I would lose connection to the VM every few minutes for about a minute at a time.
#koth-voice-chat
reef canopy
No error.
People kicked me out a couple times too haha
I think it's either my computer or my Internet
slim surge
@reef canopy have you tried regenerating a new openvpn config file.
reef canopy
I haven't. I'll try that today.
reef canopy
Thanks for that tip too!
reef canopy
So, seems to be working on my desktop just fine! It was still connected to the VPN when I unlocked it... I think @zinc totem might be right about the multiple OpenVPN connections. Or it's just a weird problem with my laptop
austere ice
UNO and F11snipe why do kill the machine
https://tryhackme.com/games/koth/join/5c474b460ff1ae5b3106d699 take that link and check if you can ping or scan or do anything
austere ice
look in <#695343809726513292> seems like the root user got deleted
why they do this may be we can report its too much
sinful olive
i am pretty sure f11snipe is not the one who did this
austere ice
i am pretty sure f11snipe is not the one who did this
sorry bro F11snipe i saw it there is someone delete file
ivory shore
was UN0, i was first to vote reset π
stole king after he killed machine, hopefully he'll learn a lesson eventually π€
austere ice
was UN0, i was first to vote reset π
ahahahaha big up for give him the lesson
sly wadi
what happened guys
ivory shore
im in voice
I can jump on VC in a bit before it starts π
ivory shore
can you reconnect back to ssh? π
Oh sorry, just saw this... Never tried haha, was it having issues?
sand anvil
I asked because I kicked you from the session :)))
ivory shore
I asked because I kicked you from the session :)))
Don't think that was me π
I usually don't use ssh or stable shells at all π
oh but we're on hogwarts box now haha ... it's the only linux machine i think requires ssh entrypoint π€
"See you on the box!" π
sand anvil
oh but we're on hogwarts box now haha ... it's the only linux machine i think re...
the password for ssh was in the ftp :))0
but I changed :)))
ivory shore
i saw
sand anvil
I was nnyaned :)))
ivory shore
π
sand anvil
wtf
Why I cant access king.txt
I mean, Im root
@ivory shore Can you teach me please
damn, do you changed the vim with nano 
ivory shore
damn, do you changed the vim with nano <:kekw:658061932577816606>
haha no, actually that's default on hogwarts box (super troll lol)
sand anvil
one question
ivory shore
throws me off everytime haha
sand anvil
how If Im root I cant chmod or other commends?
I mean, even though Im root I cant have acces to some commands
for example now I cant edit king.txt
why?
Im root
ivory shore
chattr ? I also used ||a mount trick earlier|| (can check my YT, one of my recent vids went over it π )
https://f11snipe.live
sand anvil
Ok you used chatter, but why I cant use chattr to :))
ivory shore
i have quite a few king tricks haha ... my best one makes chattr irrelevant π
ivory shore
and can you explain me what is the diff betwen chattr and chmod
chmod will change the base permissions (RWX)
chattr managed additional "attributes" on file(s), to better control access/integrity (+i = lock for everyone, regardless of perms/chmod)
ivory shore
ls -al will show all files and perms (from chmod)
lsattr will show all attributes on files (from chattr)
ivory shore
so, you say that the trick is presented on your youtube channel
a few there, most recent was a way to block without chattr
still gotta make more content! haha
sand anvil
very nice
so youre a nice hacker :))
I still need to learn
I think you probably have more experience
ivory shore
I think you probably have more experience
I have tons of "blue team" type experience haha, been doing systems/software engineering for a long time, but only tinkering in hacking until a few months ago (and I fell in love with KoTH haha)
So I still have lots to learn (especially for windows lol) ... but I know way too much about linux systems from sysadmin POV π
sand anvil
I have tons of "blue team" type experience haha, been doing systems/software eng...
what resources do you recommend to learn more linux
Now Im reading this book https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting/dp/1593278551
ivory shore
that looks good! I'm weird and prefer man page and textbook/whitepaper/RFC reading, stack overflow helps daily too π ... I can share more, but it's such a wide subject, best to start getting into more specific resources to learn what you want/need
here's a good blog series, learned everything I know about rootkits going through this (best with more advanced linux/system knowledge & experience in C)
https://xcellerator.github.io/posts/linux_rootkits_01/
sand anvil
thx
@ivory shore the nyancat troll image script is created by you or is from the room?
modest magnet
GG MatheuZSec
i couldn't get anything
I think that i needed to find something on the 8888 port with werkzeug
but i have no idea
lone shadow
@ivory shore any ideas on this koth?
raven valley
@ocean trellis Did you patch neville password?
dire fulcrum
ooh sorry seing this kinda late @raven valley
yeah but i returned the default pass after setting myself up:)
@proud frigate I've got issues , cant enter a new koth game, keeps saying un defined π¦
raven valley
yeah but i returned the default pass after setting myself up:)
lol both machines you did that? (fortune and hogwarts)
cause I wasn't able to connect at all
and this hackers machine there is something wrong with it
I think
dire fulcrum
cause I wasn't able to connect at all
now this part im not sure coz i dont tamper with the machine ... for fairness π
dire fulcrum
lol both machines you did that? (fortune and hogwarts)
Well, actually, this is part of patching up the box....
raven valley
just think deep π
Next time i guess
raven valley
now this part im not sure coz i dont tamper with the machine ... for fairness π
No I meant for the password part
raven valley
Well, actually, this is part of patching up the box....
