SadServers Joined on September 10, 2023

admin@i-014ab23d1595bfc10:~$ curl localhost:5000                                Unauthorizedadmin@i-014ab23d1595bfc10:~$ telnet localhost 5000                  Trying 127.0.0.1...                                                             Connected to localhost.                                                         Escape character is '^]'.                                                       /G                                                                              

local-fs-pre.target                    static          -                        local-fs.target                        static          -                        multi-user.target                      static          -                        network-online.target                  static          -                        admin@i-046eb98bd90d24c4a:~$ sudo -l                                            Matching Defaults entries for admin on i-046eb98bd90d24c4a:                         env_reset, mail_badpass,                                                        secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bi                                                                                User admin may run the following commands on i-046eb98bd90d24c4a:                   (ALL : ALL) ALL                                                                 (ALL) NOPASSWD: /sbin/shutdown                                              admin@i-046eb98bd90d24c4a:~$ sudo /sbin/shutdown                                Shutdown scheduled for Fri 2024-02-23 19:06:27 UTC, use 'shutdown -c' to cancel.admin@i-046eb98bd90d24c4a:~$                                                    

-rwxrwx--- 1 root  root   360 Sep 24 23:20 webserver.py                         admin@i-093333d0150041494:~$ cd ..                                              admin@i-093333d0150041494:/home$ find / -perm -4000 -type f 2>/dev/null         /usr/lib/openssh/ssh-keysign                                                    /usr/lib/dbus-1.0/dbus-daemon-launch-helper                                     /usr/bin/chsh                                                                   /usr/bin/umount                                                                 /usr/bin/mount                                                                  /usr/bin/passwd                                                                 /usr/bin/newgrp                                                                 /usr/bin/sudo                                                                   /usr/bin/chfn                                                                   /usr/bin/su                                                                     /usr/bin/gpasswd                                                                admin@i-093333d0150041494:/home$                                                

  Error during parsing of command line.                                         root@i-0e075403bb88088b0:/home/admin/data# lvcreate -l100%FREE Data               Logical volume "lvol0" created.                                               root@i-0e075403bb88088b0:/home/admin/data# lsblk                                NAME         MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT                                nvme1n1      259:0    0    1G  0 disk                                           └─Data-lvol0 254:0    0 1020M  0 lvm                                            nvme0n1      259:1    0    8G  0 disk                                           ├─nvme0n1p1  259:3    0  7.9G  0 part /                                         ├─nvme0n1p14 259:4    0    3M  0 part                                           └─nvme0n1p15 259:5    0  124M  0 part /boot/efi                                 nvme2n1      259:2    0    1G  0 disk                                           root@i-0e075403bb88088b0:/home/admin/data# pvcreate /dev/nvme2n1                  Physical volume "/dev/nvme2n1" successfully created.                          root@i-0e075403bb88088b0:/home/admin/data# history                              

  systemd-udev-trigger.service                                             loade  systemd-udevd.service                                                    loade  systemd-update-utmp.service                                              loade  systemd-user-sessions.service                                            loade  unattended-upgrades.service                                              loade  -.slice                                                                  loade  system-getty.slice                                                       loade  system-modprobe.slice                                                    loade  system-serial\x2dgetty.slice                                             loade  system-systemd\x2dgrowfs.slice                                           loade  system.slice                                                             loade  user.slice                                                               loade  dbus.socket                                                              loade  dm-event.socket                                                          loadeadmin@i-0c7e605764f92e722:/$ s                                                  

tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-0147dce3f78023c22:~$ ./                                                 .ansible/ .config/  .ssh/     agent/    data/     kihei                         admin@i-0147dce3f78023c22:~$ ./kihei                                            panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0147dce3f78023c22:~$ vi kihei                                           admin@i-0147dce3f78023c22:~$ file kihei                                         kihei: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Gc7e4I/nM83nW4qxDvf9asNaf7E/5u1Qa6jnFvq2KL4kV5G1/6IwNz7tVbey9uC58oKsR, not strippadmin@i-0147dce3f78023c22:~$ kihe                                               

du: cannot access 'proc/939/fdinfo/3': No such file or directory                0       proc                                                                    64K     root                                                                    368K    run                                                                     0       sbin                                                                    4.0K    srv                                                                     0       sys                                                                     40K     tmp                                                                     755M    usr                                                                     246M    var                                                                     root@i-09431062e41bb2400:/# cdc /var/                                           bash: cdc: command not found                                                    root@i-09431062e41bb2400:/# cd /usr/                                            root@i-09431062e41bb2400:/usr# du -sh * |sort -h                                                                                                                

