command-line-murders/i-0529894a1acd35ba0
by SadServersMore by SadServers
-upgrades/unattended-upgrade-shutdown -- root 685 0.0 0.0 0 0 ? I 04:20 0:00 [kworker/1:4-admin 687 0.0 0.9 6740 4512 pts/0 S<s+ 04:20 0:00 bash -l admin 691 0.5 4.1 98188 19348 pts/0 S<l+ 04:20 0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 / admin 694 0.0 3.0 24456 14436 pts/0 S<+ 04:20 0:00 /usr/bin/pythc -t paris/i-0cea73f15d68f034f -q -i 2 / admin 695 0.0 0.1 2480 572 pts/1 S<s 04:20 0:00 sh -c /bin/baadmin 696 0.0 1.0 6952 4724 pts/1 S< 04:20 0:00 /bin/bash admin 709 0.0 0.6 8648 3240 pts/1 R<+ 04:20 0:00 ps aux admin@i-0cea73f15d68f034f:~$ ps aux|grep -i web root 574 0.5 6.0 107132 28320 ? Ss 04:20 0:00 /usr/bin/pyth.py admin 712 0.0 0.1 5132 640 pts/1 S<+ 04:20 0:00 grep -i web admin@i-0cea73f15d68f034f:~$
paris/i-0cea73f15d68f034f 00:54
by SadServersadmin 680 0.1 4.1 98188 19460 pts/0 R<l+ 04:47 0:00 /usr/bin/pythc -t paris/i-02e1488c6b3b7615d -q -i 2 /var/log/cast/i-02e148 admin 683 0.0 3.1 24456 14808 pts/0 S<+ 04:47 0:00 /usr/bin/pythc -t paris/i-02e1488c6b3b7615d -q -i 2 /var/log/cast/i-02e148 admin 684 0.0 0.1 2480 512 pts/1 S<s 04:47 0:00 sh -c /bin/baadmin 685 0.0 1.0 7216 5060 pts/1 S< 04:47 0:00 /bin/bash admin 877 0.0 0.7 8648 3284 pts/1 R<+ 04:50 0:00 ps aux admin@i-02e1488c6b3b7615d:~$ pwd /home/admin admin@i-02e1488c6b3b7615d:~$ ls agent webserver.py admin@i-02e1488c6b3b7615d:~$ vim webserver.py admin@i-02e1488c6b3b7615d:~$ cat webserver.py cat: webserver.py: Permission denied admin@i-02e1488c6b3b7615d:~$
paris/i-02e1488c6b3b7615d 04:27
by SadServersGET / GET / GET / ^C admin@i-07e2fdd31fb619fad:~$ curl --user-agent "whatever" localhost:5000 Welcome! Password is FDZPmh5Acurl -s http://httpbin.org/user-agentrl -s http://h^[[B^[[B^C admin@i-07e2fdd31fb619fad:~$ curl -s http://httpbin.org/user-agent ^C admin@i-07e2fdd31fb619fad:~$ curl -s http://httpbin.org/user-agent ls ; ^C admin@i-07e2fdd31fb619fad:~$ curl -s http://httpbin.org/user-agen