Yeahπ
sly wadi
`chattr` ? I also used ||a mount trick earlier|| (can check my YT, one of my rec...
i saw it on your stream was it same as that
slim surge
@vapid storm u in h1medium?
vapid storm
i have prob with my vpn
slim surge
we can run another one just let me know.. have you killed all previous openvpn connections
raven valley
slim surge
@raven valley you sent spectator link its the other link you want to send
raven valley
Alright XD
slim surge
sometimes 3 at once
slim surge
ill be able to see once you put your name in king.txt and i can switch terminal tabs in order to take it over
like now hahah
π
raven valley
like now hahah
dude XD
I know for sure you didn't mess with port 3000 right?
but how do you bypass chattr?
iron lion
but how do you bypass chattr?
look for the loop that it is running in..... then either kill that or try and make a competing loop
slim surge
lol was no loop running
iron lion
oh then it is easier
raven valley
look for the loop that it is running in..... then either kill that or try and ma...
Oh
It seems everyone who plays koth has their own rootkit/backdoor XD
I need to learn stuff like that
slim surge
watching 9999 on my terminal so i can see when you put your name into king and i switched it back before min was up
iron lion
if trapnat only ran chattr once you can just run the reverse command to remove the immutability and then change king
slim surge
hahah didnt even run chattr yet
and havent patched anything.....
all you have to do is echo "Chosey" > /root/king.txt
raven valley
Do what?
slim surge
you already took king
slim surge
you know how to lock king?
raven valley
Nope
chattr I think
I used the wrong command and deleted the chattr binary
so no way of locking now
slim surge
here grab a static chattr binary https://busybox.net/downloads/binaries/1.31.0-i686-uclibc/
your gonna need it now to unlock it...
iron lion
or just upload busybox in some hidden folder
raven valley
XDD
raven valley
You gotta teach me
slim surge
lol
raven valley
Did it work on you XD
raven valley
I killed it already lol
anyways
how did you get root?
matter of fact how did you get bunny?
raven valley
where did you find her hash lol
slim surge
/etc/shadow
raven valley
tried that without the a
raven valley
/etc/shadow
so you got jordan first?
damn so you had append mode only on it too
what are other ways better than chattr that could be "less detected"
cause
Idk
but it feels like chattr is so known
raven valley
and then mount root to somewhere else?
that makes the folder read only
until someone finds that folder right?
can't you just use the find command on the king.txt?
slim surge
watch... you have king now ill show you what it looks like
cd to root and ls -la
try to write to king
raven valley
oh
raven valley
didn't you mount /tmp/... to /root?
shouldn't stuff in /tmp/... be read only on /root?
or did you create a new folder?
slim surge
nope i made a differnet folder with just king.txt inside
raven valley
oh
slim surge
if your trying to be sneaky you can copy all of root and then mount it and it would have all files that was in root so its not so noticable
raven valley
I'm sorry but what exactly did that do again?
slim surge
ok if your running it .. its going to copy all file of root to /tmp/...
raven valley
to umount it `umount -l /root`
and this seems likes its an easy solution isn't it?
slim surge
yea
raven valley
ok if your running it .. its going to copy all file of root to /tmp/...
that part I understood
slim surge
dont need to know which folder is mounted
then second part will mount /tmp/... to root
raven valley
I played vs someone before who made the king.txt hidden while not having a . in front of it and being able to cat it
do you manage to know how he did it
but that one had my name how was your name in /root/king.txt then?
slim surge
lol you see how even tho you have your name in king its still showing mine
raven valley
lol you see how even tho you have your name in king its still showing mine
Exactly that's what I'm talking about
slim surge
thats a nice little trick
slim surge
cat /etc/shadow
slim surge
couldve got in on 3000 before you patched.....
raven valley
Well after I patched you still got in
slim surge
some games passwords change, some dont... take notes on everything
raven valley
Gg
slim surge
gg
raven valley
Thanks btw def learnt alot from you today
slim surge
hope you learned something new... 
raven valley
Unfortunately I got an exam in 7 hours so I gotta get some rest
I'm looking forward to playing with you more though when you are free
slim surge
ok just hit me up
raven valley
Shouldn't every machine have multiple ways in?
slim surge
creds go to https://www.youtube.com/watch?v=wIDdrY-opPU&t=4670s for that trick.
yea they do.. at least 3 or 4 ways in
some are more sneakier than others
raven valley
yea they do.. at least 3 or 4 ways in
well I think space-jam has only one
slim surge
i got in with bunny.. you got in 3000.. you can get in with jordan..
there might be another way also .. still enumerating all the machines to find all the ways in
raven valley
yes but you need to have hacked it before to get in bunny or jordan I think XD
slim surge
lol yea i dumped all /etc/shadows into some notes to see which ones i could crack...
raven valley
there might be another way also .. still enumerating all the machines to find al...
I think I found another way for jordan but for some reason it got patched alone when the machine was starting
slim surge
i dont patch the machines cuz i like trying to fight for king.
ivory shore
I think I found another way for jordan but for some reason it got patched alone ...
