SadServers Joined on September 10, 2023
1667 public recordings by SadServers
total 11M -rwxr-xr-x 1 admin root 11M Sep 20 15:53 sadagent -rw-r--r-- 1 admin admin 0 Sep 20 15:53 sadagent.txt -rwxr-xr-x 1 admin admin 230 Sep 24 23:20 check.sh admin@i-0cfcaf1d38addd2ba:~/agent$ cat sadagent.txt admin@i-0cfcaf1d38addd2ba:~/agent$ nc localhost 5000 admin@i-0cfcaf1d38addd2ba:~/agent$ GET / bash: GET: command not found admin@i-0cfcaf1d38addd2ba:~/agent$ GET / bash: GET: command not found admin@i-0cfcaf1d38addd2ba:~/agent$ curl --user-agent "password" localhost:5000 Welcome! Password is FDZPmh5AX3oiJtadmin@i-0cfcaf1d38addd2ba:~/agent$ curl --use5000
paris/i-0cfcaf1d38addd2ba 03:22
by SadServersexit admin@i-0170ad5571dd64107:~$ ls agent data datafile kihei admin@i-0170ad5571dd64107:~$ ./kihei panic: exit status 1 goroutine 1 [running]: main.main() ./main.go:64 +0x47d admin@i-0170ad5571dd64107:~$ cd data/ admin@i-0170ad5571dd64107:~/data$ ls admin@i-0170ad5571dd64107:~/data$ cd .. admin@i-0170ad5571dd64107:~$ ls agent data datafile kihei admin@i-0170ad5571dd64107:~$ vi dataf
kihei/i-0170ad5571dd64107 01:45
by SadServersopenat(AT_FDCWD, "/home/admin/webserver.py", O_RDONLY|O_CLOEXEC) = -1 EACCES (Pestat("/home/admin/webserver.py", {st_mode=S_IFREG|0770, st_size=360, ...}) = 0 readlink("/home/admin/webserver.py", 0x7ffcd0b15d90, 4096) = -1 EINVAL (Invalid lstat("/home", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat("/home/admin", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat("/home/admin/webserver.py", {st_mode=S_IFREG|0770, st_size=360, ...}) = 0 openat(AT_FDCWD, "/home/admin/webserver.py", O_RDONLY) = -1 EACCES (Permission dwrite(2, "python3: can't open file '/home/"..., 82python3: can't open file '/homrrno 13] Permission denied ) = 82 rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_r{sa_handler=0x6402c0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f1915bdf1exit_group(2) = ? +++ exited with 2 +++ admin@i-0c85c5a418bb83a0e:/etc/systemd/system$ strace python3 /home/admin/webser
paris/i-0c85c5a418bb83a0e 02:08
by SadServerswrite(2, "main.main", 9main.main) = 9 write(2, "(", 1() = 1 write(2, ")\n", 2) ) = 2 write(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0bc9ddb32a1c704bb:~$ ./kihei -
kihei/i-0bc9ddb32a1c704bb 03:13
by SadServers699 write(2, "\n", 1) = 1 699 write(2, "\n", 1) = 1 699 write(2, "goroutine ", 10) = 10 699 write(2, "1", 1) = 1 699 write(2, " [", 2) = 2 699 write(2, "running", 7) = 7 699 write(2, "]:\n", 3) = 3 700 <... nanosleep resumed>NULL) = 0 700 futex(0x56b498, FUTEX_WAIT_PRIVATE, 0, {tv_sec=60, tv_nsec=0} <unfinished 699 write(2, "main.main", 9) = 9 699 write(2, "(", 1) = 1 699 write(2, ")\n", 2) = 2 699 write(2, "\t", 1) = 1 699 write(2, "./main.go", 9) = 9 Pattern not found (press RETURN)
kihei/i-0ad6fda12be055173 01:16
by SadServers_chrony 594 0.0 0.7 10852 3724 ? S 19:51 0:00 /usr/sbin/chr_chrony 595 0.0 0.1 10724 552 ? S 19:51 0:00 /usr/sbin/chrroot 612 0.0 3.7 26612 17392 ? Ss 19:51 0:00 /usr/bin/pythpgrades/unattended-upgrade-shutdown --wait-for-signal root 684 0.0 0.0 0 0 ? R 19:51 0:00 [kworker/u4:4admin 688 0.0 0.9 6740 4496 pts/0 S<s+ 19:51 0:00 bash -l admin 692 0.0 4.1 98188 19468 pts/0 D<l+ 19:51 0:00 /usr/bin/pyth-t paris/i-0d762abe3a06769e7 -q -i 2 /var/log/cast/i-0d762abe3a06 admin 695 0.0 3.0 24456 14384 pts/0 S<+ 19:51 0:00 /usr/bin/pyth-t paris/i-0d762abe3a06769e7 -q -i 2 /var/log/cast/i-0d762abe3a06 admin 696 0.0 0.1 2480 572 pts/1 S<s 19:51 0:00 sh -c /bin/baadmin 697 0.0 1.0 6952 4808 pts/1 S< 19:51 0:00 /bin/bash root 931 0.0 0.0 0 0 ? I 19:56 0:00 [kworker/1:1]admin 932 0.0 0.6 8648 3164 pts/1 R<+ 19:56 0:00 ps aux admin@i-0d762abe3a06769e7:~$ cu
paris/i-0d762abe3a06769e7 01:18
