head -n 20 people                                                             admin@i-0d0a0a975a67d4d8c:~/clmystery$ cat hint2                                Try using grep to search for the clues in the crimescene file:                                                                                                          grep "CLUE" crimescene                                                  admin@i-0d0a0a975a67d4d8c:~/clmystery$ cat hint3                                In order to track down our potential witness, we need to figure out where she li                                                                                Try using 'head' on some of the files like 'people' and 'vehicles' and see whereadmin@i-0d0a0a975a67d4d8c:~/clmystery$ ls -a | grep people                      admin@i-0d0a0a975a67d4d8c:~/clmystery$ tree / | grep people                     bash: tree: command not found                                                   admin@i-0d0a0a975a67d4d8c:~/clmystery$ ls -a / | grep people                    admin@i-0d0a0a975a67d4d8c:~/clmystery$ ls -a / | grep people                    

-upgrades/unattended-upgrade-shutdown --                                        root         685  0.0  0.0      0     0 ?        I    04:20   0:00 [kworker/1:4-admin        687  0.0  0.9   6740  4512 pts/0    S<s+ 04:20   0:00 bash -l      admin        691  0.5  4.1  98188 19348 pts/0    S<l+ 04:20   0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 /                                        admin        694  0.0  3.0  24456 14436 pts/0    S<+  04:20   0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 /                                        admin        695  0.0  0.1   2480   572 pts/1    S<s  04:20   0:00 sh -c /bin/baadmin        696  0.0  1.0   6952  4724 pts/1    S<   04:20   0:00 /bin/bash    admin        709  0.0  0.6   8648  3240 pts/1    R<+  04:20   0:00 ps aux       admin@i-0cea73f15d68f034f:~$ ps aux|grep -i web                                 root         574  0.5  6.0 107132 28320 ?        Ss   04:20   0:00 /usr/bin/pyth.py                                                                             admin        712  0.0  0.1   5132   640 pts/1    S<+  04:20   0:00 grep -i web  admin@i-0cea73f15d68f034f:~$                                                    

                                                                                if [[ "$actual_checksum" == "$expected_checksum" ]]; then                         echo -n "OK"                                                                  else                                                                              echo -n "NO"                                                                  fiadmin@i-053e95096bbd62d08:~/agent$ file sadagent                              sadagent: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linke-linux-x86-64.so.2, Go BuildID=H6A8cVluPFUvaNojVwMi/C5t-5rNiA5GJLWeSm5Qz/KXfivG_EPr4lPEnoe, not stripped                                                        admin@i-053e95096bbd62d08:~/agent$ cd ..                                        admin@i-053e95096bbd62d08:~$ ls                                                 agent  webserver.py                                                             admin@i-053e95096bbd62d08:~$ cat webserver.py                                   cat: webserver.py: Permission denied                                            admin@i-053e95096bbd62d08:~$ ls                                                 

admin@i-01938499a23dd6d8b:~$ curl http://localhost:5000                         Unauthorizedadmin@i-01938499a23dd6d8b:~$ curl https://localhost:5000            curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number     admin@i-01938499a23dd6d8b:~$ strace -p 573                                      strace: attach: ptrace(PTRACE_SEIZE, 573): Operation not permitted              admin@i-01938499a23dd6d8b:~$ sudo strace -p 573                                                                                                                 We trust you have received the usual lecture from the local System              Administrator. It usually boils down to these three things:                                                                                                         #1) Respect the privacy of others.                                              #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin: