Public recordings
Sort by
unix 3 [ ] STREAM CONNECTED 11366 unix 3 [ ] STREAM CONNECTED 11352 unix 3 [ ] STREAM CONNECTED 11353 /run/systemd/journal/unix 3 [ ] STREAM CONNECTED 11367 /run/dbus/system_bus_admin@i-04e9b3dc5974733a8:~$ netstat -nptl (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::6767 :::* LISTEN tcp6 0 0 :::8080 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN admin@i-04e9b3dc5974733a8:~$ telnet
paris/i-04e9b3dc5974733a8 01:25
by SadServersdrwxr-xr-x 3 root root 4096 Sep 17 16:44 .. drwx------ 3 admin admin 4096 Sep 20 15:52 .ansible -rw------- 1 admin admin 57 Sep 20 15:58 .bash_history -rw-r--r-- 1 admin admin 220 Aug 4 2021 .bash_logout -rw-r--r-- 1 admin admin 3526 Aug 4 2021 .bashrc drwxr-xr-x 3 admin admin 4096 Sep 20 15:56 .config -rw-r--r-- 1 admin admin 807 Aug 4 2021 .profile drwx------ 2 admin admin 4096 Sep 17 16:44 .ssh drwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-057a22a824cc9eb82:~$ pwd /home/admin admin@i-057a22a824cc9eb82:~$ curl localhost:5000 Unauthorizedadmin@i-057a22a824cc9eb82:~$ admin@i-057a22a824cc9eb82:~$ netstat
paris/i-057a22a824cc9eb82 00:49
by SadServersdrwxr-xr-x 2 admin root 4096 Sep 24 23:20 agent -rwxrwx--- 1 root root 360 Sep 24 23:20 webserver.py admin@i-0607715dd43c3c574:~$ sudo vi webserver.py We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: sudo: a password is required admin@i-0607715dd43c3c574:~$ curl localhost:5000 Unauthorizedadmin@i-0607715dd43c3c574:~$ curl localhost:5000
paris/i-0607715dd43c3c574 01:22
by SadServerscat: /etc/sudoers: Permission denied admin@i-092d4cf55fa0651c2:~$ sudo python3 webserver.py We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: sudo: a password is required admin@i-092d4cf55fa0651c2:~$ ls agent webserver.py admin@i-092d4cf55fa0651c2:~$ ps aux |grep webserver
paris/i-092d4cf55fa0651c2 04:06
by SadServersadmin@i-04cb2fba7b744d25a:~$ ls agent webserver.py admin@i-04cb2fba7b744d25a:~$ cd .. admin@i-04cb2fba7b744d25a:/home$ ls admin admin@i-04cb2fba7b744d25a:/home$ cd admin admin@i-04cb2fba7b744d25a:~$ ls agent webserver.py admin@i-04cb2fba7b744d25a:~$ su -u admin Try 'su --help' for more information. admin@i-04cb2fba7b744d25a:~$ su -i admin su: invalid option -- 'i' Try 'su --help' for more information. admin@i-04cb2fba7b744d25a:~$ su - admin
paris/i-04cb2fba7b744d25a 03:03
by SadServers42108d7968f7038 (ED25519) Jan 12 17:27:40 i-0842108d7968f7038 ec2: 3072 SHA256:hj5IRhHgQNWK1wNwOHkxby3pdb0842108d7968f7038 (RSA) Jan 12 17:27:40 i-0842108d7968f7038 ec2: -----END SSH HOST KEY FINGERPRINTS-----Jan 12 17:27:40 i-0842108d7968f7038 ec2: #######################################admin@i-0842108d7968f7038:~$ curl localhost curl: (7) Failed to connect to localhost port 80: Connection refused admin@i-0842108d7968f7038:~$ curl localhost:3000 curl: (7) Failed to connect to localhost port 3000: Connection refused admin@i-0842108d7968f7038:~$ curl localhost:5000 Unauthorizedadmin@i-0842108d7968f7038:~$ lsof -i -P -n | grep LISTEN gotty 558 admin 6u IPv6 10589 0t0 TCP *:8080 (LISTEN) sadagent 559 admin 7u IPv6 11492 0t0 TCP *:6767 (LISTEN) admin@i-0842108d7968f7038:~$ less /etc/services admin@i-0842108d7968f7038:~$ lsof -i:
paris/i-0842108d7968f7038 03:30
