kihei/i-0cb4275c09b1a51bf
by SadServersMore by SadServers
-upgrades/unattended-upgrade-shutdown -- root 685 0.0 0.0 0 0 ? I 04:20 0:00 [kworker/1:4-admin 687 0.0 0.9 6740 4512 pts/0 S<s+ 04:20 0:00 bash -l admin 691 0.5 4.1 98188 19348 pts/0 S<l+ 04:20 0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 / admin 694 0.0 3.0 24456 14436 pts/0 S<+ 04:20 0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 / admin 695 0.0 0.1 2480 572 pts/1 S<s 04:20 0:00 sh -c /bin/baadmin 696 0.0 1.0 6952 4724 pts/1 S< 04:20 0:00 /bin/bash admin 709 0.0 0.6 8648 3240 pts/1 R<+ 04:20 0:00 ps aux admin@i-0cea73f15d68f034f:~$ ps aux|grep -i web root 574 0.5 6.0 107132 28320 ? Ss 04:20 0:00 /usr/bin/pyth.py admin 712 0.0 0.1 5132 640 pts/1 S<+ 04:20 0:00 grep -i web admin@i-0cea73f15d68f034f:~$
paris/i-0cea73f15d68f034f 00:54
by SadServersif [[ "$actual_checksum" == "$expected_checksum" ]]; then echo -n "OK" else echo -n "NO" fiadmin@i-053e95096bbd62d08:~/agent$ file sadagent sadagent: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linke-linux-x86-64.so.2, Go BuildID=H6A8cVluPFUvaNojVwMi/C5t-5rNiA5GJLWeSm5Qz/KXfivG_EPr4lPEnoe, not stripped admin@i-053e95096bbd62d08:~/agent$ cd .. admin@i-053e95096bbd62d08:~$ ls agent webserver.py admin@i-053e95096bbd62d08:~$ cat webserver.py cat: webserver.py: Permission denied admin@i-053e95096bbd62d08:~$ ls
paris/i-053e95096bbd62d08 02:03
by SadServersadmin@i-01938499a23dd6d8b:~$ curl http://localhost:5000 Unauthorizedadmin@i-01938499a23dd6d8b:~$ curl https://localhost:5000 curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number admin@i-01938499a23dd6d8b:~$ strace -p 573 strace: attach: ptrace(PTRACE_SEIZE, 573): Operation not permitted admin@i-01938499a23dd6d8b:~$ sudo strace -p 573 We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: