total 44                                                                        -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rw------- 1 admin admin  641 Feb  5 20:33 .bash_history                        admin@i-03c39b2616f8de2c3:~$ cat /etc/sudoers                                   cat: /etc/sudoers: Permission denied                                            admin@i-03c39b2616f8de2c3:~$ cd /etc/ng                                         

nvme2n1      259:5    0    1G  0 disk                                           admin@i-08d337eedbe8625d4:/var/tmp$ pvcreate /dev/nvme1n1 /dev/nvme2n1            WARNING: Running as a non-root user. Functionality may be unavailable.          /run/lock/lvm/P_global:aux: open failed: Permission denied                    admin@i-08d337eedbe8625d4:/var/tmp$ sudo pvcreate /dev/nvme1n1 /dev/nvme2n1       Physical volume "/dev/nvme1n1" successfully created.                            Physical volume "/dev/nvme2n1" successfully created.                          admin@i-08d337eedbe8625d4:/var/tmp$ vgcreate vg /dev/nvme1n1 /dev/nvme2n1         WARNING: Running as a non-root user. Functionality may be unavailable.          /run/lock/lvm/P_global:aux: open failed: Permission denied                    admin@i-08d337eedbe8625d4:/var/tmp$ sudo vgcreate vg /dev/nvme1n1 /dev/nvme2n1    Volume group "vg" successfully created                                        admin@i-08d337eedbe8625d4:/var/tmp$ sudo lvcreate -n lv -l 100%FREE vg            Logical volume "lv" created.                                                  admin@i-08d337eedbe8625d4:/var/tmp$                                             

goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0f6d76d4e64ebbaa3:~$ less  /home/admin/kihei                            "/home/admin/kihei" may be a binary file.  See it anyway?                       admin@i-0f6d76d4e64ebbaa3:~$                                                    admin@i-0f6d76d4e64ebbaa3:~$ df -h                                              Filesystem       Size  Used Avail Use% Mounted on                               udev             217M     0  217M   0% /dev                                     tmpfs             46M  368K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-0f6d76d4e64ebbaa3:~$                                                    

admin@i-0f9b21ac3ff1d1766:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-0f9b21ac3ff1d1766:~$ strings kihei                                      bash: strings: command not found                                                admin@i-0f9b21ac3ff1d1766:~$                                                    

#1738765594                                                                     ps -aux                                                                         #1738765628                                                                     cat /var/log/cast/i-0eaded03159cbb69b                                           #1738765663                                                                     ps -aux                                                                         #1738765697                                                                     cat webserver.py                                                                #1738765720                                                                     lsof | grep 576                                                                 #1738765732                                                                     ls -lsh                                                                         #1738765740                                                                     ls -lah                                                                         admin@i-0eaded03159cbb69b:~$ en                                                 

Connecting to localhost (localhost)|127.0.0.1|:5000... connected.               HTTP request sent, awaiting response... 200 OK                                  Length: 12 [text/html]                                                          Saving to: ‘index.html’                                                                                                                                         index.html                                     0%[                              index.html                                   100%[===================================================================>]      12  --.-KB/s    in 0s                                                                                              2025-02-05 00:23:50 (1.79 MB/s) - ‘index.html’ saved [12/12]                                                                                                    admin@i-00106663cc89b7917:~$ ls                                                 agent  index.html  webserver.py                                                 admin@i-00106663cc89b7917:~$ cat index.html                                     Unauthorizedadmin@i-00106663cc89b7917:~$ nc localh                              

total 44                                                                        drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             -rw------- 1 admin admin  496 Feb  5 00:09 .bash_history                        -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-005e623c973fc92ea:~$ chown admin:admin webserver.py                     chown: changing ownership of 'webserver.py': Operation not permitted            admin@i-005e623c973fc92ea:~$ cp -pr webserver.py test                           

  -NUM                      same as --context=NUM                                     --color[=WHEN],                                                                 --colour[=WHEN]       use markers to highlight the matching strings;                                  WHEN is 'always', 'never', or 'auto'                  -U, --binary              do not strip CR characters at EOL (MSDOS/Windows)                                                                                   When FILE is '-', read standard input.  With no FILE, read '.' if               recursive, '-' otherwise.  With fewer than two FILEs, assume -h.                Exit status is 0 if any line is selected, 1 otherwise;                          if any error occurs and -q is not given, the exit status is 2.                                                                                                  Report bugs to: [email protected]                                                GNU grep home page: <http://www.gnu.org/software/grep/>                         General help using GNU software: <https://www.gnu.org/gethelp/>                 admin@i-0cfb0cf4bc2c45ea2:~$ strace ./kihei 2>&1 | grep -E ""                   