by SadServersfind: ‘./var/cache/apparmor/c08a2770.0’: Permission denied find: ‘./var/spool/rsyslog’: Permission denied find: ‘./var/spool/cron/crontabs’: Permission denied find: ‘./var/tmp/systemd-private-648cc96b50ab42589914a79776d72300-chrony.serviceed find: ‘./var/tmp/systemd-private-648cc96b50ab42589914a79776d72300-systemd-logindion denied find: ‘./var/log/private’: Permission denied find: ‘./var/log/chrony’: Permission denied find: ‘./var/lib/private’: Permission denied find: ‘./var/lib/apt/lists/partial’: Permission denied find: ‘./var/lib/chrony’: Permission denied admin@i-08c7e6569481c6e82:/$ admin@i-08c7e6569481c6e82:/$ admin@i-08c7e6569481c6e82:/$ cd /usr/share
paris/i-08c7e6569481c6e82 08:40
by SadServersadmin@i-0300b63fb986ef336:~/.local$ cd /var/www bash: cd: /var/www: No such file or directory admin@i-0300b63fb986ef336:~/.local$ ls share admin@i-0300b63fb986ef336:~/.local$ cd .. admin@i-0300b63fb986ef336:~$ ls agent webserver.py admin@i-0300b63fb986ef336:~$ tail webserver.py tail: cannot open 'webserver.py' for reading: Permission denied admin@i-0300b63fb986ef336:~$ tail .webserver.py.swp b0nano 5.4�admini-0300b63fb986ef336webserver.pyadmin@i-0300b63fb986ef336:~$ nanoadmin@i-0300b63fb986ef336:~$ cat .webserver.py.swp b0nano 5.4�admini-0300b63fb986ef336webserver.pyadmin@i-0300b63fb986ef336:~$ cat b0nano 5.4�admini-0300b63fb986ef336webserver.pyadmin@i-0300b63fb986ef336:~$ nanoadmin@i-0300b63fb986ef336:~$ echo "somepassword" > ~/mysolution
paris/i-0300b63fb986ef336 09:12
by SadServersDec 24 18:21:24 i-000c4d79984b70a73 systemd[1]: Started Hammer Time. Dec 24 18:21:25 i-000c4d79984b70a73 systemd[1]: mc.service: Succeeded. Dec 24 18:21:47 i-000c4d79984b70a73 dhclient[463]: XMT: Solicit on ens5, intervaDec 24 18:22:09 i-000c4d79984b70a73 systemd[1]: Started Hammer Time. Dec 24 18:22:10 i-000c4d79984b70a73 systemd[1]: mc.service: Succeeded. Dec 24 18:22:58 i-000c4d79984b70a73 dhclient[463]: XMT: Solicit on ens5, intervaDec 24 18:23:18 i-000c4d79984b70a73 python3[575]: 127.0.0.1 - - [24/Dec/2023 18:admin@i-000c4d79984b70a73:/var/log$ ls alternatives.log auth.log btmp chrony daemon.log urnal kern.log.2.gz messages.1 private syslog.1 user.log alternatives.log.1 auth.log.1 btmp.1 cloud-init-output.log daemon.log.1 rn.log lastlog messages.2.gz runit syslog.2.gz user.log.1apt auth.log.2.gz cast cloud-init.log daemon.log.2.grn.log.1 messages minio.log syslog unattended-upgrades user.log.2admin@i-000c4d79984b70a73:/var/log$ ls
paris/i-000c4d79984b70a73 03:03
by SadServersdirectory] [-T timeout] [-u user] file ... admin@i-03ad1e8774362cd89:~$ cd .config admin@i-03ad1e8774362cd89:~/.config$ ls asciinema admin@i-03ad1e8774362cd89:~/.config$ cd asciinema/ admin@i-03ad1e8774362cd89:~/.config/asciinema$ ls install-id admin@i-03ad1e8774362cd89:~/.config/asciinema$ pwd /home/admin/.config/asciinema admin@i-03ad1e8774362cd89:~/.config/asciinema$ whoami admin admin@i-03ad1e8774362cd89:~/.config/asciinema$ ls install-id admin@i-03ad1e8774362cd89:~/.config/asciinema$ cat install-id 0e2d35c4-a944-417f-bd3a-677c2f875b37admin@i-03ad1e8774362cd89:~/.config/asciinem
paris/i-03ad1e8774362cd89 01:36
by SadServersUnauthorizedadmin@i-0b6bfc66c49d4e550:~$ curl -v localhost:5000 curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information admin@i-0b6bfc66c49d4e550:~$ curl -v localhost * Trying 127.0.0.1:80... * connect to 127.0.0.1 port 80 failed: Connection refused * Failed to connect to localhost port 80: Connection refused * Closing connection 0 curl: (7) Failed to connect to localhost port 80: Connection refused admin@i-0b6bfc66c49d4e550:~$ cur
paris/i-0b6bfc66c49d4e550 04:55
by SadServersdrwxr-xr-x 3 admin admin 4096 Sep 20 15:56 .config drwxr-xr-x 3 admin admin 4096 Dec 24 11:10 .local -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4096 Sep 17 16:44 .ssh -rw-r--r-- 1 admin admin 1024 Dec 24 11:10 .webserver.py.swp drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-042a55932de644732:~$ su - Password: su: Authentication failure admin@i-042a55932de644732:~$ su - Password: su: Authentication failure admin@i-042a55932de644732:~$ ^C admin@i-042a55932de644732:~$ curl