command-line-murders/i-04b39868f097d5d26
by SadServersMore by SadServers
_chrony 594 0.0 0.1 10724 548 ? S 08:12 0:00 \_ /usr/sbinroot 592 0.0 0.3 2872 1628 tty1 Ss+ 08:12 0:00 /sbin/agetty y1 linux root 593 0.0 0.4 4396 2036 ttyS0 Ss+ 08:12 0:00 /sbin/agetty 115200,57600,38400,9600 ttyS0 root 609 0.0 3.7 26612 17396 ? Ss 08:12 0:00 /usr/bin/pythd-upgrades/unattended-upgrade admin@i-02ca60cf550cfe05f:/opt$ /home/admin/webserver.py bash: /home/admin/webserver.py: Permission denied admin@i-02ca60cf550cfe05f:/opt$ cd admin@i-02ca60cf550cfe05f:~$ cp webserver.py df.py cp: cannot open 'webserver.py' for reading: Permission denied admin@i-02ca60cf550cfe05f:~$ crontab -l no crontab for admin admin@i-02ca60cf550cfe05f:~$ cd /va
paris/i-02ca60cf550cfe05f 03:34
by SadServersadmin@i-0dc1e7b02108a472f:~$ curl localhost:5000 Unauthorizedadmin@i-0dc1e7b02108a472f:~$ curl localhost:5000 GET / Unauthorizedcurl: (6) Could not resolve host: GET curl: (3) URL using bad/illegal format or missing URL admin@i-0dc1e7b02108a472f:~$ admin@i-0dc1e7b02108a472f:~$ curl localhost:5000 GET / Unauthorizedcurl: (6) Could not resolve host: GET curl: (3) URL using bad/illegal format or missing URL admin@i-0dc1e7b02108a472f:~$ admin@i-0dc1e7b02108a472f:~$ curl --user-agent "whatever" localhost:5000 Welcome! Password is FDZPmh5AX3oiJtadmin@i-0dc1e7b02108a472f:~$ cd /home/
paris/i-0dc1e7b02108a472f 02:06
by SadServersstrings: webserver.py: Permission denied admin@i-0eed1c77d78127958:~$ ls -al total 44 drwxr-xr-x 6 admin admin 4096 Sep 24 2023 . drwxr-xr-x 3 root root 4096 Sep 17 2023 .. drwx------ 3 admin admin 4096 Sep 20 2023 .ansible -rw------- 1 admin admin 530 Feb 26 17:43 .bash_history -rw-r--r-- 1 admin admin 220 Aug 4 2021 .bash_logout -rw-r--r-- 1 admin admin 3526 Aug 4 2021 .bashrc drwxr-xr-x 3 admin admin 4096 Sep 20 2023 .config -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4096 Sep 17 2023 .ssh drwxr-xr-x 2 admin root 4096 Sep 24 2023 agent -rwxrwx--- 1 root root 360 Sep 24 2023 webserver.py admin@i-0eed1c77d78127958:~$
paris/i-0eed1c77d78127958 02:26
by SadServerspop3 POP3 protocol options post HTTP Post specific options proxy All options related to proxies scp SCP protocol options sftp SFTP protocol options smtp SMTP protocol options ssh SSH protocol options telnet TELNET protocol options tftp TFTP protocol options tls All TLS/SSL related options upload All options for uploads verbose Options related to any kind of command line output of curl admin@i-0e66fd296bbb878b4:~$ curl --header 'Authorization: Bearer token' localhoUnauthorizedadmin@i-0e66fd296bbb878b4:~$ curl --header 'Authorization: root' locUnauthorizedadmin@i-0e66fd296bbb878b4:~$ curl --header 'Authorization: Broot' lo