by SadServersroot 594 0.0 3.7 26612 17396 ? Ss 17:08 0:00 /usr/bin/pyth_chrony 596 0.0 0.7 10852 3604 ? S 17:08 0:00 /usr/sbin/chr_chrony 598 0.0 0.1 10724 548 ? S 17:08 0:00 /usr/sbin/chrroot 680 0.0 0.0 0 0 ? I 17:08 0:00 [kworker/1:4-admin 683 0.0 0.9 6740 4460 pts/0 S<s+ 17:09 0:00 bash -l admin 687 0.1 4.1 98188 19320 pts/0 R<l+ 17:09 0:00 /usr/bin/pythadmin 690 0.0 3.0 24456 14420 pts/0 R<+ 17:09 0:00 /usr/bin/pythadmin 691 0.0 0.1 2480 500 pts/1 S<s 17:09 0:00 sh -c /bin/baadmin 692 0.0 1.0 6952 4756 pts/1 S< 17:09 0:00 /bin/bash admin 793 0.0 0.6 8648 3244 pts/1 R<+ 17:11 0:00 ps aux admin@i-01ae2ccb494fc3a25:~$ nc -zv 5000 nc: missing port number admin@i-01ae2ccb494fc3a25:~$ nc -zv localhost 5000 Connection to localhost (127.0.0.1) 5000 port [tcp/*] succeeded! admin@i-01ae2ccb494fc3a25:~$ ps aux
paris/i-01ae2ccb494fc3a25 02:35
by SadServersadmin@i-05115302e0a8d85df:~$ ls agent data datafile kihei admin@i-05115302e0a8d85df:~$ ls -l total 5245048 drwxr-xr-x 2 admin root 4096 Sep 17 17:28 agent drwxr-xr-x 2 admin root 4096 Sep 17 17:28 data -rw-r--r-- 1 root root 5368709120 Sep 17 17:28 datafile -rwxr-xr-x 1 admin root 2207109 Sep 17 17:28 kihei admin@i-05115302e0a8d85df:~$
kihei/i-05115302e0a8d85df 00:17
by SadServersagent webserver.py admin@i-0360c0d51a2cc6a1e:~$ ss -lnt4p State Recv-Q Send-Q Local Address:Port Peer AddreLISTEN 0 128 127.0.0.1:5000 0.0.0LISTEN 0 128 0.0.0.0:22 0.0.0admin@i-0360c0d51a2cc6a1e:~$ curl localhost:5000 Unauthorizedadmin@i-0360c0d51a2cc6a1e:~$ ls agent webserver.py admin@i-0360c0d51a2cc6a1e:~$ string webserver.py bash: string: command not found admin@i-0360c0d51a2cc6a1e:~$ python webserver.py bash: python: command not found admin@i-0360c0d51a2cc6a1e:~$ python3 webserver.py python3: can't open file '/home/admin/webserver.py': [Errno 13] Permission denieadmin@i-0360c0d51a2cc6a1e:~$ c
paris/i-0360c0d51a2cc6a1e 03:45
by SadServersPhysical volume "/dev/nvme1n1" successfully created. admin@i-0a436e109ac3ff9d3:~$ sudo pvcreate /dev/nvme1n1 Physical volume "/dev/nvme1n1" successfully created. admin@i-0a436e109ac3ff9d3:~$ sudo pvcreate /dev/nvme1n2 No device found for /dev/nvme1n2. admin@i-0a436e109ac3ff9d3:~$ sudo pvcreate /dev/nvme1^C admin@i-0a436e109ac3ff9d3:~$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme0n1 259:0 0 8G 0 disk ├─nvme0n1p1 259:3 0 7.9G 0 part / ├─nvme0n1p14 259:4 0 3M 0 part └─nvme0n1p15 259:5 0 124M 0 part /boot/efi nvme1n1 259:1 0 1G 0 disk nvme2n1 259:2 0 1G 0 disk admin@i-0a436e109ac3ff9d3:~$ lsblk
kihei/i-0a436e109ac3ff9d3 04:43
by SadServerswrite(2, ")\n", 2) ) = 2 write(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0cda1507b0f7c9669:~$ ls agent data datafile kihei admin@i-0cda1507b0f7c9669:~$
kihei/i-0cda1507b0f7c9669 01:34
by SadServersNo device found for /dev/xvdc. admin@i-0999e9d6f065453d6:~$ sudo pvcreate /dev/sda4 No device found for /dev/sda4. admin@i-0999e9d6f065453d6:~$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme1n1 259:0 0 1G 0 disk nvme2n1 259:1 0 1G 0 disk nvme0n1 259:2 0 8G 0 disk ├─nvme0n1p1 259:3 0 7.9G 0 part / ├─nvme0n1p14 259:4 0 3M 0 part └─nvme0n1p15 259:5 0 124M 0 part /boot/efi admin@i-0999e9d6f065453d6:~$ pvcreate /dev/nvme0n1 WARNING: Running as a non-root user. Functionality may be unavailable. /run/lock/lvm/P_global:aux: open failed: Permission denied admin@i-0999e9d6f065453d6:~$