command-line-murders/i-0c09c06cc8d0ee826
by SadServersMore by SadServers
root 594 0.0 3.7 26612 17396 ? Ss 17:08 0:00 /usr/bin/pyth_chrony 596 0.0 0.7 10852 3604 ? S 17:08 0:00 /usr/sbin/chr_chrony 598 0.0 0.1 10724 548 ? S 17:08 0:00 /usr/sbin/chrroot 680 0.0 0.0 0 0 ? I 17:08 0:00 [kworker/1:4-admin 683 0.0 0.9 6740 4460 pts/0 S<s+ 17:09 0:00 bash -l admin 687 0.1 4.1 98188 19320 pts/0 R<l+ 17:09 0:00 /usr/bin/pythadmin 690 0.0 3.0 24456 14420 pts/0 R<+ 17:09 0:00 /usr/bin/pythadmin 691 0.0 0.1 2480 500 pts/1 S<s 17:09 0:00 sh -c /bin/baadmin 692 0.0 1.0 6952 4756 pts/1 S< 17:09 0:00 /bin/bash admin 793 0.0 0.6 8648 3244 pts/1 R<+ 17:11 0:00 ps aux admin@i-01ae2ccb494fc3a25:~$ nc -zv 5000 nc: missing port number admin@i-01ae2ccb494fc3a25:~$ nc -zv localhost 5000 Connection to localhost (127.0.0.1) 5000 port [tcp/*] succeeded! admin@i-01ae2ccb494fc3a25:~$ ps aux
paris/i-01ae2ccb494fc3a25 02:35
by SadServersagent webserver.py admin@i-04dca6e1ae246a837:~$ curl localhost:5000 Unauthorizedadmin@i-04dca6e1ae246a837:~$ history | grep sudo 5 2025-03-28T01:12:44 sudo cat webserver.py 8 2025-03-28T01:14:06 history | grep sudo admin@i-04dca6e1ae246a837:~$ sudo udo grep -r "password" /etc/ We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin:
paris/i-04dca6e1ae246a837 01:41
by SadServers--help Show this help -H --halt Halt the machine -P --poweroff Power-off the machine -r --reboot Reboot the machine -h Equivalent to --poweroff, overridden by --halt -k Don't halt/power-off/reboot, just send warnings --no-wall Don't send wall message before halt/power-off/reboot -c Cancel a pending shutdown See the shutdown(8) man page for details. admin@i-01318c13a92295c75:/etc/systemd/system$ sudo shutdown -^C admin@i-01318c13a92295c75:/etc/systemd/system$ cd admin@i-01318c13a92295c75:~$ ls a.py agent admin@i-01318c13a92295c75:~$