KING OF THE HILL With John Hammond, NahamSec & STÖK (Game 2)
Вставка
- Опубліковано 6 лют 2025
- You guys asked for it so here is game two from our night of playing TryHackMes King of the Hill (KOTH) joined by Nahamsec, John Hammond and STÖK!
Trust me you don't want to miss this one!
Check out their channels!
John Hammond - / rootofthenull
NahamSec - / @nahamsec
STÖK - / @stokfredrik
Check out TryHackMe here:
tryhackme.com
Check out my socials:
Discord: / discord
Twitch TV: / optionalctf
Twitter: / optionalctf
I love how Optional gave his big YEES on a question whether box was patched :)
You popped up in my feed and I have to say I'm really happy. Damn you're good. It was a blast watching you work.
11:58 "NOOO" KKJKKKKJKK
Love the KOTH games, keep them coming!
Excellent video
More videos please, I learn a lot from just watching you brotha. Keep it up
Plenty more coming! Finally settling into a schedule which means I can balance everything!
I love the way u mess with john :)
Amazing content bro loved it
Love this game
i seriously just feel happy that you showed your face. i dunno why. does talking while leaning right or left automatically change the mic output? like when you move you head to the right they can hear you, but when you move your head to your left it's like they can't hear anything why you talk with people on the stream chat
It looks like he's hitting a keybind when he leans to the side to mute himself in the voice chat.
The video that brought me to Johnny Hamhands which brought me to THM. It's Optional's fault, everyone :D ♥
I love your content. Keep them coming.
Beautiful
Nice video
I didn't know Dominic Toretto and Seth Rogen were into koth
Good video
How do you copy to system clipboard in tmux???
I m new to tmux...and i m having this problem of copy paste between clipboards...
Can u help me🙁🙁
I didn't expected this from nahamsec 🙃
13:14 "G" - moves to the last line of the file, "o" - creates a new line for text entering ;)
Didn’t know it was rce in url I get in a whole diff way lol
You can edit the PHP file where the command injection is , just before the "else" statement , you can add "die();" which will just kill the PHP execution flow before it gets to the command injection
The find SUID is running under the context of the user , not root so it will be fruitless.
But what you did by replacing the users' ssh keys was the right way to go , but the user can run /usr/bin/python as sudo.. So if you run "sudo python -c 'import pty;pty.spawn("/bin/bash")' you will be root
Also remove the SUID from lucky_shell with "chmod 777 Then chmod -s" xD & kill all user process with "pkill -U www-data" , it will kill all their processes
The root.txt file is also being replaced with John , so he is probably running a cron and when you ran ps aux , you can see that the other root user (John) is running /bin/bash -p , so he made /bin/bash a SUID. He can literally run /bin/bash -p as any non-privileged user and be root
kairos in greek means weather!
How you guys found the king.txt flag
11:56 lol
the "nooo" really hits different
How can you run gobuster so fast?
fsat fingers goes bshhhhh
+ Tab is actually good in auto fill :)
instaliked optionalsensei
You are more talented than these guy's
I wish that were the case, it's just different mindsets. Nahamsec and STOK are both insanely talented bug hunters and John is just amazing at everything. If it was a level field I dare say I'd of been slapped around more
first :)