Public recordings
Sort by
write(2, "main.main", 9main.main) = 9 write(2, "(", 1() = 1 write(2, ")\n", 2) ) = 2 write(2, "\t", 1 ) = 1 write(2, "./main.go", 9./main.go) = 9 write(2, ":", 1:) = 1 write(2, "64", 264) = 2 write(2, " +", 2 +) = 2 write(2, "0x47d", 50x47d) = 5 write(2, "\n", 1 ) = 1 exit_group(2) = ? +++ exited with 2 +++ admin@i-0a7b6531eabc2bb95:~$ touch newdatafile
kihei/i-0a7b6531eabc2bb95 03:38
by SadServersNAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme1n1 259:0 0 1G 0 disk nvme0n1 259:1 0 8G 0 disk nvme0n1p1 259:2 0 7.9G 0 part / nvme0n1p14 259:3 0 3M 0 part nvme0n1p15 259:4 0 124M 0 part /boot/efi nvme2n1 259:5 0 1G 0 disk admin@i-09db637cee5e4851b:~$ sudo su root@i-09db637cee5e4851b:/home/admin# pvcreate nvme1n1 nvme2n1 No device found for nvme1n1. No device found for nvme2n1. root@i-09db637cee5e4851b:/home/admin# pvcreate /dev/nvme1n1 /dev/nvme2n1 Physical volume "/dev/nvme1n1" successfully created. Physical volume "/dev/nvme2n1" successfully created. root@i-09db637cee5e4851b:/home/admin# vgcreate vg /dev/nvme1n1/
kihei/i-09db637cee5e4851b 01:55
by SadServersb.syscall.Signal,os.Signalgo.itab.*io/fs.PathError,errorgo.itab.*os.SyscallError,errorgo.itab.syscall.Errno,errorgo.itab.os.onlyWriter,io.Writergo.itab.*os.fileStat,io/fs.FileInfogo.itab.*io.LimitedReader,io.Readergo.itab.*os.File,io.Closergo.itab.*os/exec.ExitError,errorgo.itab.*os/exec.Error,errorgo.itab.*bufio.Reader,io.Readergo.itab.os/user.UnknownUserIdError,errorgo.itab.*internal/reflectlite.rtype,internal/reflectlite.Typego.itab.time.fileSizeError,errorgo.itab.*internal/fmtsort.SortedMap,sort.Interfacego.itab.runtime.errorString,error_cgo_init_cgo_thread_start_cgo_notify_runtime_init_done_cgo_callers_cgo_yield_cgo_mmap_cgo_munmap_cgo_sigactionruntime.mainPCgo.itab.*internal/poll.DeadlineExceededError,errorgo.itab.internal/poll.errNetClosing,errorruntime.defaultGOROOT.strruntime.buildVersion.strruntime.modinfo.strtype.*runtime.textsectionmapadmin@i-0c8d1cdfebc39a155:~$ ^C admin@i-0c8d1cdfebc39a155:~$ ^C admin@i-0c8d1cdfebc39a155:~$ ^C admin@i-0c8d1cdfebc39a155:~$
kihei/i-0c8d1cdfebc39a155 00:22
by SadServersnobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin _apt:x:100:65534::/nonexistent:/usr/sbin/nologin messagebus:x:101:101::/nonexistent:/usr/sbin/nologin uuidd:x:102:102::/run/uuidd:/usr/sbin/nologin tcpdump:x:103:103::/nonexistent:/usr/sbin/nologin _chrony:x:104:104:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin systemd-network:x:105:106:systemd Network Management,,,:/run/systemd:/usr/sbin/nsystemd-resolve:x:106:107:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin sshd:x:107:65534::/run/sshd:/usr/sbin/nologin systemd-timesync:x:999:999:systemd Time Synchronization:/:/usr/sbin/nologin systemd-coredump:x:998:998:systemd Core Dumper:/:/usr/sbin/nologin admin:x:1000:1000:Debian:/home/admin:/bin/bash admin@i-0033d221d79134049:~$ cat ~.profile cat: '~.profile': No such file or directory admin@i-0033d221d79134049:~$
paris/i-0033d221d79134049 04:02
by SadServersadmin@i-08c43809f7342e8fa:~$ cat ~/mysolution Unauthorized admin@i-08c43809f7342e8fa:~$ md5sum ~/mysolution be3c5cdccf225ae191b14b7dcef21246 /home/admin/mysolution admin@i-08c43809f7342e8fa:~$ echo "Unauthorized" > ~/mysolution ^C admin@i-08c43809f7342e8fa:~$ curl --user admin -D- http://localhost:5000/ Enter host password for user 'admin': HTTP/1.1 200 OK Server: Werkzeug/2.3.7 Python/3.9.2 Date: Wed, 27 Dec 2023 18:56:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 12 Connection: close Unauthorizedadmin@i-08c43809f7342e8fa:~$
paris/i-08c43809f7342e8fa 03:11
by SadServersswaplabel swapoff swapon admin@i-022881715555faf1e:~$ swap swaplabel swapoff swapon admin@i-022881715555faf1e:~$ swap^C admin@i-022881715555faf1e:~$ df -kh Filesystem Size Used Avail Use% Mounted on udev 217M 0 217M 0% /dev tmpfs 46M 368K 46M 1% /run /dev/nvme0n1p1 7.7G 6.1G 1.2G 84% / tmpfs 228M 12K 228M 1% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/nvme0n1p15 124M 5.9M 118M 5% /boot/efi admin@i-022881715555faf1e:~$ ls agent data datafile kihei admin@i-022881715555faf1e:~$ strace .