I used the Jordan every point here too, but it's "fragile" haha, i think it breaks or gets stuck easily by scans and other players. It should restart automatically tho...
https://youtu.be/mqgL8EOHvFs
raven valley
I used the Jordan every point here too, but it's "fragile" haha, i think it brea...
Oh gonna look at it now
wicked rapids
velvet rune
im new to KoTH this is my first game
icy swallow
i am new to this so you will obv win
after that
can you tell me what u did
or what u tried
@slim surge
ty in advance
β€οΈ
slim surge
i dont know much about windows... we could run another one and you can practice if you want
icy swallow
i dont know much about windows... we could run another one and you can practice ...
β€οΈ
slim surge
just create a private game with any box you want to practice on and send me the link ill join
icy swallow
ok ty
i cant ssh anything
i made sure i am connected to the config vpn
i can ping the machine and scan it with nmap
but i cant ssh to it whatever what
slim surge
like i said i dont know much about the windows boxes but i havent changed anyhing
ivory shore
i run into the same problem
Error? Or just bad creds?
icy swallow
It's not bad creds when I enter the command it just keeps blinking until it says connection closed by host
ivory shore
Hmmm, ya sounds like VPN, network, firewall issue π€
raven valley
@slim surge fgs
forest raptor
I'm lost lol.
slim surge
nope
raven valley
lol
slim surge
/bin/bash -p
forest raptor
I gave up lol. π€¦ββοΈ
slim surge
did you run a namp scan?
raven valley
Why is my revshell not working then?
forest raptor
did you run a namp scan?
I did.
slim surge
did you find anything interesting on any of the ports
sharp olive
no xD you delete the flag
oak coral
no i did not ;)))
there s a way to get it back
my tty was getting spammed at first too
sharp olive
my tty was getting spammed at first too
yes you break machine xD score dont change
sharp olive
he broke it
is sanlake
oak coral
isnt that against the rules anyway ?
oak coral
well i hope the mods of koth do something
oak coral
he was not getting points just now as well
sharp olive
he was not getting points just now as well
yes
sinful olive
gg @slim surge i was litterally pasting the last flag last second but included the cat command into my clipboard
slim surge
GG @sinful olive
clear turret
is there anyone who want to play koth with me?
rigid ember
ifconfig
slim surge
GG Hack.You
unreal totem
tribal beacon
3
slim surge
https://tryhackme.com/games/koth/join/16260e899299c7cedfd4517a @short elbow @grizzled hinge
starts in 15min
grizzled hinge
@slim surgehop in vc
slim surge
wassup
naw i didnt patch anything
join that other game lol
yea
im on production
lol
try port 80
yea u can still join it
ohhh your on production strive?
here easy entry
wassup
theres a spare in /tmp @short elbow
ssh -i id_rsa
yea you can kick ppl
go ahead
ill be back
here you can have king back lol
ftp
grizzled hinge
grizzled hinge
so you nmaped it . figured out ssh and ftp is there. grabbed the id_rsa from ftp. sshed into it then naviagted till you fouind skidys folder then got the first flag
then what
grizzled hinge
System info
OS:
IP:
Hostname
DNS:
Web-Technology:
Programming language and frameworks:
Web server software:
Database software:?
SSH Server ?
Mail Server?
News Server: ?
Network File System?
Domain
USERS:
CREDENTIALS (ANY):
=========================================================================
Attack Vectors (To-Try List):
=========================================================================
NMAP RESULTS:
=========================================================================
Services Enumeration:
[+ Port enumeration/osint for all ports- further enumeration based on nmap/shodan]
Ie nc βnv portnumber
telnet IP portnumber
[ + NIKTO for web]
[ + WFUZZ/Feroxbuster/dirb web]
FILES: / (Web Root)
DIRECTORIES: / (Web Root)
=========================================================================
OTHER:
=========================================================================
Exploit :
Cves
=========================================================================
PRIV-ESC:
[+ enum4linux/winpeas/linpeas/evilwinrm]
=========================================================================
Take Away Concepts:
Scripts:
@zinc totem@vapid storm
lyric siren
Any contestants from the KOTH that finished 5mins ago (Machine: Food)?
static kayak
Hey @grizzled hinge
Do you remember who were there in today's voice chat
I by mistake cancelled his message request
Now I can't remember his name
Help me..
grizzled hinge
Unaware GU71 Kill Chain i think @static kayak
brittle stirrupBOT
Gave +1 Rep to @grizzled hinge
static kayak
Ha
It's working
If you mention someone and say thank you the bot will give you one rep
Umm...
Strive can I get 1 rep back as payback
Just mention me and say thank you
grizzled hinge
@static kayak thank you
brittle stirrupBOT
Gave +1 Rep to @static kayak
grizzled hinge
just btw i dont think the rep points do much
slim surge
@static kayak you can also give rep points +rep
brittle stirrupBOT
Gave +1 Rep to @static kayak
slim surge
Hahaha
brittle stirrupBOT
Gave +1 Rep to @slim surge
brittle stirrupBOT
Gave +1 Rep to @ivory shore
sinful olive
<@852448127630049332> you can also give rep points +rep
ty for this cool tip
brittle stirrupBOT
Gave +1 Rep to @slim surge
slim surge
ty for this cool tip
No problem⦠thank you for the free rep
brittle stirrupBOT
Gave +1 Rep to @sinful olive
past ember
y'all playing with free rep π
ivory shore
y'all playing with free rep π
Was a bit of a sarcastic rep circle jerk earlier ... Thanks for noticing π€£
brittle stirrupBOT
Gave +1 Rep to @past ember
past ember
π
static kayak
@grizzled hinge +rep +rep
brittle stirrupBOT
Gave +1 Rep to @grizzled hinge
static kayak
π
untold needle
<@852448127630049332> you can also give rep points +rep
Interesting technique, couldn't miss out on saying thank you
brittle stirrupBOT
Gave +1 Rep to @slim surge
slim surge
Interesting technique, couldn't miss out on saying thank you
Wonder what would happen if I said thanks and pinged everyone lol would it break?