openat(AT_FDCWD, "/dev/null", O_RDONLY|O_CLOEXEC) = 3                           epoll_ctl(4, EPOLL_CTL_ADD, 3, {EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, {u32=310235= -1 EPERM (Operation not permitted)                                            openat(AT_FDCWD, "/dev/null", O_WRONLY|O_CLOEXEC) = 7                           epoll_ctl(4, EPOLL_CTL_ADD, 7, {EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, {u32=310235= -1 EPERM (Operation not permitted)                                            openat(AT_FDCWD, "/dev/null", O_WRONLY|O_CLOEXEC) = 8                           epoll_ctl(4, EPOLL_CTL_ADD, 8, {EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, {u32=310235= -1 EPERM (Operation not permitted)                                            --                                                                              nanosleep({tv_sec=0, tv_nsec=1000000}, NULL) = 0                                write(2, "panic: ", 7panic: )                  = 7                              write(2, "exit status 1", 13exit status 1)           = 13                       admin@i-0ed492a651080fdae:~$ ^C                                                 admin@i-0ed492a651080fdae:~$ ls -l /home/admin/data/newda                       

ps                                                                              _chrony      593       1  0 03:44 ?        00:00:00 /usr/sbin/chronyd -F 1      root         600       1  0 03:44 ?        00:00:00 /usr/bin/python3 /usr/share/ended-upgrade-shutdown --wait-for-signal                                        _chrony      601     593  0 03:44 ?        00:00:00 /usr/sbin/chronyd -F 1      root         684       2  0 03:45 ?        00:00:00 [kworker/u4:4+events_unboundadmin        714     563  0 03:45 pts/0    00:00:00 bash -l                     admin        718     714  2 03:45 pts/0    00:00:00 /usr/bin/python3 /usr/bin/as0901153058fcbfd -q -i 2 /var/log/cast/i-0e0901153058fcbfd                       admin        721     718  0 03:45 pts/0    00:00:00 /usr/bin/python3 /usr/bin/as0901153058fcbfd -q -i 2 /var/log/cast/i-0e0901153058fcbfd                       admin        722     718  0 03:45 pts/1    00:00:00 sh -c /bin/bash             admin        723     722  0 03:45 pts/1    00:00:00 /bin/bash                   admin        727     723  0 03:45 pts/1    00:00:00 ps -eafww                   admin@i-0e0901153058fcbfd:~$ curl -v http://localhost:500                       

-rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rw------- 1 admin admin  359 Feb  4 03:35 .bash_history                        admin@i-0f4b72b9b2118ab71:~$ whoami                                             admin                                                                           admin@i-0f4b72b9b2118ab71:~$ chown admin webserver.py                           chown: changing ownership of 'webserver.py': Operation not permitted            admin@i-0f4b72b9b2118ab71:~$ less .bash_history                                 admin@i-0f4b72b9b2118ab71:~$ cd                                                 

unix  3      [ ]         STREAM     CONNECTED     11510                         unix  3      [ ]         STREAM     CONNECTED     10674    /run/systemd/journal/unix  2      [ ]         DGRAM                    11561                         admin@i-0b765541c55edca19:~$ netstat tulnp | grep LISTEN                        admin@i-0b765541c55edca19:~$ netstat tulpn | grep LISTEN                        admin@i-0b765541c55edca19:~$ netstat -tulpn | grep LISTEN                       (Not all processes could be identified, non-owned process info                   will not be shown, you would have to be root to see it all.)                   tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      tcp6       0      0 :::22                   :::*                    LISTEN      tcp6       0      0 :::6767                 :::*                    LISTEN      tcp6       0      0 :::8080                 :::*                    LISTEN      admin@i-0b765541c55edca19:~$ curl 127.0.0.1:5000                                Unauthorizedadmin@i-0b765541c55edca19:~$ curl 127.0.0.1:5000                    

    #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:                                                                                                                                      Sorry, try again.                                                               [sudo] password for admin:                                                      Sorry, try again.                                                               [sudo] password for admin:                                                      sudo: 2 incorrect password attempts                                             admin@i-052bf5d2c561574ad:~$ ls                                                 agent  webserver.py                                                             admin@i-052bf5d2c561574ad:~$ cat webserver.py                                   cat: webserver.py: Permission denied                                            admin@i-052bf5d2c561574ad:~$ sudo                                               

) = 62                                                                          write(2, "\n", 1                                                                )                       = 1                                                     write(2, " -h, --help     display this hel"..., 43 -h, --help     display this h) = 43                                                                          write(2, " -V, --version  output version i"..., 52 -V, --version  output version) = 52                                                                          write(2, "\nFor more details see kill(1).\n", 31                                For more details see kill(1).                                                   ) = 31                                                                          close(1)                                = 0                                     close(2)                                = 0                                     exit_group(1)                           = ?                                     +++ exited with 1 +++                                                           admin@i-0de4c1da0297b07ea:~$