'size', 'used', 'avail', 'pcent', 'file' and 'target' (see info page).                                                                                          GNU coreutils online help: <https://www.gnu.org/software/coreutils/>            Report any translation bugs to <https://translationproject.org/team/>           Full documentation <https://www.gnu.org/software/coreutils/df>                  or available locally via: info '(coreutils) df invocation'                      admin@i-01931e2a359d62d51:~$ df -l                                              Filesystem      1K-blocks    Used Available Use% Mounted on                     udev               221828       0    221828   0% /dev                           tmpfs               46636     368     46268   1% /run                           /dev/nvme0n1p1    8026128 6354608   1242264  84% /                              tmpfs              233168      12    233156   1% /dev/shm                       tmpfs                5120       0      5120   0% /run/lock                      /dev/nvme0n1p15    126678    6016    120662   5% /boot/efi                      admin@i-01931e2a359d62d51:~$ df -lh                                             

admin@i-09691d997134773d9:~$ ls -larth                                          total 48K                                                                       -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             -rw-r--r-- 1 admin admin 3.5K Aug  4  2021 .bashrc                              -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         drwxr-xr-x 3 root  root  4.0K Sep 17 16:44 ..                                   drwx------ 2 admin admin 4.0K Sep 17 16:44 .ssh                                 drwx------ 3 admin admin 4.0K Sep 20 15:52 .ansible                             drwxr-xr-x 3 admin admin 4.0K Sep 20 15:56 .config                              -rwxrwx--- 1 root  root   360 Sep 24 23:20 webserver.py                         drwxr-xr-x 2 admin root  4.0K Sep 24 23:20 agent                                -rw------- 1 admin admin  684 Feb 22 16:13 .viminfo                             drwxr-xr-x 6 admin admin 4.0K Feb 22 16:13 .                                    -rw------- 1 admin admin  666 Feb 22 16:14 .bash_history                        admin@i-09691d997134773d9:~$ sudo cat webserver.py                              

autogroup           cwd                 map_files/          oom_adj             schedstat           syscall                           auxv                environ             maps                oom_score           sessionid           task/                             cgroup              exe                 mem                 oom_score_adj       setgroups           timens_offsets                    clear_refs          fd/                 mountinfo           pagemap             smaps               timers                            cmdline             fdinfo/             mounts              patch_state         smaps_rollup        timerslack_ns                     comm                gid_map             mountstats          personality         stack               uid_map                           coredump_filter     io                  net/                projid_map          stat                wchan                             admin@i-0ef8902f3e527111d:~$ cat /proc/569/en                      

> GET / HTTP/1.1                                                                > Host: localhost:5000                                                          > User-Agent: curl/7.74.0                                                       > Accept: */*                                                                   >                                                                               * Mark bundle as not supporting multiuse                                        < HTTP/1.1 200 OK                                                               < Server: Werkzeug/2.3.7 Python/3.9.2                                           < Date: Thu, 22 Feb 2024 07:21:02 GMT                                           < Content-Type: text/html; charset=utf-8                                        < Content-Length: 12                                                            < Connection: close                                                             <                                                                               * Closing connection 0                                                          Unauthorizedadmin@i-050cad83ab4faeb81:~$ curl -v localhost:5000                 

admin@i-0fa82171f11fb6464:~$ whereis mc                                         mc: /usr/bin/mc                                                                 admin@i-0fa82171f11fb6464:~$ cd /usr/local/                                     bin/     etc/     games/   include/ lib/     man/     sbin/    share/   src/    admin@i-0fa82171f11fb6464:~$ cd /usr/local/bin/                                 admin@i-0fa82171f11fb6464:/usr/local/bin$ ls                                    flask                                                                           admin@i-0fa82171f11fb6464:/usr/local/bin$ ls -ah                                .  ..  flask                                                                    admin@i-0fa82171f11fb6464:/usr/local/bin$ ls -lah                               total 12K                                                                       drwxr-xr-x  2 root root 4.0K Sep 24 23:20 .                                     drwxr-xr-x 10 root root 4.0K Sep 20 15:53 ..                                    -rwxr-xr-x  1 root root  208 Sep 24 23:20 flask                                 admin@i-0fa82171f11fb6464:/usr/local/bin$ where ping                            

/cpu.CacheLineSizeinternal/cpu.X86internal/cpu.optionsinternal/cpu.maxExtendedFunittaskpath.ErrBadPatterngo.itab.*flag.boolValue,flag.Valuego.itab.*os.File,io.WmError,errorgo.itab.*reflect.rtype,reflect.Typego.itab.*flag.durationValue,flag.64Value,flag.Valuego.itab.*flag.intValue,flag.Valuego.itab.*flag.int64Value,flagngValue,flag.Valuego.itab.*flag.uintValue,flag.Valuego.itab.*flag.uint64Value,fl.Builder,io.Writergo.itab.*errors.errorString,errorgo.itab.*fmt.wrapError,errorggo.itab.*os.File,io.Readergo.itab.syscall.Signal,os.Signalgo.itab.*io/fs.PathErrallError,errorgo.itab.syscall.Errno,errorgo.itab.os.onlyWriter,io.Writergo.itab.nfogo.itab.*io.LimitedReader,io.Readergo.itab.*os.File,io.Closergo.itab.*os/exec*os/exec.Error,errorgo.itab.*bufio.Reader,io.Readergo.itab.os/user.UnknownUserIdrnal/reflectlite.rtype,internal/reflectlite.Typego.itab.time.fileSizeError,errort.SortedMap,sort.Interfacego.itab.runtime.errorString,error_cgo_init_cgo_thread__init_done_cgo_callers_cgo_yield_cgo_mmap_cgo_munmap_cgo_sigactionruntime.mainPCeadlineExceededError,errorgo.itab.internal/poll.errNetClosing,errorruntime.defaudVersion.strruntime.modinfo.strtype.*runtime.textsectionmapadmin@i-062042b0fb20a

admin@i-02bc979dae0ebd440:~$ curl --user-agent "whatever" localhost:5000        Welcome! Password is FDZPmh5AX3oiJtadmin@i-02bc979dae0ebd440:~$ echo "