command-line-murders/i-057898ace39765d92

by SadServers 1 year ago

GNU/Linux ◆ xterm-256color ◆ bash 501 views

More by SadServers

total 11M                                                                       -rwxr-xr-x 1 admin root  11M Sep 20 15:53 sadagent                              -rw-r--r-- 1 admin admin   0 Sep 20 15:53 sadagent.txt                          -rwxr-xr-x 1 admin admin 230 Sep 24 23:20 check.sh                              admin@i-0cfcaf1d38addd2ba:~/agent$ cat sadagent.txt                             admin@i-0cfcaf1d38addd2ba:~/agent$ nc localhost 5000                                                                                                                                                                                            admin@i-0cfcaf1d38addd2ba:~/agent$ GET /                                        bash: GET: command not found                                                    admin@i-0cfcaf1d38addd2ba:~/agent$ GET /                                        bash: GET: command not found                                                    admin@i-0cfcaf1d38addd2ba:~/agent$ curl --user-agent "password" localhost:5000  Welcome! Password is FDZPmh5AX3oiJtadmin@i-0cfcaf1d38addd2ba:~/agent$ curl --use5000

paris/i-0cfcaf1d38addd2ba 03:22

by SadServers 1 year ago

admin        771     697  0 16:53 pts/1    00:00:00 more                        admin@i-09f185fddd1e81888:~$ history                                                1  2023-09-20T15:57:57 > /home/admin/.bash_history                              2  2023-09-20T15:58:02 exit                                                     3  2025-03-07T16:52:03 sudo su -                                                4  2025-03-07T16:52:06 ls -l                                                    5  2025-03-07T16:52:14 lsof -i :5000                                            6  2025-03-07T16:52:18 sudo lsof -i :5000                                       7  2025-03-07T16:52:22 ps -ef                                                   8  2025-03-07T16:52:38 nstat -tlnp                                              9  2025-03-07T16:52:44 netstat -tlnp                                           10  2025-03-07T16:52:56 systemctl status                                        11  2025-03-07T16:53:15 ps -ef  | more                                          12  2025-03-07T16:54:05 history                                              admin@i-09f185fddd1e81888:~$ ls -l /home/admin/webserver.py

paris/i-09f185fddd1e81888 02:23

by SadServers 3 months ago

goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0f6d76d4e64ebbaa3:~$ less  /home/admin/kihei                            "/home/admin/kihei" may be a binary file.  See it anyway?                       admin@i-0f6d76d4e64ebbaa3:~$                                                    admin@i-0f6d76d4e64ebbaa3:~$ df -h                                              Filesystem       Size  Used Avail Use% Mounted on                               udev             217M     0  217M   0% /dev                                     tmpfs             46M  368K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-0f6d76d4e64ebbaa3:~$

kihei/i-0f6d76d4e64ebbaa3 00:29

by SadServers 4 months ago

Delta_SkyMiles:Mingjuan Birgmark                                                Delta_SkyMiles:Beatriz Smock                                                    Delta_SkyMiles:Adnan Brendel                                                    Delta_SkyMiles:Hiram Blume                                                      admin@i-06ad0c779a8e47bbc:~/clmystery/mystery/memberships$ find /home/admin/clmye              "CLUE"                                                           CLUE: Footage from an ATM security camera is blurry but shows that the perpetratast 6'.                                                                         CLUE: Found a wallet believed to belong to the killer: no ID, just loose change,r Rotary_Club, Delta SkyMiles, the local library, and the Museum of Bash Historyuntraceable and have no name, for some reason.                                  CLUE: Questioned the barista at the local coffee shop. He said a woman left righshots. The name on her latte was Annabel, she had blond spiky hair and a New Zeaadmin@i-06ad0c779a8e47bbc:~/clmystery/mystery/memberships$ find /home/admin/clmyDelta_SkyMiles | xargs grep "Jeremy"

command-line-murders/i-06ad0c779a8e47bbc 04:08

by SadServers 1 year ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 248.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '248.cast',
      document.getElementById('player'),
      { cols: 281, rows: 39 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.