command-line-murders/i-0b62efeb411c11c44
by SadServersMore by SadServers
goroutine 1 [running]: main.main() ./main.go:62 +0x465 admin@i-06bda4a9f0a6d2dd2:~$ vim trace-new.txt admin@i-06bda4a9f0a6d2dd2:~$ ls agent data datafile kihei kihei.bkp trace-new.txt trace.txt admin@i-06bda4a9f0a6d2dd2:~$ cp kihei.bkp kihei admin@i-06bda4a9f0a6d2dd2:~$ ls agent data datafile kihei kihei.bkp trace-new.txt trace.txt admin@i-06bda4a9f0a6d2dd2:~$ cd data/ admin@i-06bda4a9f0a6d2dd2:~/data$ ls admin@i-06bda4a9f0a6d2dd2:~/data$ touch /home/admin/data/newdatafile admin@i-06bda4a9f0a6d2dd2:~/data$ ls newdatafile admin@i-06bda4a9f0a6d2dd2:~/data$
kihei/i-06bda4a9f0a6d2dd2 10:09
by SadServerschmod: changing permissions of './webserver.py': Operation not permitted admin@i-0fe5db61e982e9777:~$ chmod -R 755 . chmod: changing permissions of './webserver.py': Operation not permitted admin@i-0fe5db61e982e9777:~$ grep -ri 'password' | /etc/apache2/* bash: /etc/apache2/conf-available: Is a directory grep: agent/sadagent: binary file matches grep: webserver.py: Permission denied admin@i-0fe5db61e982e9777:~$ grep -ri 'password' | /etc/apache2/conf-available bash: /etc/apache2/conf-available: Is a directory grep: agent/sadagent: binary file matches grep: webserver.py: Permission denied grep: write error: Broken pipe admin@i-0fe5db61e982e9777:~$ admin@i-0fe5db61e982e9777:~$ grep -ri 'password' /etc/apache2/conf-available admin@i-0fe5db61e982e9777:~$
paris/i-0fe5db61e982e9777 04:33
by SadServersile="unconfined" name="/usr/bin/man" pid=336 comm="apparmor_parser" [ 4.839178] audit: type=1400 audit(1739149489.855:5): apparmor="STATUS" operaile="unconfined" name="man_filter" pid=336 comm="apparmor_parser" [ 4.853673] audit: type=1400 audit(1739149489.855:6): apparmor="STATUS" operaile="unconfined" name="man_groff" pid=336 comm="apparmor_parser" [ 4.870219] audit: type=1400 audit(1739149489.891:7): apparmor="STATUS" operaile="unconfined" name="tcpdump" pid=338 comm="apparmor_parser" [ 4.884118] audit: type=1400 audit(1739149489.907:8): apparmor="STATUS" operaile="unconfined" name="/usr/sbin/chronyd" pid=339 comm="apparmor_parser" [ 4.884121] audit: type=1400 audit(1739149489.927:9): apparmor="STATUS" operaile="unconfined" name="lsb_release" pid=337 comm="apparmor_parser" [ 56.427427] IPv6: ADDRCONF(NETDEV_CHANGE): ens5: link becomes ready [ 58.862552] device-mapper: uevent: version 1.0.3 [ 58.867273] device-mapper: ioctl: 4.43.0-ioctl (2020-10-01) initialised: dm-dadmin@i-0db84b7794affbe97:~$