down for a koth tourney dm me
you can send invite link here
inner nexus
you can send invite link here
I dont think they will let me send a sever inv we aren't starting today it's once we get over 16 competitors
random trellis
I dont think they will let me send a sever inv we aren't starting today it's onc...
i can understand bro but koth lobby allows only 10 members to play
inner nexus
i can understand bro but koth lobby allows only 10 members to play
ik it'll mainly be 1v1s
random trellis
ohh nice
inner nexus
yea because if its 10 players at once itll be pretty annoying to play ngl
random trellis
yea because if its 10 players at once itll be pretty annoying to play ngl
π€£ no its fun, i won alot of matches with full lobby
competating alot of people at once is eally fun
inner nexus
ight bet maybe i can get like 20 then run two full lobbies then the two remaining 1v1?
random trellis
ight bet maybe i can get like 20 then run two full lobbies then the two remainin...
sounds good
inner nexus
ight bet maybe i can get like 20 then run two full lobbies then the two remainin...
was also thinking of something like this : "2v2 and the goal is to be the only team on the box at time limit and the goal is to annoy and kick the other team off as much as possible to win"
random trellis
kicking?? you can fix the machine to stop other people
random trellis
π π
fossil pecan
random trellis
you nayaned yourselfπ€£ ??
fossil pecan
of course! gotta test all my commands before i try them in game π
steep agate
hi
random trellis
@fossil pecan @steep agate bro @inner nexus wants to talk with you
steep agate
where?
steep agate
wanna join my koth tourney? ramghariasaab said you were good :)
yes i would love to participate
inner nexus
yes i would love to participate
fs im gonna send you the server in dms if you don't mind
steep agate
fs im gonna send you the server in dms if you don't mind
Right