admin@i-098b8ec4b71ab5c56:~$ ls -al                                             total 5245080                                                                   drwxr-xr-x 7 admin admin       4096 Feb 16 19:08 .                              drwxr-xr-x 3 root  root        4096 Sep 17 16:44 ..                             drwx------ 3 admin admin       4096 Sep 17 17:15 .ansible                       -rw-r--r-- 1 admin admin        220 Aug  4  2021 .bash_logout                   -rw-r--r-- 1 admin admin       3526 Aug  4  2021 .bashrc                        drwxr-xr-x 3 admin admin       4096 Feb 16 19:08 .config                        -rw-r--r-- 1 admin admin        807 Aug  4  2021 .profile                       drwx------ 2 admin admin       4096 Sep 17 16:44 .ssh                           drwxr-xr-x 2 admin root        4096 Sep 17 17:28 agent                          drwxr-xr-x 2 admin root        4096 Sep 17 17:28 data                           -rw-r--r-- 1 root  root  5368709120 Sep 17 17:28 datafile                       -rwxr-xr-x 1 admin root     2207109 Sep 17 17:28 kihei                          admin@i-098b8ec4b71ab5c56:~$                                                    

#1698684265                                                                     ls clmystery/                                                                   #1698684272                                                                     cat clmystery/instructions                                                      #1698684284                                                                     cd clmystery/mystery/                                                           #1698684303                                                                     ls                                                                              #1698684324                                                                     rgrep CLUE                                                                      admin@i-08a6584764128df1f:~/clmystery/mystery$ cat ~/.                          ./             .ansible/      .bash_logout   .config/       .ssh/               ../            .bash_history  .bashrc        .profile                           admin@i-08a6584764128df1f:~/clmystery/mystery$ cat ~/.config/asciinema/install-i1f:~$ rgrep CLUE                                                                

unix  3      [ ]         STREAM     CONNECTED     11510                         unix  3      [ ]         STREAM     CONNECTED     10674    /run/systemd/journal/unix  2      [ ]         DGRAM                    11561                         admin@i-0b765541c55edca19:~$ netstat tulnp | grep LISTEN                        admin@i-0b765541c55edca19:~$ netstat tulpn | grep LISTEN                        admin@i-0b765541c55edca19:~$ netstat -tulpn | grep LISTEN                       (Not all processes could be identified, non-owned process info                   will not be shown, you would have to be root to see it all.)                   tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      tcp6       0      0 :::22                   :::*                    LISTEN      tcp6       0      0 :::6767                 :::*                    LISTEN      tcp6       0      0 :::8080                 :::*                    LISTEN      admin@i-0b765541c55edca19:~$ curl 127.0.0.1:5000                                Unauthorizedadmin@i-0b765541c55edca19:~$ curl 127.0.0.1:5000                    

 modprobe.d      pam.conf       rc0.d      rsyslog.conf    skel      sysctl.confapparmor.d              cron.daily            e2scrub.conf    gshadow    issue   modules         pam.d          rc1.d      rsyslog.d       ssh       sysctl.d   apt                     cron.hourly           environment     gshadow-   issue.n modules-load.d  passwd         rc2.d      runit           ssl       systemd    bash.bashrc             cron.monthly          ethertypes      gss        kernel  motd            passwd-        rc3.d      sadscenario     subgid    terminfo   bash_completion         cron.weekly           fonts           host.conf  kernel- mtab            perl           rc4.d      screenrc        subgid-   timezone   bindresvport.blacklist  crontab               fstab           hostname   ld.so.c nanorc          pm             rc5.d      security        subuid    tmpfiles.d binfmt.d                dbus-1                fstab.old       hosts      ld.so.c netconfig       ppp            rc6.d      selinux         subuid-   ucf.conf   admin@i-0d57ae06890a9cfc8:/etc$ cd                                              admin@i-0d57ae06890a9cfc8:~$