brittle stirrupBOT
Gave +1 Rep to @untold needle
untold needle
Wonder what would happen if I said thanks and pinged everyone lol would it break...
πoh man
Total chaos
sinful nest
+rep @brittle stirrup
frosty hedge
^^ @stoic quiver
stoic quiver
Please do not advertise unsanctioned giveaways in the discord
stoic quiver
Wonder what would happen if I said thanks and pinged everyone lol would it break...
The message would never reach the discord
slim surge
Please do not advertise unsanctioned giveaways in the discord
sorry wont happen again.
slim surge
The message would never reach the discord
and was just joking around, wasnt going to actually try it.
@stoic quiver would it be ok to dm?
stoic quiver
<@186470389604548608> would it be ok to dm?
About?
slim surge
was wondering if the post was ok if it was changed to say tips and tricks instead of prizes...
just trying to get some more people playing
modest magnet
my nmap cans always stop at 99.75%!! what going on
neon river
Scan Harder
carmine mortar
Is it possible that someone just shut the ssh port down in production? It's either that or I'm filtered from ssh somehow
slim surge
@carmine mortar they might've changed the port.... did you try running another scan?
carmine mortar
I scanned a few more times but I don't remember other ports, might have missed them
atomic bramble
yo
ivory shore
Please do not advertise unsanctioned giveaways in the discord
Sorry we jumped the gun on this one...
I would love to help out more in an official capacity, mostly koth related. Do you know the best contact I could speak with about this?
fervent beacon
yall gave me that 1 min im appreciative 
next forge
Hey guys! Iβm new to the KOTH scene, this is my first game so be gentle lol
empty solar
https://tryhackme.com/games/koth/join/7565278994fe4d777e343273
hey, remember me...?
latent bronze
faint reef
ivory shore
Voice chat anyone?
!docs verify
proud frigateBOT
TryHackMe
fleet wren
gg @ivory shore
ivory shore
gg <@118749350795935744>
Thanks! You too!
brittle stirrupBOT
Gave +1 Rep to @fleet wren
covert glacier
wow, its F11snipe
empty solar
haha π @ivory shore
ivory shore
haha π <@118749350795935744>
potent shoal
what is going on here
empty solar
Nothing, just a little bit of fun π
potent shoal
yes, you can't do anything without an ip haha
slim surge
@potent shoal might have to vote reset when that happens
Seen that happen a few times so far.. tried brute forcing flags to find out which box was running but that doesnβt workβ¦ only thing Iβve seen that works is resetting machine
potent shoal
yes quite possible, had also tried reset, but it was not voted on
languid peak
@potent shoal What is the entry point for running lab. I tried so much . Can you give a hint?
potent shoal
<@392555735080370176> What is the entry point for running lab. I tried so much ...
for Carnage?
languid peak
yes
austere ice
for Carnage?
why did you reset machine much time?
potent shoal
why did you reset machine much time?
for the same reason you did it when i changed the ssh password. to have a chance.
austere ice
for the same reason you did it when i changed the ssh password. to have a chance...
i reset one time but did you reset more than 8 times?
not a fair game
potent shoal
you ended up resetting it every 3 minutes 
austere ice
you ended up resetting it every 3 minutes <a:ExcuseMeWtf:731902063445016648>
are you sure? i was have low point so and needs to play so as to get at top level so why i reset machine
potent shoal
because you couldn't get in after I changed the ssh password. for the same reason, I resetet
slim surge
Thereβs other ways to get on the machines besides sshβ¦.
vital zinc
Thereβs other ways to get on the machines besides sshβ¦.
I haven't played KoTH in a long time π
vital zinc
@ivory shore @slim surge well played!
ivory shore
karmic viper
modern spire
Could someone put me through
Itβs a different name when I cat king.txt from when I request it through 0.0.0.0:9999
I understand the service request for a certain file. But how does this work
modern spire
I donβt get it
Could you help me out here ?
there were two KOTH binaries and king files
@slim surge could I DM you?
slim surge
<@485135593249177610> could I DM you?
sure
slim surge
GG @drifting ridge @grave tulip
kindred dust
oak coral
https://tryhackme.com/games/koth/join/0a85126266a921c047ec04c0
had to leave mb ^
slim surge
its ok @oak coral
vapid storm
hi
ivory shore
Can join more if you want π
was windows game π¦ lol ... another one! π
https://tryhackme.com/games/koth/join/b2ff00c3a4cf85c3f3702e41
ivory shore
who wanna play koth ?
