SadServers Joined on September 10, 2023
1566 public recordings by SadServers
We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: Sorry, try again. [sudo] password for admin: Sorry, try again. [sudo] password for admin: sudo: 2 incorrect password attempts admin@i-0e73febb68bb05c6c:~$ ls
paris/i-0e73febb68bb05c6c 01:13
by SadServers./.ansible/tmp ./webserver.py ./.config ./.config/asciinema ./.config/asciinema/install-id ./.profile ./.ssh ./.ssh/authorized_keys ./.bash_logout ./.bashrc ./.bash_history admin@i-0ef18dd77d0e9e972:~$ findl^C admin@i-0ef18dd77d0e9e972:~$ ls agent webserver.py admin@i-0ef18dd77d0e9e972:~$ caat
paris/i-0ef18dd77d0e9e972 01:06
by SadServersudp 0 0 0.0.0.0:68 0.0.0.0:* 0 10132 - udp6 0 0 fe80::897:94ff:fecf:546 :::* 0 10400 - udp6 0 0 ::1:323 :::* 0 11514 - admin@i-05084dbfa031c910e:~$ ss -lptn 'sport = :80' State Recv-Q Send-Q Local Address:Port Peer Address:Port Process admin@i-05084dbfa031c910e:~$
paris/i-05084dbfa031c910e 01:50
by SadServerssudo:x:27:admin admin@i-07aabdeac228c0ec5:~$ su Password: admin@i-07aabdeac228c0ec5:~$ su - Password: admin@i-07aabdeac228c0ec5:~$ sudo ls We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin:
paris/i-07aabdeac228c0ec5 03:15
by SadServers0 LVM physical volume whole disks 0 LVM physical volumes admin@i-02cd5fb1b51af0596:~$ sudo pvcreate /dev/sdb Physical volume "/dev/sdb" successfully created. admin@i-02cd5fb1b51af0596:~$ sudo pvcreate /dev/sdc Physical volume "/dev/sdc" successfully created. admin@i-02cd5fb1b51af0596:~$ sudo vgcreate vg No command with matching syntax recognised. Run 'vgcreate --help' for more in Correct command syntax is: vgcreate VG_new PV ... admin@i-02cd5fb1b51af0596:~$ sudo vgextend vg /dev/sdb Volume group "vg" not found Cannot process volume group vg admin@i-02cd5fb1b51af0596:~$ sudo vgcreate vg /d
kihei/i-02cd5fb1b51af0596 07:09
by SadServersroot 582 0.5 0.3 2872 1680 tty1 Ss+ 08:20 0:00 /sbin/agetty 1 linux root 583 0.0 0.4 4396 2100 ttyS0 Ss+ 08:20 0:00 /sbin/agetty 15200,57600,38400,9600 ttyS0 vt220 root 584 0.0 1.5 13352 7036 ? Ss 08:20 0:00 sshd: /usr/sbf 10-100 startups _chrony 586 0.0 0.7 10852 3680 ? S 08:20 0:00 /usr/sbin/chr_chrony 587 0.0 0.1 10724 552 ? S 08:20 0:00 \_ /usr/sbinroot 590 0.3 3.7 26612 17376 ? Ss 08:20 0:00 /usr/bin/pyth-upgrades/unattended-upgrade-shutdown --wait-for-signal admin@i-05c71fbccf670d19a:~$ ls -l total 8 drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-05c71fbccf670d19a:~$ python3
paris/i-05c71fbccf670d19a 00:29
by SadServers> User-Agent: curl/7.74.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < Server: Werkzeug/2.3.7 Python/3.9.2 < Date: Fri, 26 Jan 2024 08:14:13 GMT < Content-Type: text/html; charset=utf-8 < Content-Length: 12 < Connection: close < * Closing connection 0 Unauthorizedadmin@i-048defd814f7a6edd:~$ ls localhost:5000 ls: cannot access 'localhost:5000': No such file or directory admin@i-048defd814f7a6edd:~$ l
paris/i-048defd814f7a6edd 04:10
