Dec 16 19:58:09 i-087a04010afc840a2 sudo[686]: pam_unix(sudo:session): session o) by (uid=1000)                                                                 root@i-087a04010afc840a2:/home/admin# ^C                                        root@i-087a04010afc840a2:/home/admin# tail -f /etc/systemd/system/gotty.service [Service]                                                                       User=admin                                                                      Group=admin                                                                     ExecStart=/usr/local/gotty --permit-write --reconnect --max-connection 5 bash -lWorkingDirectory=/home/admin                                                    Restart=on-failure                                                              Nice=-20                                                                                                                                                        [Install]                                                                       WantedBy=multi-user.target                                                                                                                                      

    693 pts/1    00:00:00 sh                                                        694 pts/1    00:00:00 bash                                                      800 pts/1    00:00:00 ps                                                    admin@i-0b98d3e9a33585961:~$ netstat -an | grep 5000                            tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      admin@i-0b98d3e9a33585961:~$ lsof -i :5000                                      admin@i-0b98d3e9a33585961:~$ lsof -i :5000                                      admin@i-0b98d3e9a33585961:~$ ss -lntu | grep 5000                               tcp   LISTEN 0      128                          127.0.0.1:5000      0.0.0.0:*  admin@i-0b98d3e9a33585961:~$ lsof -i :5000                                      admin@i-0b98d3e9a33585961:~$ netstat -tulnp | grep 5000                         (Not all processes could be identified, non-owned process info                   will not be shown, you would have to be root to see it all.)                   tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      admin@i-0b98d3e9a33585961:~$ netstat -tulnp | grep                              

apparmor.d              cron.daily            e2scrub.conf    gshadow      iptab  modprobe.d      os-release     rc0.d      rsyslog.conf    skel      sysctl.conapt                     cron.hourly           environment     gshadow-     issue  modules         pam.conf       rc1.d      rsyslog.d       ssh       sysctl.d  bash.bashrc             cron.monthly          ethertypes      gss          issue  modules-load.d  pam.d          rc2.d      runit           ssl       systemd   bash_completion         cron.weekly           fonts           host.conf    kerne  motd            passwd         rc3.d      sadscenario     subgid    terminfo  bindresvport.blacklist  crontab               fstab           hostname     kerne  mtab            passwd-        rc4.d      screenrc        subgid-   timezone  binfmt.d                dbus-1                fstab.old       hosts        knock  nanorc          pm             rc5.d      security        subuid    tmpfiles.dca-certificates         debconf.conf          gai.conf        hosts.allow  ld.so  netconfig       ppp            rc6.d      selinux         subuid-   ucf.conf  admin@i-0f38fefa3d5eb7b9e:~$                                                    

                                                                                The officers on the scene are pretty meticulous, so they've written down EVERYTHs.                                                                                                                                                              Fortunately the sergeant went through and marked the real clues with the word "C                                                                                If you get stuck, open one of the hint files (from the CL, type 'cat hint1', 'ca                                                                                To check your answer or find out the solution, open the file 'solution' (from th                                                                                To get started on how to use the command line, open cheatsheet.md or cheatsheet. you can type 'nano cheatsheet.md').                                                                                                                            Don't use a text editor to view any files except these instructions, the cheatsh(END)