Hey! Still looking for games? I'm down to play in a few minutes
grave tulip
same
fierce oxide
what you are getting blackdevil???
using cheap things to win the match
anyway you play alone. I am leaving/
austere ice
using cheap things to win the match
hahahahahahahhahah one day yes bro keep on fight
anyone online we can play fair game and share ideas???
ivory shore
I'm finally ready to do the streaming thing for real! Come join me and @slim surge playing some king of the hill and other fun stuff!
fierce oxide
anyone
fierce oxide
portscan fails,...!!!!!
austere ice
portscan fails,...!!!!!
let's play
grave tulip
let's play
you are a script kiddie who compensates for not being able to hold on to king by shutting everything off. Try a level playing field sometime.
austere ice
you are a script kiddie who compensates for not being able to hold on to king by...
i am not on the game but still i am the king
austere ice
you are a script kiddie who compensates for not being able to hold on to king by...
you kick me out but i left you can you decide who is noob. your a script kiddie bro
yourself on machine try to be a king everything is open but you can't because i know what i am doing
you have run this "#!/bin/bash
chroot centos_chroot /bin/bash -c "nc -nvlp 6555 -e /bin/bash" " i can see all your command /bin/bash /opt/scripts/chroot.sh
and i am told you first play a fair game and below is my command that warned you
echo "massco99 here please play a fair game if you kick me out you will never back again" > /dev/pts/1
we are here for learn bro not a war thus why i warned you to play a fair game. but sorry if i am cause trouble or bother you i am real sorry @grave tulip bro but i play a fair game
who is andremmsoares
eternal hound
slim surge
grave tulip
this one was frustratingly close. GG @sand hollow
https://tryhackme.com/games/koth/66325
sand hollow
this one was frustratingly close. GG <@955130136741691503>
https://tryhackme.com...
π
ivory shore
this one was frustratingly close. GG <@955130136741691503>
https://tryhackme.com...
What a game! Well played both of you π
iron lion
'oly moly that is amazingly close
junior pollen
potent shoal
maybe im lost, but why im not king in h1 hard? i insert my name, but i dont get king
grave tulip
maybe im lost, but why im not king in h1 hard? i insert my name, but i dont get ...
You are not in the h1hard box there. you are inside a docker container. look at the hostname. It's a container ID number, not the hostname of the box itself.
potent shoal
You are not in the h1hard box there. you are inside a docker container. look at ...
that explains a lot, it was already my assumption, but this confirms it. thanks
brittle stirrupBOT
Gave +1 Rep to @grave tulip
grave tulip
that explains a lot, it was already my assumption, but this confirms it. thanks
another way to confirm, if you are unsure, is to check the root filesystem with "ls -al /" . if you see a ".dockerenv" file, you are most likely in a container.
potent shoal
another way to confirm, if you are unsure, is to check the root filesystem with ...
then there should actually be the docker command, right?
grave tulip
then there should actually be the docker command, right?
well, you're inside the docker container, so it's possible that the 'docker' command is accessible to you, but not guaranteed. I'd suggest running linpeas and/or google "docker container breakout" for some ideas about how to get to the host underneath the container.
potent shoal
well, you're inside the docker container, so it's possible that the 'docker' com...
yes, that's right, thanks for the tip
brittle stirrupBOT
Gave +1 Rep to @grave tulip
slim surge
full crow
Am i the only one with VPN issues?
after running a full system upgrade yesterday, i've been unable to connect
iron lion
after running a full system upgrade yesterday, i've been unable to connect
!vpnscript
proud frigateBOT
TryHackMe
iron lion
Try this and see if that fixes it
full crow
k
full crow
Try this and see if that fixes it
Fixed, thanks
brittle stirrupBOT
Gave +1 Rep to @iron lion
iron lion
No problem
full crow
Shrek box keeps breaking
potent shoal
Shrek box keeps breaking
then reset the box
ivory shore
full crow
then reset the box
The tug of war for king was too good for a resetπ
potent shoal
The tug of war for king was too good for a resetπ
Yes I saw it was awesome π
grave tulip
gg @fervent beacon
fervent beacon
gg <@827639724805193729>
haha gg m8, i got in a bit too late π
slim surge
jade elm
@ivory shore u wanna join vc
ivory shore
<@118749350795935744> u wanna join vc
hey! i'm in vc channel on my discord, getting ready to stream soon π₯³ - do a lot of koth playing & learning/helping on stream, dm me if you want to join π
fluid vapor
hey! i'm in vc channel on my discord, getting ready to stream soon π₯³ - do a lot...
Hehe I almost won the last game against you lol
I enjoyed koth, I just started to game
ivory shore
I enjoyed koth, I just started to game
was a good game, keep at it! koth is pretty fun π
median kettle
How do you fix the read-only file system error. I've tried remounting but it wouldn't work
ivory shore
How do you fix the read-only file system error. I've tried remounting but it wou...
Usually is |||mounted "on top" of something|||
Covered it on stream a while back too π
https://www.youtube.com/live/wIDdrY-opPU?feature=share
subtle laurel
is it allowed to remove the chattr command file?
neon river
is it allowed to remove the chattr command file?
Yes, you can always upload your compiled binary as well.
subtle laurel
π
late acorn
silk patio
@slim surge you are a genius β€οΈ
slim surge
@silk patio
subtle laurel
when getting a root shell, can i kill the other users' sessions?
vapid storm
try to maintain your ethics
neon river
when getting a root shell, can i kill the other users' sessions?
