command-line-murders/i-0cc947bfa2f76467b
by SadServersMore by SadServers
/home/admin admin@i-04d9fdf17ef2b370a:~$ ls -la total 44 drwxr-xr-x 6 admin admin 4096 Sep 24 23:20 . drwxr-xr-x 3 root root 4096 Sep 17 16:44 .. drwx------ 3 admin admin 4096 Sep 20 15:52 .ansible -rw------- 1 admin admin 93 Jan 31 18:51 .bash_history -rw-r--r-- 1 admin admin 220 Aug 4 2021 .bash_logout -rw-r--r-- 1 admin admin 3526 Aug 4 2021 .bashrc drwxr-xr-x 3 admin admin 4096 Sep 20 15:56 .config -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4096 Sep 17 16:44 .ssh drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-04d9fdf17ef2b370a:~$ nano webserver.py
paris/i-04d9fdf17ef2b370a 01:05
by SadServersadmin 795 691 0 13:08 pts/1 00:00:00 ps -ef admin@i-0f74600404c71b126:~$ admin@i-0f74600404c71b126:~$ admin@i-0f74600404c71b126:~$ ls agent webserver.py admin@i-0f74600404c71b126:~$ vi webserver.py admin@i-0f74600404c71b126:~$ cd agent/ admin@i-0f74600404c71b126:~/agent$ ls check.sh sadagent sadagent.txt admin@i-0f74600404c71b126:~/agent$ cd admin@i-0f74600404c71b126:~$ ls -rtl total 8 -rwxrwx--- 1 root root 360 Sep 24 2023 webserver.py drwxr-xr-x 2 admin root 4096 Sep 24 2023 agent admin@i-0f74600404c71b126:~$ curl localh
paris/i-0f74600404c71b126 01:48
by SadServersif [[ "$actual_checksum" == "$expected_checksum" ]]; then echo -n "OK" else echo -n "NO" fiadmin@i-03f906c9d0e560363:~/agentcat /etc/systemd/system/flaskapp.servicepy [Unit] Description=Flask Application After=network.target [Service] ExecStart=/usr/bin/python3 /home/admin/webserver.py [Install] WantedBy=multi-user.target admin@i-03f906c9d0e560363:~/agent$ journalctl -u f
paris/i-03f906c9d0e560363 04:46
by SadServers#1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: Sorry, try again. [sudo] password for admin: sudo: 1 incorrect password attempt admin@i-059b7902195b918d8:~$ curl -vik localhost:500 * Trying 127.0.0.1:500... * connect to 127.0.0.1 port 500 failed: Connection refused * Failed to connect to localhost port 500: Connection refused * Closing connection 0 curl: (7) Failed to connect to localhost port 500: Connection refused admin@i-059b7902195b918d8:~$