Public recordings

Sort by

lsof      1008                   1000  mem       REG              259,1   149520inux-gnu/libpthread-2.31.so                                                     lsof      1008                   1000  mem       REG              259,1    18688inux-gnu/libdl-2.31.so                                                          lsof      1008                   1000  mem       REG              259,1   617128inux-gnu/libpcre2-8.so.0.10.1                                                   lsof      1008                   1000  mem       REG              259,1  1901536inux-gnu/libc-2.31.so                                                           lsof      1008                   1000  mem       REG              259,1   166120inux-gnu/libselinux.so.1                                                        lsof      1008                   1000  mem       REG              259,1   177928inux-gnu/ld-2.31.so                                                             lsof      1008                   1000    4r     FIFO               0,11      0t0lsof      1008                   1000    7w     FIFO               0,11      0t0admin@i-096a29f104e7847fe:~$ lsof -i

paris/i-096a29f104e7847fe 07:14

by SadServers 8 months ago

write(2, "64", 264)                       = 2                                   write(2, " +", 2 +)                       = 2                                   write(2, "0x47d", 50x47d)                    = 5                                write(2, "\n", 1                                                                )                       = 1                                                     exit_group(2)                           = ?                                     +++ exited with 2 +++                                                           admin@i-0815e829d95ab34ca:~$ ./kihei -v                                         Creating file /home/admin/data/newdatafile with size 1.5GB...                   panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0815e829d95ab34ca:~$

kihei/i-0815e829d95ab34ca 01:57

by SadServers 8 months ago

udev             217M     0  217M   0% /dev                                     tmpfs             46M  368K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-051941ba15b672aa1:~$ du -shx                                            5.1G    .                                                                       admin@i-051941ba15b672aa1:~$ ls -l                                              total 5245048                                                                   drwxr-xr-x 2 admin root       4096 Sep 17  2023 agent                           drwxr-xr-x 2 admin root       4096 Oct 22 10:34 data                            -rw-r--r-- 1 root  root 5368709120 Sep 17  2023 datafile                        -rwxr-xr-x 1 admin root    2207109 Sep 17  2023 kihei                           admin@i-051941ba15b672aa1:~$

kihei/i-051941ba15b672aa1 00:53

by SadServers 8 months ago

tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      tcp        0      0 172.31.46.95:36554      172.31.18.4:9000        TIME_WAIT   tcp        0      0 172.31.46.95:36542      172.31.18.4:9000        TIME_WAIT   tcp        0      0 172.31.46.95:36528      172.31.18.4:9000        TIME_WAIT   tcp        0      0 172.31.46.95:36558      172.31.18.4:9000        TIME_WAIT   tcp6       0      0 :::6767                 :::*                    LISTEN      tcp6       0      0 :::8080                 :::*                    LISTEN      tcp6       0      0 :::22                   :::*                    LISTEN      tcp6       0      0 172.31.46.95:8080       172.31.16.109:59882     ESTABLISHED udp        0      0 127.0.0.1:323           0.0.0.0:*                           udp        0      0 0.0.0.0:68              0.0.0.0:*                           udp6       0      0 fe80::8cf:dff:fe7d::546 :::*                                udp6       0      0 ::1:323                 :::*                                admin@i-02f99f045f22e8777:~$ lso

paris/i-02f99f045f22e8777 01:59

by SadServers 7 months ago

admin@i-0c5fa8c43085cdc92:~$ cd /home/admin/                                    admin@i-0c5fa8c43085cdc92:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-0c5fa8c43085cdc92:~$ file

kihei/i-0c5fa8c43085cdc92 00:29

by SadServers 7 months ago

check.sh      sadagent      sadagent.txt                                        admin@i-095ed92c0df54793b:~$ cat agent/                                         check.sh      sadagent      sadagent.txt                                        admin@i-095ed92c0df54793b:~$ cat agent/sadagent.txt | tr -cd "[:print:]"        admin@i-095ed92c0df54793b:~$                                                    admin@i-095ed92c0df54793b:~$                                                    admin@i-095ed92c0df54793b:~$                                                    admin@i-095ed92c0df54793b:~$ apt install strings                                E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission dE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are yadmin@i-095ed92c0df54793b:~$ telnet localhost 5000                              Trying 127.0.0.1...                                                             Connected to localhost.                                                         Escape character is '^]'.

