Public recordings
Sort by
_chrony 594 0.0 0.1 10724 548 ? S 08:12 0:00 \_ /usr/sbinroot 592 0.0 0.3 2872 1628 tty1 Ss+ 08:12 0:00 /sbin/agetty y1 linux root 593 0.0 0.4 4396 2036 ttyS0 Ss+ 08:12 0:00 /sbin/agetty 115200,57600,38400,9600 ttyS0 root 609 0.0 3.7 26612 17396 ? Ss 08:12 0:00 /usr/bin/pythd-upgrades/unattended-upgrade admin@i-02ca60cf550cfe05f:/opt$ /home/admin/webserver.py bash: /home/admin/webserver.py: Permission denied admin@i-02ca60cf550cfe05f:/opt$ cd admin@i-02ca60cf550cfe05f:~$ cp webserver.py df.py cp: cannot open 'webserver.py' for reading: Permission denied admin@i-02ca60cf550cfe05f:~$ crontab -l no crontab for admin admin@i-02ca60cf550cfe05f:~$ cd /va
paris/i-02ca60cf550cfe05f 03:34
by SadServersgoroutine 1 [running]: main.main() ./main.go:64 +0x47d admin@i-07ceb80639215b899:~$ vim kihei admin@i-07ceb80639215b899:~$ admin@i-07ceb80639215b899:~$ admin@i-07ceb80639215b899:~$ admin@i-07ceb80639215b899:~$ admin@i-07ceb80639215b899:~$ ls -l total 5245048 drwxr-xr-x 2 admin root 4096 Sep 17 17:28 agent drwxr-xr-x 2 admin root 4096 Dec 5 20:45 data -rw-r--r-- 1 root root 5368709120 Sep 17 17:28 datafile -rwxr-xr-x 1 admin root 2207109 Sep 17 17:28 kihei admin@i-07ceb80639215b899:~$
kihei/i-07ceb80639215b899 01:05
by SadServers./main.go:64 +0x47d admin@i-012a3c759519cd682:~$ cd /home/admin/ admin@i-012a3c759519cd682:~$ ls agent data datafile kihei admin@i-012a3c759519cd682:~$ ls -li total 5245048 264663 drwxr-xr-x 2 admin root 4096 Sep 17 17:28 agent 278531 drwxr-xr-x 2 admin root 4096 Dec 11 16:09 data 264701 -rw-r--r-- 1 root root 5368709120 Sep 17 17:28 datafile 264672 -rwxr-xr-x 1 admin root 2207109 Sep 17 17:28 kihei admin@i-012a3c759519cd682:~$ sudo chown admin.root datafile admin@i-012a3c759519cd682:~$ ls -li^C admin@i-012a3c759519cd682:~$ ./kh bash: ./kh: No such file or directory admin@i-012a3c759519cd682:~$ ./kh
kihei/i-012a3c759519cd682 01:42
by SadServers-rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-093333d0150041494:~$ cd .. admin@i-093333d0150041494:/home$ find / -perm -4000 -type f 2>/dev/null /usr/lib/openssh/ssh-keysign /usr/lib/dbus-1.0/dbus-daemon-launch-helper /usr/bin/chsh /usr/bin/umount /usr/bin/mount /usr/bin/passwd /usr/bin/newgrp /usr/bin/sudo /usr/bin/chfn /usr/bin/su /usr/bin/gpasswd admin@i-093333d0150041494:/home$
paris/i-093333d0150041494 03:18
by SadServersadmin@i-0ce4088ffc36025b0:~$ sudo netstat -ntlup We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: Sorry, try again. [sudo] password for admin: sudo: 1 incorrect password attempt admin@i-0ce4088ffc36025b0:~$ ^C admin@i-0ce4088ffc36025b0:~$
paris/i-0ce4088ffc36025b0 01:09