by SadServersdrwx------ 5 root root 4096 Jan 25 19:49 root drwxr-xr-x 22 root root 620 Jan 25 19:49 run lrwxrwxrwx 1 root root 8 Sep 28 2021 sbin -> usr/sbin drwxr-xr-x 2 root root 4096 Sep 28 2021 srv dr-xr-xr-x 13 root root 0 Jan 25 19:48 sys drwxrwxrwt 9 root root 4096 Jan 25 19:49 tmp drwxr-xr-x 14 root root 4096 Sep 28 2021 usr drwxr-xr-x 11 root root 4096 Sep 28 2021 var admin@i-0f29e47a857c873d8:/$ ls opt admin@i-0f29e47a857c873d8:/$ ls run agetty.reload cloud-init dbus initramfs network sshblkid credentials dhclient.ens5.pid lock screen sshchrony crond.pid dhclient6.ens5.pid log sendsigs.omit.d sudchrony-dhcp crond.reboot initctl mount shm sysadmin@i-0f29e47a857c873d8:/$ cd run
paris/i-0f29e47a857c873d8 03:51
by SadServers/dev/nvme0n1p1 7.7G 6.1G 1.2G 84% / tmpfs 228M 12K 228M 1% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/nvme0n1p15 124M 5.9M 118M 5% /boot/efi admin@i-028b46998ca7b18c9:~$ du ./ 11140 ./agent 4 ./.ansible/tmp 8 ./.ansible 4 ./data 4 ./.config/procps 8 ./.config/asciinema 16 ./.config 8 ./.ssh 5256232 ./ admin@i-028b46998ca7b18c9:~$ df -ht
kihei/i-028b46998ca7b18c9 01:56
by SadServerssudo: 3 incorrect password attempts admin@i-0ade0a697ccc4e8f9:/$ cd /usr/ bin/ include/ lib32/ libexec/ local/ share/ games/ lib/ lib64/ libx32/ sbin/ src/ admin@i-0ade0a697ccc4e8f9:/$ cd /home/admin/ admin@i-0ade0a697ccc4e8f9:~$ ls agent webserver.py admin@i-0ade0a697ccc4e8f9:~$ ls agent/ check.sh sadagent sadagent.txt admin@i-0ade0a697ccc4e8f9:~$ ls agent/sadagent agent/sadagent admin@i-0ade0a697ccc4e8f9:~$ less agent/sadagent sadagent sadagent.txt admin@i-0ade0a697ccc4e8f9:~$ less agent/sadagent.txt admin@i-0ade0a697ccc4e8f9:~$ less agent/sadagent.txt
paris/i-0ade0a697ccc4e8f9 06:56
by SadServerswrite(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0cf4052df7f7472c2:~$ strace -v /home/admin/kihei > strace.txt^C admin@i-0cf4052df7f7472c2:~$ cat strace.txt admin@i-0cf4052df7f7472c2:~$ strace^C admin@i-0cf4052df7f7472c2:~$ ^C admin@i-0cf4052df7f7472c2:~$
kihei/i-0cf4052df7f7472c2 06:53
by SadServersadmin@i-04c670c6cdcffc314:~$ ls -l total 8 drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-04c670c6cdcffc314:~$ cat webserver.py cat: webserver.py: Permission denied admin@i-04c670c6cdcffc314:~$ ./webse
paris/i-04c670c6cdcffc314 03:49
by SadServersadmin@i-0bf562d53de649339:~/agent$ cd ../ admin@i-0bf562d53de649339:~$ ls -lah total 44K drwxr-xr-x 6 admin admin 4.0K Sep 24 23:20 . drwxr-xr-x 3 root root 4.0K Sep 17 16:44 .. drwx------ 3 admin admin 4.0K Sep 20 15:52 .ansible -rw------- 1 admin admin 186 Jan 18 18:58 .bash_history -rw-r--r-- 1 admin admin 220 Aug 4 2021 .bash_logout -rw-r--r-- 1 admin admin 3.5K Aug 4 2021 .bashrc drwxr-xr-x 3 admin admin 4.0K Sep 20 15:56 .config -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4.0K Sep 17 16:44 .ssh drwxr-xr-x 2 admin root 4.0K Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-0bf562d53de649339:~$ curl -v http://localhos