command-line-murders/i-05042086d1f94d701
by SadServersMore by SadServers
admin@i-0292f4c30a492c952:/var$ ls backups cache lib local lock log mail opt run spool tmp admin@i-0292f4c30a492c952:/var$ cd log admin@i-0292f4c30a492c952:/var/log$ ls alternatives.log auth.log.2.gz cloud-init-output.log debug faillog lastlog private unattended-upgrades alternatives.log.1 btmp cloud-init.log debug.1 journal messages runit user.log apt btmp.1 daemon.log debug.2.gz kern.log messages.1 syslog user.log.1 auth.log cast daemon.log.1 dpkg.log kern.log.1 messages.2.gz syslog.1 user.log.2.gz auth.log.1 chrony daemon.log.2.gz dpkg.log.1 kern.log.2.gz minio.log syslog.2.gz wtmp admin@i-0292f4c30a492c952:/var/log$ less
paris/i-0292f4c30a492c952 03:56
by SadServerswrite(2, "main.main", 9main.main) = 9 write(2, "(", 1() = 1 write(2, ")\n", 2) ) = 2 write(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0da253258d3d5b5e6:~$ touch /home/admin/data/newdatafile /usr/local/sbin/
kihei/i-0da253258d3d5b5e6 01:39
by SadServerslinux-gnu/libpthread-2.31.so lsof 769 admin mem REG 259,1 1868linux-gnu/libdl-2.31.so lsof 769 admin mem REG 259,1 61712linux-gnu/libpcre2-8.so.0.10.1 lsof 769 admin mem REG 259,1 190153linux-gnu/libc-2.31.so lsof 769 admin mem REG 259,1 16612linux-gnu/libselinux.so.1 lsof 769 admin mem REG 259,1 17792linux-gnu/ld-2.31.so lsof 769 admin 4r FIFO 0,11 0tlsof 769 admin 7w FIFO 0,11 0tadmin@i-059fb7e158508f014:~$ lsof |grep webserver admin@i-059fb7e158508f014:~$ lsof |grep .pyu
paris/i-059fb7e158508f014 01:33
by SadServers(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::6767 :::* LISTEN tcp6 0 0 :::8080 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 127.0.0.1:323 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp6 0 0 fe80::861:81ff:feef:546 :::* udp6 0 0 ::1:323 :::* admin@i-08509f86769b7ad0f:~$ admin@i-08509f86769b7ad0f:~$ n