by SadServersmv: cannot create directory '/boot/efi/usr/include': No space left on device mv: cannot create directory '/boot/efi/usr/src': No space left on device mv: cannot create directory '/boot/efi/usr/libexec': No space left on device mv: cannot create directory '/boot/efi/usr/local': No space left on device root@i-0309acbdfa892c707:/home/admin# ^C root@i-0309acbdfa892c707:/home/admin# df Filesystem 1K-blocks Used Available Use% Mounted on udev 221828 221828 0 100% /dev tmpfs 46636 384 46252 1% /run /dev/nvme0n1p1 8026128 6354688 1242184 84% / tmpfs 233168 12 233156 1% /dev/shm tmpfs 5120 0 5120 0% /run/lock /dev/nvme0n1p15 126678 126678 0 100% /boot/efi tmpfs 46632 0 46632 0% /run/user/0 root@i-0309acbdfa892c707:/home/admin# df
kihei/i-0309acbdfa892c707 01:14
by SadServerswrite(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0cf4052df7f7472c2:~$ strace -v /home/admin/kihei > strace.txt^C admin@i-0cf4052df7f7472c2:~$ cat strace.txt admin@i-0cf4052df7f7472c2:~$ strace^C admin@i-0cf4052df7f7472c2:~$ ^C admin@i-0cf4052df7f7472c2:~$
kihei/i-0cf4052df7f7472c2 06:53
by SadServersadmin@i-08be9ae6ca86822e0:~$ curl localhost:5000 Unauthorizedadmin@i-08be9ae6ca86822e0:~$ id uid=1000(admin) gid=1000(admin) groups=1000(admin),4(adm),20(dialout),24(cdrom),),30(dip),44(video),46(plugdev),109(netdev) admin@i-08be9ae6ca86822e0:~$ nc nc nc.openbsd admin@i-08be9ae6ca86822e0:~$ man nc admin@i-08be9ae6ca86822e0:~$ nc localhost 5000
paris/i-08be9ae6ca86822e0 00:50
by SadServersE: Invalid operation remove root@i-0a4d53e26d778df49:/usr/lib# apt apt apt-config apt-get apt-mark apt-cache apt-extracttemplates apt-key apt-sortpkgs apt-cdrom apt-ftparchive apt-listchanges root@i-0a4d53e26d778df49:/usr/lib# apt apt apt-config apt-get apt-mark apt-cache apt-extracttemplates apt-key apt-sortpkgs apt-cdrom apt-ftparchive apt-listchanges root@i-0a4d53e26d778df49:/usr/lib# apt re ove^C root@i-0a4d53e26d778df49:/usr/lib# apt remove Reading package lists... Done Building dependency tree... Done Reading state information... Done
kihei/i-0a4d53e26d778df49 04:11
by SadServers/dev/nvme0n1p1 7.7G 6.1G 1.2G 84% / tmpfs 228M 12K 228M 1% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/nvme0n1p15 124M 5.9M 118M 5% /boot/efi admin@i-028b46998ca7b18c9:~$ du ./ 11140 ./agent 4 ./.ansible/tmp 8 ./.ansible 4 ./data 4 ./.config/procps 8 ./.config/asciinema 16 ./.config 8 ./.ssh 5256232 ./ admin@i-028b46998ca7b18c9:~$ df -ht
kihei/i-028b46998ca7b18c9 01:56
by SadServersadmin@i-026a7204a456f2350:~$ pvcreate /dev/nv nvme0 nvme0n1p1 nvme0n1p15 nvme1n1 nvme2 nvme2n1p1 nvme0n1 nvme0n1p14 nvme1 nvme1n1p1 nvme2n1 nvram admin@i-026a7204a456f2350:~$ pvcreate /dev/nvme1n1 WARNING: Running as a non-root user. Functionality may be unavailable. /run/lock/lvm/P_global:aux: open failed: Permission denied admin@i-026a7204a456f2350:~$ sudo pvcreate /dev/nvme1n1 WARNING: dos signature detected on /dev/nvme1n1 at offset 510. Wipe it? [y/n]: y Wiping dos signature on /dev/nvme1n1. Physical volume "/dev/nvme1n1" successfully created. admin@i-026a7204a456f2350:~$ sudo pvcreate /dev/nvme2n1 WARNING: dos signature detected on /dev/nvme2n1 at offset 510. Wipe it? [y/n]: y Wiping dos signature on /dev/nvme2n1. Physical volume "/dev/nvme2n1" successfully created. admin@i-026a7204a456f2350:~$ vgcreate datavg /dev/nvme1n1 /dev/nv