kihei/i-022881715555faf1e 03:35
by SadServersadmin@i-080f9c28de7721356:~$ curl localhost:5000/../../../../../proc/cpuinfo <!doctype html> <html lang=en> <title>404 Not Found</title> <h1>Not Found</h1> <p>The requested URL was not found on the server. If you entered the URL manuallcheck your spelling and try again.</p> admin@i-080f9c28de7721356:~$ curl localhost:5000/secret <!doctype html> <html lang=en> <title>404 Not Found</title> <h1>Not Found</h1> <p>The requested URL was not found on the server. If you entered the URL manuallcheck your spelling and try again.</p> admin@i-080f9c28de7721356:~$ curl localhost:5000/webse
paris/i-080f9c28de7721356 02:33
by SadServerstracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime) fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatimconfigfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime) /dev/nvme0n1p15 on /boot/efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepaadmin@i-00d3a594a6b0ea456:~$ ls lkb ls: cannot access 'lkb': No such file or directory admin@i-00d3a594a6b0ea456:~$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT nvme0n1 259:0 0 8G 0 disk ├─nvme0n1p1 259:2 0 7.9G 0 part / ├─nvme0n1p14 259:3 0 3M 0 part └─nvme0n1p15 259:4 0 124M 0 part /boot/efi nvme2n1 259:1 0 1G 0 disk nvme1n1 259:5 0 1G 0 disk admin@i-00d3a594a6b0ea456:~$ lsblk -
kihei/i-00d3a594a6b0ea456 01:27
by SadServerstcp LISTEN 0 128 127.0.0.1:5000 0.0.0.0:* admin@i-0c8aeb0a6e13b348e:~$ nmap localhost -p 5000 Starting Nmap 7.80 ( https://nmap.org ) at 2023-12-27 11:24 UTC Nmap scan report for localhost (127.0.0.1) Host is up (0.000090s latency). PORT STATE SERVICE 5000/tcp open upnp Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds admin@i-0c8aeb0a6e13b348e:~$ ps aux | grep upnp admin 704 0.0 0.1 5264 708 pts/1 S<+ 11:24 0:00 grep upnp admin@i-0c8aeb0a6e13b348e:~$ px aux | grep 5000 bash: px: command not found admin@i-0c8aeb0a6e13b348e:~$ ps aux | grep 5000
paris/i-0c8aeb0a6e13b348e 01:26
by SadServersadmin@i-0d65d9fded9a150e0:~$ cd /home/admin/ admin@i-0d65d9fded9a150e0:~$ ls -lrth total 5.1G -rw-r--r-- 1 root root 5.0G Sep 17 17:28 datafile drwxr-xr-x 2 admin root 4.0K Sep 17 17:28 data -rwxr-xr-x 1 admin root 2.2M Sep 17 17:28 kihei drwxr-xr-x 2 admin root 4.0K Sep 17 17:28 agent admin@i-0d65d9fded9a150e0:~$ c
kihei/i-0d65d9fded9a150e0 00:20
by SadServers> Host: 127.0.0.1:5000 > Authorization: Basic YWRtaW46YWRtaW4= > User-Agent: curl/7.74.0 > Accept: */* > * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < Server: Werkzeug/2.3.7 Python/3.9.2 < Date: Wed, 27 Dec 2023 10:00:47 GMT < Content-Type: text/html; charset=utf-8 < Content-Length: 12 < Connection: close < * Closing connection 0 Unauthorizedadmin@i-0be5e4664c35e2594:~$ curl -u 'test:test' 127.0.0.1:5000 -v
paris/i-0be5e4664c35e2594 02:51
by SadServerstotal 11M -rwxr-xr-x 1 admin root 11M Sep 20 15:53 sadagent -rw-r--r-- 1 admin admin 0 Sep 20 15:53 sadagent.txt -rwxr-xr-x 1 admin admin 230 Sep 24 23:20 check.sh admin@i-0cfcaf1d38addd2ba:~/agent$ cat sadagent.txt admin@i-0cfcaf1d38addd2ba:~/agent$ nc localhost 5000 admin@i-0cfcaf1d38addd2ba:~/agent$ GET / bash: GET: command not found admin@i-0cfcaf1d38addd2ba:~/agent$ GET / bash: GET: command not found admin@i-0cfcaf1d38addd2ba:~/agent$ curl --user-agent "password" localhost:5000 Welcome! Password is FDZPmh5AX3oiJtadmin@i-0cfcaf1d38addd2ba:~/agent$ curl --use5000