paris/i-095ed92c0df54793b 01:27

by SadServers 8 months ago

drwxr-xr-x 7 admin admin       4096 Oct 30 17:27 .                              drwxr-xr-x 3 root  root        4096 Sep 17  2023 ..                             drwx------ 3 admin admin       4096 Sep 17  2023 .ansible                       -rw-r--r-- 1 admin admin        220 Aug  4  2021 .bash_logout                   -rw-r--r-- 1 admin admin       3526 Aug  4  2021 .bashrc                        drwxr-xr-x 3 admin admin       4096 Oct 30 17:27 .config                        -rw-r--r-- 1 admin admin        807 Aug  4  2021 .profile                       drwx------ 2 admin admin       4096 Sep 17  2023 .ssh                           drwxr-xr-x 2 admin root        4096 Sep 17  2023 agent                          drwxr-xr-x 2 admin root        4096 Sep 17  2023 data                           -rw-r--r-- 1 root  root  5368709120 Sep 17  2023 datafile                       -rwxr-xr-x 1 admin root     2207109 Sep 17  2023 kihei                          root@i-0b90c906ab81ab69c:~# exit                                                exit                                                                            admin@i-0b90c906ab81ab69c:~$  /home/admin/kihei

kihei/i-0b90c906ab81ab69c 01:56

by SadServers 8 months ago

SF:HTTPStatus\.BAD_REQUEST\x20-\x20Bad\x20request\x20syntax\x20or\x20unsup      SF:ported\x20method\.</p>\n\x20\x20\x20\x20</body>\n</html>\n");                                                                                                Service detection performed. Please report any incorrect results at https://nmapNmap done: 1 IP address (1 host up) scanned in 92.67 seconds                    admin@i-0be8092b5097881f7:~$ shoutdown --help                                   bash: shoutdown: command not found                                              admin@i-0be8092b5097881f7:~$ sudo -l                                            Matching Defaults entries for admin on i-0be8092b5097881f7:                         env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/s                                                                                User admin may run the following commands on i-0be8092b5097881f7:                   (ALL : ALL) ALL                                                                 (ALL) NOPASSWD: /sbin/shutdown                                              admin@i-0be8092b5097881f7:~$ /s

paris/i-0be8092b5097881f7 02:26

by SadServers 8 months ago

> GET / HTTP/1.1                                                                > Host: 127.0.0.1:5000                                                          > User-Agent: curl/7.74.0                                                       > Accept: */*                                                                   >                                                                               * Mark bundle as not supporting multiuse                                        < HTTP/1.1 200 OK                                                               < Server: Werkzeug/2.3.7 Python/3.9.2                                           < Date: Tue, 22 Oct 2024 20:08:00 GMT                                           < Content-Type: text/html; charset=utf-8                                        < Content-Length: 12                                                            < Connection: close                                                             <                                                                               * Closing connection 0                                                          Unauthorizedadmin@i-06c199eebaada38e7:~$ curl --insecure --verbose http://127.0.

paris/i-06c199eebaada38e7 04:14

by SadServers 8 months ago

admin@i-06f3b8c27d3cc3538:~$ ls                                                 agent  webserver.py                                                             admin@i-06f3b8c27d3cc3538:~$

paris/i-06f3b8c27d3cc3538 00:12

by SadServers 7 months ago

admin@i-087fd4cfd674aa46f:~$ history                                                1  2023-09-20T15:57:57 > /home/admin/.bash_history                              2  2023-09-20T15:58:02 exit                                                     3  2024-10-30T14:46:50 history                                              admin@i-087fd4cfd674aa46f:~$ cd /home/admin

paris/i-087fd4cfd674aa46f 00:21

by SadServers 8 months ago

admin@i-04a6cc5c484ecf4e5:~$ cd /home/admin/                                    admin@i-04a6cc5c484ecf4e5:~$ ./kihei                                            panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-04a6cc5c484ecf4e5:~$ strace ./kihei &> output.txt                       admin@i-04a6cc5c484ecf4e5:~$ vi output.txt                                      admin@i-04a6cc5c484ecf4e5:~$ tail -n 10 o

kihei/i-04a6cc5c484ecf4e5 01:54

by SadServers 7 months ago

        ./main.go:64 +0x47d                                                     admin@i-0b1e69625413b35cf:~$ edf -h                                             bash: edf: command not found                                                    admin@i-0b1e69625413b35cf:~$ df -h                                              Filesystem       Size  Used Avail Use% Mounted on                               udev             217M     0  217M   0% /dev                                     tmpfs             46M  368K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-0b1e69625413b35cf:~$ apt autoremove                                     E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission dE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are yadmin@i-0b1e69625413b35cf:~$ sudoapt autoremove

kihei/i-0b1e69625413b35cf 04:44

by SadServers 6 months ago

root@i-00cd16d1d6b62ecaf:~# vgcreate data /dev/nvme1n1 /dev/nvme2n1               Volume group "data" successfully created                                      root@i-00cd16d1d6b62ecaf:~# vgs                                                   VG   #PV #LV #SN Attr   VSize VFree                                             data   2   0   0 wz--n- 1.99g 1.99g                                           root@i-00cd16d1d6b62ecaf:~# df -h                                               Filesystem       Size  Used Avail Use% Mounted on                               udev             217M     0  217M   0% /dev                                     tmpfs             46M  384K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   24K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                tmpfs             46M     0   46M   0% /run/user/0                              root@i-00cd16d1d6b62ecaf:~# ko

kihei/i-00cd16d1d6b62ecaf 02:32

by SadServers 7 months ago