Yes you can kick people out of the machine. Best practice would be to patch the methods they are getting their access and kill their session so they cannot get back in.
subtle laurel
ok thx
crimson ingot
try to maintain your ethics
What ethics?
Rule of thumb: if it's a reasonable thing to do in enterprise, it's fine here
In enterprise if you notice a breach, you chuck 'em out and patch π€·ββοΈ
You don't shut down services, or move things between ports, or delete the file system, or whatever other crap people seem to delight in doing to win these things though
vapid storm
What ethics? <:kekw:658061932577816606>
Rule of thumb: if it's a reasonable thi...
i was just
kidding
crimson ingot
Then perhaps specify that π€·ββοΈ
Poe's Law: Never assume that your words alone will be interpreted the way you intend them to be over the internet when there are no other indicators of intent
i.e. if you make a statement with no context, expect it to be taken literally
sinful nest
lmao
iron lion
so is it okay in enterprise to disable someones shell with the nyancat binary????
fallow hornet
so is it okay in enterprise to disable someones shell with the nyancat binary???...
I could make an argument to push it through change management as part of an initiative to isolate intruders through a honeypot
crimson ingot
so is it okay in enterprise to disable someones shell with the nyancat binary???...
I mean, I would... might get in trouble for it though
I'm also very unlikely to need to do that. Probably for the best
iron lion
yeah it sounds like a very rare enterprise application
north shadow
what can I do if a file has +ie attributes but I can't run chattr because it "isn't" installed on the system, but I know it is
iron lion
what can I do if a file has `+ie` attributes but I can't run `chattr` because it...
grab your own copy of busybox and upload it to the box and use the built in chattr in that busybox instance
north shadow
grab your own copy of busybox and upload it to the box and use the built in chat...
ok, I'll try it. Thanks
brittle stirrupBOT
Gave +1 Rep to @iron lion
iron lion
no problem... just know if your competitors finds that busybox binary they can remove it if they want
slim surge
how do I look for a busybox from a different user?
yea it can be named anything.... could search for it by size tho
crimson ingot
Or filehash if they've just grabbed a prebuilt one
north shadow
I gained a rev-shell but sometimes it just does some strange things, like it have been hacked. And I can see what a player is typing without me having control over the shell. What does this happen? Can someone actually do that?
and when I stop the rev-shell, my own VM shell is bugged as well (I need to open a new one to use it properly)
iron lion
and when I stop the rev-shell, my own VM shell is bugged as well (I need to open...
this is because of how you stabilise the shell
iron lion
I gained a rev-shell but sometimes it just does some strange things, like it hav...
yes you can interact with other peoples shells if you can figure out the pty or tty that said shell uses
crimson notch
hey can somebody help my on KOTH production machine. even after getting root i was unable to put my name in king.txt
sinful nest
yes you can interact with other peoples shells if you can figure out the pty or ...
even without PTY/TTY you can do it too! π
brisk pelican
hi
crimson notch
CeloXSec is here ???
slim surge
edgy sky
Hello everyone,I am curious how can I get permission to join voice chat?
iron lion
Hello everyone,I am curious how can I get permission to join voice chat?
!docs verify
proud frigateBOT
TryHackMe
iron lion
then follow the instructions in the link and you can join voice chat and post screenshots
edgy sky
thx!
iron lion
no problem
zinc totem
What do you need to know for it
ashen roost
It's a Satellite hacking CTF qualifier for Def Con. There's a bunch of Youtube video's you can check out on the site https://hackasat.com/learn and rules are at https://hackasat.com/rules
slim surge
gleaming anvil
any one wanna do H1 linux ez
slim surge
tropic ridge
π
tropic ridge
wp
sly depot
hi
ivory shore
austere ice
hey bro share panda link game @ivory shore
soft beacon
@austere ice GG bro for the Koth of Shrek
Could you tell me please how did you exploit the machine plz?
austere ice
<@888793817514405908> GG bro for the Koth of Shrek
Could you tell me please how...
i am on the game now i will sent #inbox @soft beacon
austere ice
<@888793817514405908> GG bro for the Koth of Shrek
Could you tell me please how...
are you 0xPwn3r??
soft beacon
are you 0xPwn3r??
Nope
soft beacon
i am on the game now i will sent #inbox <@1043336442224590858>
Alright G take your time and feel free to explain to me how you did it
we were in the Shrek KOTH
austere ice
we were in the Shrek KOTH
first i was try Recon
then fuzz hidden directories and got "robots.txt" file go to the web service port 80 and access robots.txt file
then you will get "/Cpxtpt2hWCee9VFa.txt"
soft beacon
Same then I found a private key
Whose user was that private key?
shrek, puss, or donkey?
austere ice
Whose user was that private key?
shrek
austere ice
but also you need to chmod 600 so as to have full read and write
austere ice
then how did you proceed?
login via ssh and run "find / -perm -u=s -type f 2>/dev/null
i got the interesting result as /usr/bin/gdb
austere ice
go to gitfobins site and search gdb you will get sudo exploit
soft beacon
oooh I see
I used python to spawn a root shell as well
I was root but I couldn't write to king.txt
weird
Did you change something by any chance?
austere ice
Did you change something by any chance?
