command-line-murders/i-01d5fef6956d229c8
by SadServersMore by SadServers
/home/admin admin@i-04d9fdf17ef2b370a:~$ ls -la total 44 drwxr-xr-x 6 admin admin 4096 Sep 24 23:20 . drwxr-xr-x 3 root root 4096 Sep 17 16:44 .. drwx------ 3 admin admin 4096 Sep 20 15:52 .ansible -rw------- 1 admin admin 93 Jan 31 18:51 .bash_history -rw-r--r-- 1 admin admin 220 Aug 4 2021 .bash_logout -rw-r--r-- 1 admin admin 3526 Aug 4 2021 .bashrc drwxr-xr-x 3 admin admin 4096 Sep 20 15:56 .config -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4096 Sep 17 16:44 .ssh drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-04d9fdf17ef2b370a:~$ nano webserver.py
paris/i-04d9fdf17ef2b370a 01:05
by SadServersgoroutine 1 [running]: main.main() ./main.go:62 +0x465 admin@i-06bda4a9f0a6d2dd2:~$ vim trace-new.txt admin@i-06bda4a9f0a6d2dd2:~$ ls agent data datafile kihei kihei.bkp trace-new.txt trace.txt admin@i-06bda4a9f0a6d2dd2:~$ cp kihei.bkp kihei admin@i-06bda4a9f0a6d2dd2:~$ ls agent data datafile kihei kihei.bkp trace-new.txt trace.txt admin@i-06bda4a9f0a6d2dd2:~$ cd data/ admin@i-06bda4a9f0a6d2dd2:~/data$ ls admin@i-06bda4a9f0a6d2dd2:~/data$ touch /home/admin/data/newdatafile admin@i-06bda4a9f0a6d2dd2:~/data$ ls newdatafile admin@i-06bda4a9f0a6d2dd2:~/data$
kihei/i-06bda4a9f0a6d2dd2 10:09
by SadServersudev 221828 0 221828 0% /dev tmpfs 46636 368 46268 1% /run /dev/nvme0n1p1 8026128 6354488 1242384 84% / tmpfs 233168 12 233156 1% /dev/shm tmpfs 5120 0 5120 0% /run/lock /dev/nvme0n1p15 126678 6016 120662 5% /boot/efi admin@i-0ed3208f72b7149da:~$ df -i Filesystem Inodes IUsed IFree IUse% Mounted on udev 55457 307 55150 1% /dev tmpfs 58292 441 57851 1% /run /dev/nvme0n1p1 516096 32800 483296 7% / tmpfs 58292 4 58288 1% /dev/shm tmpfs 58292 3 58289 1% /run/lock /dev/nvme0n1p15 0 0 0 - /boot/efi admin@i-0ed3208f72b7149da:~$
kihei/i-0ed3208f72b7149da 00:13
by SadServers(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) admin@i-0b9f3cd0094de1d6e:~$ netstat -anlp|grep 172 (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 172.31.42.227:59464 172.31.21.181:9000 TIME_WAIT tcp 0 0 172.31.42.227:59462 172.31.21.181:9000 TIME_WAIT tcp 0 0 172.31.42.227:59460 172.31.21.181:9000 TIME_WAIT tcp6 0 0 172.31.42.227:8080 172.31.16.109:54422 ESTABLISHED admin@i-0b9f3cd0094de1d6e:~$ curl ^C admin@i-0b9f3cd0094de1d6e:~$ nmap -sV 172.31.21.181 -p 9000 Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-01 16:08 UTC Note: Host seems down. If it is really up, but blocking our ping probes, try -PnNmap done: 1 IP address (0 hosts up) scanned in 4.87 seconds admin@i-0b9f3cd0094de1d6e:~$ ip a