Saving to: ‘index.html’                                                                                                                                         index.html                                           100%[======================                                                                                2023-12-18 12:29:59 (230 KB/s) - ‘index.html’ saved [12/12]                                                                                                     admin@i-0e0c49ce0b601c9b4:~$ cat index.html                                     Unauthorizedadmin@i-0e0c49ce0b601c9b4:~$ ss -tlnp                               State                 Recv-Q                Send-Q                              LISTEN                0                     128                                 LISTEN                0                     128                                 LISTEN                0                     4096                                LISTEN                0                     4096                                LISTEN                0                     128                                 admin@i-0e0c49ce0b601c9b4:~$ wget                                               

tcp     ESTAB        0         0                                 [::ffff:172.31. [::ffff:172.31.16.109]:49770    timer:(keepalive,3.216ms,0)                    admin@i-0bce630416db45b25:~$                                                    admin@i-0bce630416db45b25:~$                                                    admin@i-0bce630416db45b25:~$                                                    admin@i-0bce630416db45b25:~$ lsof -i:5000                                       admin@i-0bce630416db45b25:~$                                                    admin@i-0bce630416db45b25:~$ lsof -i                                            COMMAND  PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME                        gotty    558 admin    6u  IPv6  10895      0t0  TCP *:http-alt (LISTEN)         gotty    558 admin    7u  IPv6  12340      0t0  TCP ip-172-31-40-35.us-east-2.co>ip-172-31-16-109.us-east-2.compute.internal:49770 (ESTABLISHED)                sadagent 559 admin    7u  IPv6   1958      0t0  TCP *:6767 (LISTEN)             admin@i-0bce630416db45b25:~$                                                    admin@i-0bce630416db45b25:~$                                                    

83 -q -i 2 /var/log/cast/i-0df1765d3                                            admin        681  0.0  3.0  24456 14444 pts/0    R<+  02:55   0:00 /usr/bin/pyth83 -q -i 2 /var/log/cast/i-0df1765d3                                            admin        682  0.0  0.1   2480   572 pts/1    S<s  02:55   0:00 sh -c /bin/baadmin        683  0.0  0.9   6820  4536 pts/1    S<   02:55   0:00 /bin/bash    admin        716  0.0  0.6   8648  3136 pts/1    R<+  02:56   0:00 ps -aux      admin@i-0df1765d381c3a083:~$ ps -aux  | grep kihei                              admin        678  0.4  4.1  98188 19260 pts/0    S<l+ 02:55   0:00 /usr/bin/pyth83 -q -i 2 /var/log/cast/i-0df1765d381c3a083                                    admin        681  0.0  3.0  24456 14444 pts/0    S<+  02:55   0:00 /usr/bin/pyth83 -q -i 2 /var/log/cast/i-0df1765d381c3a083                                    admin        718  0.0  0.1   5264   704 pts/1    S<+  02:56   0:00 grep kihei   admin@i-0df1765d381c3a083:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-0df1765d381c3a083:~$                                                    

                                                                                example:  knock myserver.example.com 123:tcp 456:udp 789:tcp                                                                                                    admin@i-080ac908debd2d3d7:~$ knock -v 127.0.0.1 80:tcp 1                        hitting tcp 127.0.0.1:80                                                        hitting tcp 127.0.0.1:1                                                         admin@i-080ac908debd2d3d7:~$ knock -v 127.0.0.1 80:tcp                          hitting tcp 127.0.0.1:80                                                        admin@i-080ac908debd2d3d7:~$ curl -D - -v localhost                             *   Trying 127.0.0.1:80...                                                      * connect to 127.0.0.1 port 80 failed: Connection refused                       * Failed to connect to localhost port 80: Connection refused                    * Closing connection 0                                                          curl: (7) Failed to connect to localhost port 80: Connection refused            admin@i-080ac908debd2d3d7:~$ nc -vv 12