command-line-murders/i-0ab94fff77eac5e16
by SadServersMore by SadServers
admin@i-090340fbfd6fc2419:~$ ls agent webserver.py admin@i-090340fbfd6fc2419:~$ admin@i-090340fbfd6fc2419:~$ curl localhost:5000 Unauthorizedadmin@i-090340fbfd6fc2419:~$ admin@i-090340fbfd6fc2419:~$ curl http://localhost:5000 Unauthorizedadmin@i-090340fbfd6fc2419:~$ curl https://localhost:5000 curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number admin@i-090340fbfd6fc2419:~$ admin@i-090340fbfd6fc2419:~$ curl localhost:5000/?auth=true Unauthorizedadmin@i-090340fbfd6fc2419:~$ admin@i-090340fbfd6fc2419:~$
paris/i-090340fbfd6fc2419 02:04
by SadServersDec 24 18:21:24 i-000c4d79984b70a73 systemd[1]: Started Hammer Time. Dec 24 18:21:25 i-000c4d79984b70a73 systemd[1]: mc.service: Succeeded. Dec 24 18:21:47 i-000c4d79984b70a73 dhclient[463]: XMT: Solicit on ens5, intervaDec 24 18:22:09 i-000c4d79984b70a73 systemd[1]: Started Hammer Time. Dec 24 18:22:10 i-000c4d79984b70a73 systemd[1]: mc.service: Succeeded. Dec 24 18:22:58 i-000c4d79984b70a73 dhclient[463]: XMT: Solicit on ens5, intervaDec 24 18:23:18 i-000c4d79984b70a73 python3[575]: 127.0.0.1 - - [24/Dec/2023 18:admin@i-000c4d79984b70a73:/var/log$ ls alternatives.log auth.log btmp chrony daemon.log urnal kern.log.2.gz messages.1 private syslog.1 user.log alternatives.log.1 auth.log.1 btmp.1 cloud-init-output.log daemon.log.1 rn.log lastlog messages.2.gz runit syslog.2.gz user.log.1apt auth.log.2.gz cast cloud-init.log daemon.log.2.grn.log.1 messages minio.log syslog unattended-upgrades user.log.2admin@i-000c4d79984b70a73:/var/log$ ls
paris/i-000c4d79984b70a73 03:03
by SadServersdrwxr-xr-x 2 admin root 4096 Sep 17 17:28 data -rw-r--r-- 1 root root 5368709120 Sep 17 17:28 datafile -rwxr-xr-x 1 admin root 2207109 Sep 17 17:28 kihei admin@i-0847c56ed353b4fb9:~$ sudo -l Matching Defaults entries for admin on i-0847c56ed353b4fb9: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sn User admin may run the following commands on i-0847c56ed353b4fb9: (ALL : ALL) ALL (ALL) NOPASSWD: ALL (ALL) NOPASSWD: ALL (ALL) NOPASSWD: ALL (ALL) NOPASSWD: /sbin/shutdown admin@i-0847c56ed353b4fb9:~$ rm .bash