command-line-murders/i-0cf0707bb8c364e8c

by SadServers 1 year ago

GNU/Linux ◆ xterm-256color ◆ bash 363 views

More by SadServers

et                                                                              unix  2      [ ACC ]     STREAM     LISTENING     10712    -                    unix  2      [ ACC ]     STREAM     LISTENING     719      -                    unix  2      [ ACC ]     STREAM     LISTENING     721      -                    stemd.DynamicUser                                                               unix  2      [ ACC ]     STREAM     LISTENING     722      -                    nagedOOM                                                                        unix  2      [ ACC ]     STREAM     LISTENING     9567     -                    s                                                                               unix  2      [ ACC ]     STREAM     LISTENING     9575     -                    ut                                                                              unix  2      [ ACC ]     SEQPACKET  LISTENING     9577     -                    unix  2      [ ACC ]     STREAM     LISTENING     9612     -                    ystemd.journal                                                                  admin@i-00bc6276d68bc20cd:~$ netstat -lp | grep 8

paris/i-00bc6276d68bc20cd 01:20

by SadServers 1 year ago

       users:(("sadagent",pid=562,fd=7))                                        LISTEN        0          4096                                *:8080                    users:(("gotty",pid=561,fd=6))                                           LISTEN        0          128                              [::]:22                                                                                               ESTAB         0          0              [::ffff:172.31.39.204]:8080           [:2      users:(("gotty",pid=561,fd=7))                                           admin@i-041eafe1d5ef8ef0a:~$ curl localhost:5000                                Unauthorizedadmin@i-041eafe1d5ef8ef0a:~$ curl -X POST localhost:5000            <!doctype html>                                                                 <html lang=en>                                                                  <title>405 Method Not Allowed</title>                                           <h1>Method Not Allowed</h1>                                                     <p>The method is not allowed for the requested URL.</p>                         admin@i-041eafe1d5ef8ef0a:~$

paris/i-041eafe1d5ef8ef0a 02:59

by SadServers 1 year ago

le="unconfined" name="man_filter" pid=355 comm="apparmor_parser"                [    4.838571] audit: type=1400 audit(1703061908.844:6): apparmor="STATUS" operale="unconfined" name="man_groff" pid=355 comm="apparmor_parser"                                                                                                 [    4.854310] audit: type=1400 audit(1703061908.884:7): apparmor="STATUS" operale="unconfined" name="lsb_release" pid=356 comm="apparmor_parser"               [    4.869891] audit: type=1400 audit(1703061908.892:8): apparmor="STATUS" operale="unconfined" name="tcpdump" pid=357 comm="apparmor_parser"                   [    4.885181] audit: type=1400 audit(1703061908.908:9): apparmor="STATUS" operale="unconfined" name="/usr/sbin/chronyd" pid=358 comm="apparmor_parser"         [   56.344814] IPv6: ADDRCONF(NETDEV_CHANGE): ens5: link becomes ready          [   58.685545] device-mapper: uevent: version 1.0.3                             [   58.690960] device-mapper: ioctl: 4.43.0-ioctl (2020-10-01) initialised: dm-dadmin@i-0934faf01c3d7420c:~$ vim /home/admin/kihei                              root@i-0934faf01c3d7420c:/home/admin# tar czf datafile > /tmp/datafile.tar.gz

kihei/i-0934faf01c3d7420c 04:53

by SadServers 1 year ago

drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-098855604557f17bf:~$ less webserver.py                                  webserver.py: Permission denied                                                 admin@i-098855604557f17bf:~$ sudo less webserver.py                                                                                                             We trust you have received the usual lecture from the local System              Administrator. It usually boils down to these three things:                                                                                                         #1) Respect the privacy of others.                                              #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:

paris/i-098855604557f17bf 03:19

by SadServers 29 days ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 639.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '639.cast',
      document.getElementById('player'),
      { cols: 102, rows: 25 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.