command-line-murders/i-06053d0a2ec05eb29

by SadServers 2 years ago

GNU/Linux ◆ xterm-256color ◆ bash 897 views

More by SadServers

Proto Recv-Q Send-Q Local Address           Foreign Address         State       tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      tcp6       0      0 :::6767                 :::*                    LISTEN      tcp6       0      0 :::8080                 :::*                    LISTEN      tcp6       0      0 :::22                   :::*                    LISTEN      udp        0      0 127.0.0.1:323           0.0.0.0:*                           udp        0      0 0.0.0.0:68              0.0.0.0:*                           udp6       0      0 fe80::887:7cff:fef3:546 :::*                                udp6       0      0 ::1:323                 :::*                                admin@i-08aea6778f2336813:~$ ls                                                 agent  webserver.py                                                             admin@i-08aea6778f2336813:~$ nc localhost 5000                                  GET /

paris/i-08aea6778f2336813 01:30

by SadServers 11 months ago

root         593  0.0  1.4  13488  6708 ?        Ss   11:53   0:00 /lib/systemd/_chrony      597  0.0  0.7  10856  3636 ?        S    11:53   0:00 /usr/sbin/chrroot         598  0.0  1.5  13348  7144 ?        Ss   11:53   0:00 sshd: /usr/sbroot         599  0.0  0.3   2872  1684 tty1     Ss+  11:53   0:00 /sbin/agetty root         600  0.0  0.4   4396  2100 ttyS0    Ss+  11:53   0:00 /sbin/agetty _chrony      601  0.0  0.1  10724   548 ?        S    11:53   0:00 /usr/sbin/chrroot         622  0.0  3.7  26612 17332 ?        Ss   11:53   0:00 /usr/bin/pythroot         677  0.0  0.0      0     0 ?        I    11:53   0:00 [kworker/1:4-admin        789  0.0  0.7   5920  3552 pts/0    S<s+ 11:57   0:00 bash -l      admin        791  0.7  4.1  98188 19356 pts/0    R<l+ 11:57   0:00 /usr/bin/pythadmin        794  0.0  3.1  24456 14504 pts/0    S<+  11:57   0:00 /usr/bin/pythadmin        795  0.0  0.1   2480   508 pts/1    S<s  11:57   0:00 sh -c /bin/baadmin        796  0.0  0.9   6820  4532 pts/1    S<   11:57   0:00 /bin/bash    admin        799  0.0  0.6   8648  3180 pts/1    R<+  11:57   0:00 ps aux       admin@i-0f090ab9a046ad6f3:~$ ps aux | gtr

kihei/i-0f090ab9a046ad6f3 00:16

by SadServers 2 years ago

-rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rw------- 1 admin admin  359 Feb  4 03:35 .bash_history                        admin@i-0f4b72b9b2118ab71:~$ whoami                                             admin                                                                           admin@i-0f4b72b9b2118ab71:~$ chown admin webserver.py                           chown: changing ownership of 'webserver.py': Operation not permitted            admin@i-0f4b72b9b2118ab71:~$ less .bash_history                                 admin@i-0f4b72b9b2118ab71:~$ cd

paris/i-0f4b72b9b2118ab71 02:29

by SadServers 9 months ago

nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin                      _apt:x:100:65534::/nonexistent:/usr/sbin/nologin                                messagebus:x:101:101::/nonexistent:/usr/sbin/nologin                            uuidd:x:102:102::/run/uuidd:/usr/sbin/nologin                                   tcpdump:x:103:103::/nonexistent:/usr/sbin/nologin                               _chrony:x:104:104:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin            systemd-network:x:105:106:systemd Network Management,,,:/run/systemd:/usr/sbin/nsystemd-resolve:x:106:107:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin    sshd:x:107:65534::/run/sshd:/usr/sbin/nologin                                   systemd-timesync:x:999:999:systemd Time Synchronization:/:/usr/sbin/nologin     systemd-coredump:x:998:998:systemd Core Dumper:/:/usr/sbin/nologin              admin:x:1000:1000:Debian:/home/admin:/bin/bash                                  admin@i-0033d221d79134049:~$ cat ~.profile                                      cat: '~.profile': No such file or directory                                     admin@i-0033d221d79134049:~$

paris/i-0033d221d79134049 04:02

by SadServers 1 year ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 844.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '844.cast',
      document.getElementById('player'),
      { cols: 203, rows: 54 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.