yeah there was chattr command i run
soft beacon
daaaaamn I knew it
austere ice
also i think f11snipe also do chattr the same
austere ice
yeah think was but its my tricks
soft beacon
Oh no problem
austere ice
Oh no problem
i will come back soon
soft beacon
where?
austere ice
oh yeah yeah take your time
nice bro
ivory shore
hallow fern
limber fractal
ΩΨ§Ω
brittle wasp
is there a vpn just for koth?
iron lion
is there a vpn just for koth?
don't think so... shadow just used the default provided tryhackme vpn when they played their only koth game
brittle stirrupBOT
Gave +1 Rep to @iron lion
iron lion
no problem
iron lion
mostly because shadow is getting ready to go sleeps
brittle wasp
ahh i see
slim surge
GLHF @brittle wasp
hazy robin
Let's go
tight condor
anyone on here
ivory shore
anyone on here
next game in 25min here π
https://tryhackme.com/games/koth/join/7ed455954e7a2e7881c82269
shadow rose
rancid estuary
rough falcon
@sand hollow GG
sand hollow
<@955130136741691503> GG
π₯³
rough falcon
still geode
slim surge
sly wadi
@latent jay hey can you check the machine there was silverbullet76 in king but wasn't showing as king on scoreboard but when i did remount the root then few things stopped working can you check it once
vapid storm
An user has change the ssh key in the food machine it is legal ?
We cannot hack without this access
At the beginning we need to hack a mysql server for have the ssh key and after we need to use it but one of the other players has change this key.
And I have been kicked .
true stone
There are multiple footholds.
And yes, you can be kicked from an SSH session
welcome to KOTH
trail wharf
cerulean salmon
user giorgosR21 removed ssh server from machine, leaving the game unplayble for everyone
slim surge
Thereβs other ways in besides ssh π€
Also try running another port scan he may have just changed the port #
nocturne pine
Hey everyone, is there a way around if someone makes the file king.txt immutable and deletes chattr?
ivory shore
Hey everyone, is there a way around if someone makes the file king.txt immutable...
always best to bring your own chattr ... can make your own static binary to control flags with ioctl (C, python, etc) , or use existing precompiled static bins like busybox: https://busybox.net/downloads/binaries/1.31.0-i686-uclibc/ π
iron lion
I am new in KOTh. will i win?
depends on who you are playing against... at least you will learn a lot by playing
tropic vale
I got 3rd. Everytime i tried to get in. It was a dead end. I got 110 points. will this be added in my total xp?
grave raptor
I'm reading the instructions and there are a lot of rules. Who enforces the rules?
true stone
THM Staff, I believe Naughty and Holmes run the KOTH part (?)
grave raptor
Does that actually work?
ivory shore
I got 3rd. Everytime i tried to get in. It was a dead end. I got 110 points. wil...
KoTH points are only in game, don't apply to your main user points
ivory shore
I'm reading the instructions and there are a lot of rules. Who enforces the rule...
A lot of time people break the rules is actually an accident, I try to help fix and share with players to learn from ... Happy to help as unofficial referee if you ever want one haha
thin fern
How can i get verified to access the voice chats ? I want to hear the voices of the people who are beating me up and restricting access at 11 minuts of the games :C xD (i am a noob)
slim surge
!docs verify
proud frigateBOT
TryHackMe
thin fern
!docs verify
proud frigateBOT
TryHackMe
thin fern
Oh thank you !
slim surge
No problem
remote oriole
!docs verify
proud frigateBOT
TryHackMe
winter vigil
!docs verify
proud frigateBOT
TryHackMe
ripe oyster
!docs verify
proud frigateBOT
TryHackMe
slim surge
15 mins to joinhttps://tryhackme.com/games/koth/join/71f06550153f1169efa36569
https://tryhackme.com/games/koth/72313 or if you want to spectate
zinc storm
Hello
timber ocean
anyone home?
chrome cedar
@sinful nest
sinful nest
<@745672959804571742>
hi
proud frigateBOT
TryHackMe
wanton bane
Hey
glacial cedar
!docs verify
proud frigateBOT
TryHackMe
sleek sorrel
@sinful nest Hey man! Just hopped on the discord. Can I dm you to ask some questions?
sinful nest
<@745672959804571742> Hey man! Just hopped on the discord. Can I dm you to ask s...
yes
coral holly
!docs verify
proud frigateBOT
TryHackMe
frigid trellis
same
vapid storm
I have no idea how to patch
frigid trellis
Hole idea is to prevent access to other users, patching requires research and can take some time.
