Public recordings

Sort by

  echo -n "NO"                                                                    exit                                                                          fi                                                                                                                                                              # kihei runs succesfully                                                        res=$(/home/admin/kihei)                                                        res=$(echo $res|tr -d '\r')                                                                                                                                     if [[ "$res" = "Done." ]]                                                       then                                                                              echo -n "OK"                                                                  else                                                                              echo -n "NO"                                                                  fi                                                                              admin@i-0b3a8698202b2ee49:~/agent$

kihei/i-0b3a8698202b2ee49 00:54

by SadServers 1 month ago

Sep 17 16:44:28 debian kernel: x86/PAT: Configuration [0-7]: WB  WC  UC- UC  >Sep 17 16:44:28 debian kernel: Using GB pages for direct mapping              Sep 17 16:44:28 debian kernel: RAMDISK: [mem 0x1d286000-0x1df41fff]           Sep 17 16:44:28 debian kernel: ACPI: Early table checksum verification disabl>Sep 17 16:44:28 debian kernel: ACPI: RSDP 0x00000000000F8F40 000014 (v00 AMAZ>Sep 17 16:44:28 debian kernel: ACPI: RSDT 0x000000001EBEE350 000044 (v01 AMAZ>admin@i-0233ca5e1d96f6d42:~$ df -h                                            Filesystem       Size  Used Avail Use% Mounted on                             udev             217M     0  217M   0% /dev                                   tmpfs             46M  368K   46M   1% /run                                   /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                      tmpfs            228M   12K  228M   1% /dev/shm                               tmpfs            5.0M     0  5.0M   0% /run/lock                              /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                              admin@i-0233ca5e1d96f6d42:~$ top

kihei/i-0233ca5e1d96f6d42 00:47

by SadServers 1 month ago

admin@i-0796b0b18597b116d:~$ lsblk                                              NAME         MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT                                nvme0n1      259:0    0    8G  0 disk                                           ├─nvme0n1p1  259:1    0  7.9G  0 part /                                         ├─nvme0n1p14 259:2    0    3M  0 part                                           └─nvme0n1p15 259:3    0  124M  0 part /boot/efi                                 nvme1n1      259:4    0    1G  0 disk                                           nvme2n1      259:5    0    1G  0 disk                                           admin@i-0796b0b18597b116d:~$ sfdisk -l                                          sfdisk: cannot open /dev/nvme0n1: Permission denied                             sfdisk: cannot open /dev/nvme1n1: Permission denied                             sfdisk: cannot open /dev/nvme2n1: Permission denied                             admin@i-0796b0b18597b116d:~$

kihei/i-0796b0b18597b116d 02:22

by SadServers 1 month ago

admin@i-0edb37904efb078c3:~$ ./kihei                                            panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0edb37904efb078c3:~$ sudo ./kihei                                       Error: This program cannot be run as the 'root' superuser.                      admin@i-0edb37904efb078c3:~$ s

kihei/i-0edb37904efb078c3 00:22

by SadServers 1 month ago

[LWP 1296 exited]                                                               [LWP 1295 exited]                                                               [LWP 1294 exited]                                                               [Inferior 1 (process 1290) exited with code 02]                                 (gdb) backtrace                                                                 No stack.                                                                       (gdb) l main.go:64                                                              59      main.go: No such file or directory.                                     (gdb) l main.main                                                               11      in main.go                                                              (gdb) l main.go:64                                                              59      in main.go                                                              (gdb) l main.go:1                                                               1       in main.go                                                              (gdb) l main.go:64

kihei/i-0459b0483c1b80d24 14:05

by SadServers 1 month ago

else                                                                              echo -n "NO"                                                                  fi                                                                              admin@i-08604040ea56a1548:~$ file kihei                                         kihei: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Gadmin@i-08604040ea56a1548:~$ ./kihei                                            panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-08604040ea56a1548:~$ which vim                                          /usr/bin/vim                                                                    admin@i-08604040ea56a1548:~$ vim -b kihei                                       (gdb) e.in runtime/sys_linux_amd64.so such file or directory.in at main.go:16

kihei/i-08604040ea56a1548 09:23

by SadServers 1 month ago

admin@i-095e18688feef4e03:~$ cd /home/admin/kihei                               bash: cd: /home/admin/kihei: Not a directory                                    admin@i-095e18688feef4e03:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-095e18688feef4e03:~$ cd

kihei/i-095e18688feef4e03 00:22

by SadServers 1 month ago

udp        0      0 0.0.0.0:68              0.0.0.0:*                           udp6       0      0 fe80::813:15ff:fe50:546 :::*                                udp6       0      0 ::1:323                 :::*                                Active UNIX domain sockets (only servers)                                       Proto RefCnt Flags       Type       State         I-Node   PID/Program name     unix  2      [ ACC ]     STREAM     LISTENING     9661     -                    unix  2      [ ACC ]     STREAM     LISTENING     10561    -                    unix  2      [ ACC ]     STREAM     LISTENING     10563    -                    unix  2      [ ACC ]     STREAM     LISTENING     9615     -                    unix  2      [ ACC ]     STREAM     LISTENING     9617     -                    unix  2      [ ACC ]     STREAM     LISTENING     9618     -                    unix  2      [ ACC ]     STREAM     LISTENING     9630     -                    unix  2      [ ACC ]     STREAM     LISTENING     9638     -                    unix  2      [ ACC ]     SEQPACKET  LISTENING     9640     -                    admin@i-05f9095b8fa200e0d:~$ ls

