command-line-murders/i-0825fc5345815be7b

by SadServers 1 year ago

GNU/Linux ◆ xterm-256color ◆ bash 384 views

More by SadServers

drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-010d84eaab4d0fc03:~$ cp /home/admin/webserver.py /tmp/                  cp: cannot open '/home/admin/webserver.py' for reading: Permission denied       admin@i-010d84eaab4d0fc03:~$                                                    admin@i-010d84eaab4d0fc03:~$ ls -la /home/admin/agent/                          total 11144                                                                     drwxr-xr-x 2 admin root      4096 Sep 24  2023 .                                drwxr-xr-x 6 admin admin     4096 Sep 24  2023 ..                               -rwxr-xr-x 1 admin admin      230 Sep 24  2023 check.sh                         -rwxr-xr-x 1 admin root  11397096 Sep 20  2023 sadagent                         -rw-r--r-- 1 admin admin        0 Sep 20  2023 sadagent.txt                     admin@i-010d84eaab4d0fc03:~$ ls -la /home/admin/agent/sadagent                  -rwxr-xr-x 1 admin root 11397096 Sep 20  2023 /home/admin/agent/sadagent        admin@i-010d84eaab4d0fc03:~$

paris/i-010d84eaab4d0fc03 02:29

by SadServers 3 days ago

1    134  2    26   4    54   573  594  63   729        bus        driver       10   14   20   27   462  55   574  596  64   73         cgroups    dynamic_debug11   15   212  28   49   557  579  597  680  762        cmdline    execdomains  114  16   22   29   5    558  58   6    684  78         consoles   fb           115  17   23   3    50   56   582  60   687  8          cpuinfo    filesystems  12   18   235  30   51   561  583  61   688  9          crypto     fs           13   19   24   347  52   563  584  618  689  acpi       devices    interrupts   133  195  25   389  53   57   59   62   7    buddyinfo  diskstats  iomem        admin@i-0c5c0bccbc8341a7b:~$ ls /proc/^C                                        admin@i-0c5c0bccbc8341a7b:~$ ^C                                                 admin@i-0c5c0bccbc8341a7b:~$ ^C                                                 admin@i-0c5c0bccbc8341a7b:~$ ^C                                                 admin@i-0c5c0bccbc8341a7b:~$ ^C                                                 admin@i-0c5c0bccbc8341a7b:~$ ^C                                                 admin@i-0c5c0bccbc8341a7b:~$ ps -aux | grep p

paris/i-0c5c0bccbc8341a7b 01:47

by SadServers 1 month ago

drwxr-xr-x 2 admin admin  20480 Oct  3 21:46 interviews                         drwxr-xr-x 2 admin admin   4096 Oct 31 16:41 memberships                        -rw-r--r-- 1 admin admin 223490 Oct  3 21:46 people                             drwxr-xr-x 2 admin admin  12288 Oct  3 21:46 streets                            -rw-r--r-- 1 admin admin    551 Oct 31 16:43 suspects                           -rw-r--r-- 1 admin admin 497535 Oct  3 21:46 vehicles                           admin@i-04f88737de06b80cb:~/clmystery/mystery$ grep CLUE crimescene             CLUE: Footage from an ATM security camera is blurry but shows that the perpetratst 6'.                                                                          CLUE: Found a wallet believed to belong to the killer: no ID, just loose change, Rotary_Club, Delta SkyMiles, the local library, and the Museum of Bash History.traceable and have no name, for some reason.                                    CLUE: Questioned the barista at the local coffee shop. He said a woman left righhots. The name on her latte was Annabel, she had blond spiky hair and a New Zealadmin@i-04f88737de06b80cb:~/clmystery/mystery$

command-line-murders/i-04f88737de06b80cb 10:14

by SadServers 1 year ago

[sudo] password for admin:                                                      ^Csudo: 1 incorrect password attempt                                            admin@i-09b7dc79be18d538a:~$ ^C                                                 admin@i-09b7dc79be18d538a:~$ netstat -an --tcp --program                        (Not all processes could be identified, non-owned process info                   will not be shown, you would have to be root to see it all.)                   Active Internet connections (servers and established)                           Proto Recv-Q Send-Q Local Address           Foreign Address         State       tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      tcp6       0      0 :::6767                 :::*                    LISTEN      tcp6       0      0 :::8080                 :::*                    LISTEN      tcp6       0      0 :::22                   :::*                    LISTEN      tcp6       0    249 172.31.37.243:8080      172.31.16.109:41784     ESTABLISHED admin@i-09b7dc79be18d538a:~$

paris/i-09b7dc79be18d538a 01:13

by SadServers 11 days ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 581.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '581.cast',
      document.getElementById('player'),
      { cols: 104, rows: 41 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.