Did you choose the machine or is it random?
frigid trellis
KING
vapid storm
damn haha I just barely realized that I had to add the different ports to the ip when I entered it in the web browser
vapid storm
ah
frigid trellis
not sure if there is any more flags on the system besides root.txt
i've tried to find it without success
vapid storm
I just figured out the rce
frigid trellis
as i said, this page is a php interpreter, it will run any code you type into it. Rev shells included
stark ivy
stark ivy
Expired but didn't start?
stark ivy
@sleek sorrel You having as much trouble as me? XD
stark ivy
It's my first koth and I'm dying of thirst while watching hex drown. XD
I am, yes. Nice to meet you.
sleek sorrel
Nice to meet you too!
stark ivy
I tried random ssh logins to kill time, lola and bugs are there
sleek sorrel
Haha for your first one H3x007 got king really fast. Odds are he patched a lot of the easy vulnerabilities
stark ivy
I was thinking the same. lol
sleek sorrel
Iβd recommend looking at some write ups of the machines to help you learn how they work. Youβll run into the same machines if you keep trying and itβll give you good practice!
stark ivy
Thanks for the tip! I was actually just looking up marvin quotes to try and guess the password XD
My money is on earthshatteringkaboom, or a version of it lol
sleek sorrel
Iβve either found the password will be in rockyou.txt, or will be in plaintext somewhere on the website (if the box has one) or through a vulnerable service (like Anonymous ftp login)
stark ivy
I noticed telnet was a thing. Maybe an exploit for it? It is notoriously vulnerable.
sleek sorrel
Perhaps. Part of the fun is researching vulnerabilities and testing them out!
stark ivy
GG, man. I'm looking forward to the next one. I have to run to town for a bit, but i'm going to keep joining them until I get a flag.
One flag will make me happy. Tomorrow will be two. XD
sleek sorrel
Gg! Just keep trying! It feels pretty good whenever you succeed for every step!
wanton sandal
Hi
sleek sorrel
@ivory shore Did you put my name back in king.txt?
ivory shore
<@118749350795935744> Did you put my name back in king.txt?
some of my king tricks are "reversible", so if I take my name off it reverts to whoever was in king.txt previously π
sleek sorrel
some of my king tricks are "reversible", so if I take my name off it reverts to ...
haha wow I dont even know where to begin. Would it be too much to ask you to teach me your ways?π
just found your webiste. youre a ninja. im gonna have fun learning xD
GG man, i think youre the real winner lol
serene goblet
@ivory shore Thanks, but what do you once you get root ?
brittle stirrupBOT
Gave +1 Rep to @ivory shore
slim surge
<@118749350795935744> Thanks, but what do you once you get root ?
I would suggest adding some persistence that way you have a way back to root if you are playing against people patching the machine⦠but the goal after getting root would be keeping your name in /root/king.txt
stark ivy
Rogue12 from TryHackMe here. Looking forward to playing. ^_^
stark ivy
Sorry!
wanton sandal
hi
bitter willow
Yo
slim surge
Sup
slim surge
compact pagoda
@slim surge Execute tk?
compact pagoda
The ... gave it away
slim surge
<@485135593249177610> Execute tk?
sure its just going to echo my name into king.txt
compact pagoda
what does m do?
slim surge
what does m do?
mount π
hazy plaza
@ivory shore any tips?
sinful nest
<@118749350795935744> any tips?
Do you want tips for defense or attack?
plain cape
GG @austere ice
austere ice
GG <@888793817514405908>
BOOOOOM GG@H3xor lol
sinful nest
Hello everyone how are you? Hope well π . Well, after 2 years, I finally updated my tryhackme koth tricks repository with new tricks, I hope you like it, anything I'm available to help π
forest laurel
Hello I'm new here
π
hi new here (in.security)
KoTH is a pvp game on THM, you can access it by setting your profile as intermediate or higher.
!docs koth
proud frigateBOT
TryHackMe
forest laurel
You can view games by a scoreboard, but you can't watch other players unless they stream/record (which I don't know can be done)
topaz veldt
When will it be conducted
.
forest laurel
Random times through the day
topaz veldt
@forest laurel did you participated in any of these
forest laurel
<@958383130102870026> did you participated in any of these
No, I don't play KoTH.
forest laurel
If you require help you can ask in the appropriate channels, there is no need for a DM.
topaz veldt
Yeah, great idea
swift crown
https://tryhackme.com/games/koth/join/e5df170e249ed12e90a0a92d
Someone wanna join?
vapid storm
hey sanlake you here?
vapid storm
https://tryhackme.com/games/koth/76805
what challenge is it?
hollow zephyr
I do not know i just join public
wise mica
no why
wise mica
<@911977898422972446> bruu
yoo can you help me ?
vapid storm
yoo can you help me ?
wit what
sonic stump
@wise mica fontaene refered you to infosec-general, this chat is for koth. Please don't drop the same question in random places
wise mica
but he asked
sonic stump
no, you asked for help.
sonic stump
please dont call me bro. You have to patiently wait until someone in infosec-general wants to help you
wise mica
ok
sonic stump
thank you
worn cove
lets play in 20mins https://tryhackme.com/games/koth/76815
river pulsar
thats so hard
stark ivy
thats so hard
Might I ask what you mean?
night hemlock
how does one get into the KOTH channels?
proud frigateBOT
TryHackMe
night hemlock
you'll have to verify first
thanks due
brittle stirrupBOT
Gave +1 Rep to @sonic stump
night hemlock
dude
modern spire
!docs verify
proud frigateBOT
TryHackMe
vapid storm
!docs verify
proud frigateBOT
TryHackMe
vapid storm
Hi guys how do we register to enter the sounds
iron lion
Hi guys how do we register to enter the sounds
see the message by the bot right above your message... it will tell you how to verify your discord account with your tryhackme account getting you access to voice channels
night hemlock
gg to the kid who just beat me by 20 pts on offline, that was fun
proud frigateBOT
TryHackMe
river pulsar
Might I ask what you mean?
i'm a bit schizophrenic