paris/i-05f9095b8fa200e0d 03:43

by SadServers 1 month ago

                                                                                if [[ "$actual_checksum" == "$expected_checksum" ]]; then                         echo -n "OK"                                                                  else                                                                              echo -n "NO"                                                                  fiadmin@i-053e95096bbd62d08:~/agent$ file sadagent                              sadagent: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linke-linux-x86-64.so.2, Go BuildID=H6A8cVluPFUvaNojVwMi/C5t-5rNiA5GJLWeSm5Qz/KXfivG_EPr4lPEnoe, not stripped                                                        admin@i-053e95096bbd62d08:~/agent$ cd ..                                        admin@i-053e95096bbd62d08:~$ ls                                                 agent  webserver.py                                                             admin@i-053e95096bbd62d08:~$ cat webserver.py                                   cat: webserver.py: Permission denied                                            admin@i-053e95096bbd62d08:~$ ls

paris/i-053e95096bbd62d08 02:03

by SadServers 1 month ago

admin@i-07ee6b558ede8f810:~$ file /home/admin/kihei                             /home/admin/kihei: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), staticalolUanvRPB7DWhc7e4I/nM83nW4qxDvf9asNaf7E/5u1Qa6jnFvq2KL4kV5G1/6IwNz7tVbey9uC58oKsadmin@i-07ee6b558ede8f810:~$ lsof /home/admin/kihei                             admin@i-07ee6b558ede8f810:~$ ls -l /home/admin/kihei                            -rwxr-xr-x 1 admin root 2207109 Sep 17  2023 /home/admin/kihei                  admin@i-07ee6b558ede8f810:~$ man strace

kihei/i-07ee6b558ede8f810 00:59

by SadServers 1 month ago

admin@i-0a272b4b7909988f7:~$ ss -tunlp

paris/i-0a272b4b7909988f7 05:09

by SadServers 1 month ago

Unauthorizedadmin@i-09ceaaf94time curl http://127.0.0.1:50007.0.0.1:5000        Unauthorized                                                                    real    0m0.017s                                                                user    0m0.008s                                                                sys     0m0.008s                                                                admin@i-09ceaaf94b2b4036f:~$ curl http://localhost:5000                         Unauthorizedadmin@i-09ceaaf94curl -I -L http://localhost:5000calhost:5000       HTTP/1.1 200 OK                                                                 Server: Werkzeug/2.3.7 Python/3.9.2                                             Date: Fri, 03 Jan 2025 15:53:33 GMT                                             Content-Type: text/html; charset=utf-8                                          Content-Length: 12                                                              Connection: close                                                                                                                                               admin@i-09ceaaf94b2b4036f:~$

paris/i-09ceaaf94b2b4036f 02:06

by SadServers 1 month ago

lrwxrwxrwx  1 root root       8 Nov  7  2019  ypdomainname -> hostname          -rwxr-xr-x  1 root root    2.0K Apr 10  2022  zcat                              -rwxr-xr-x  1 root root    1.7K Apr 10  2022  zcmp                              -rwxr-xr-x  1 root root    5.8K Apr 10  2022  zdiff                             -rwxr-xr-x  1 root root     23K Apr 19  2023  zdump                             -rwxr-xr-x  1 root root      29 Apr 10  2022  zegrep                            -rwxr-xr-x  1 root root      29 Apr 10  2022  zfgrep                            -rwxr-xr-x  1 root root    2.1K Apr 10  2022  zforce                            -rwxr-xr-x  1 root root    7.9K Apr 10  2022  zgrep                             -rwxr-xr-x  1 root root     51K Sep 24  2021  zipdetails                        -rwxr-xr-x  1 root root    2.2K Apr 10  2022  zless                             -rwxr-xr-x  1 root root    1.8K Apr 10  2022  zmore                             -rwxr-xr-x  1 root root    4.5K Apr 10  2022  znew                              admin@i-09caab26a6727cfcc:/usr/bin$ cd                                          admin@i-09caab26a6727cfcc:~$

paris/i-09caab26a6727cfcc 00:59

by SadServers 1 month ago

-rw------- 1 admin admin  269 Jan  2 11:38 .bash_history                        -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              drwxr-xr-x 3 admin admin 4096 Jan  2 11:37 .local                               -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 -rw-r--r-- 1 admin admin 1024 Jan  2 11:37 .webserver.py.swp                    drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-0f995f369ab3b4d0d:~$ ls .config/                                        asciinema                                                                       admin@i-0f995f369ab3b4d0d:~$ less .webserver.py.swp                             ".webserver.py.swp" may be a binary file.  See it anyway?                       admin@i-0f995f369ab3b4d0d:~$ cat .bashr

paris/i-0f995f369ab3b4d0d 01:44

by SadServers 1 month ago