kihei/i-0999a44d263ea34e9

by SadServers 4 months ago

GNU/Linux ◆ xterm-256color ◆ bash 269 views

More by SadServers

                                                                                LISTEN       0         4096                              *:6767                  users:(("sadagent",pid=565,fd=7))                                              LISTEN       0         4096                              *:8080                  users:(("gotty",pid=564,fd=6))                                                 ESTAB        0         0             [::ffff:172.31.33.75]:8080          [::ffff users:(("gotty",pid=564,fd=7))                                                 admin@i-0fefafcf5226688e9:/proc/576$ watch 'ss -antp'                           admin@i-0fefafcf5226688e9:/proc/576$ cd ~                                       admin@i-0fefafcf5226688e9:~$ ls -l                                              total 8                                                                         drwxr-xr-x 2 admin root 4096 Sep 24  2023 agent                                 -rwxrwx--- 1 root  root  360 Sep 24  2023 webserver.py                          admin@i-0fefafcf5226688e9:~$ find / -perm ^C                                    admin@i-0fefafcf5226688e9:~$

paris/i-0fefafcf5226688e9 05:28

by SadServers 4 months ago

> Host: 127.0.0.1:5000                                                          > Authorization: Basic YWRtaW46YWRtaW4=                                         > User-Agent: curl/7.74.0                                                       > Accept: */*                                                                   >                                                                               * Mark bundle as not supporting multiuse                                        < HTTP/1.1 200 OK                                                               < Server: Werkzeug/2.3.7 Python/3.9.2                                           < Date: Wed, 27 Dec 2023 10:00:47 GMT                                           < Content-Type: text/html; charset=utf-8                                        < Content-Length: 12                                                            < Connection: close                                                             <                                                                               * Closing connection 0                                                          Unauthorizedadmin@i-0be5e4664c35e2594:~$ curl -u 'test:test' 127.0.0.1:5000 -v

paris/i-0be5e4664c35e2594 02:51

by SadServers 1 year ago

    #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:                                                      sudo: a password is required                                                    admin@i-0e74c6feeef89a0ae:~$ for i in $(seq 1 65536); do                          echo -n "."                                                                     nmap -PS $i localhost > /dev/null                                               output=$(curl --silent localhost)                                               echo $output | egrep -v "^Who is there\?$" && echo "yay - $i"                 done                                                                            .                                                                               yay - 1                                                                         ...................                                                             admin@i-0e74c6feeef89a0ae:~$ nmap -PS 1

taipei/i-0e74c6feeef89a0ae 00:54

by SadServers 1 year ago

_apt:x:100:65534::/nonexistent:/usr/sbin/nologin                                messagebus:x:101:101::/nonexistent:/usr/sbin/nologin                            uuidd:x:102:102::/run/uuidd:/usr/sbin/nologin                                   tcpdump:x:103:103::/nonexistent:/usr/sbin/nologin                               _chrony:x:104:104:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin            systemd-network:x:105:106:systemd Network Management,,,:/run/systemd:/usr/sbin/nsystemd-resolve:x:106:107:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin    sshd:x:107:65534::/run/sshd:/usr/sbin/nologin                                   systemd-timesync:x:999:999:systemd Time Synchronization:/:/usr/sbin/nologin     systemd-coredump:x:998:998:systemd Core Dumper:/:/usr/sbin/nologin              admin:x:1000:1000:Debian:/home/admin:/bin/bash                                  admin@i-02f008a4ef093b898:~$ su - www-data bash                                 Password:                                                                       ^C                                                                              admin@i-02f008a4ef093b898:~$ curl -A

paris/i-02f008a4ef093b898 00:59

by SadServers 7 months ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 2035.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '2035.cast',
      document.getElementById('player'),
      { cols: 105, rows: 41 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.