SadServers Joined on September 10, 2023

admin@i-012952269c8a299f9:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-012952269c8a299f9:~$ ls                                                 agent  data  datafile  kihei                                                    admin@i-012952269c8a299f9:~$                                                    

admin@i-01938499a23dd6d8b:~$ curl http://localhost:5000                         Unauthorizedadmin@i-01938499a23dd6d8b:~$ curl https://localhost:5000            curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number     admin@i-01938499a23dd6d8b:~$ strace -p 573                                      strace: attach: ptrace(PTRACE_SEIZE, 573): Operation not permitted              admin@i-01938499a23dd6d8b:~$ sudo strace -p 573                                                                                                                 We trust you have received the usual lecture from the local System              Administrator. It usually boils down to these three things:                                                                                                         #1) Respect the privacy of others.                                              #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:                                                      

cloud                   environment     hosts       lighttpd         modules-loaadmin@i-07b1f6f3834fd3ea0:/etc$ cd apache2/                                     admin@i-07b1f6f3834fd3ea0:/etc/apache2$ ls                                      conf-available                                                                  admin@i-07b1f6f3834fd3ea0:/etc/apache2$ cd conf-available/                      admin@i-07b1f6f3834fd3ea0:/etc/apache2/conf-available$ ls                       javascript-common.conf                                                          admin@i-07b1f6f3834fd3ea0:/etc/apache2/conf-available$ cat javascript-common.conAlias /javascript /usr/share/javascript/                                                                                                                        <Directory "/usr/share/javascript/">                                                    Options FollowSymLinks MultiViews                                       </Directory>                                                                    admin@i-07b1f6f3834fd3ea0:/etc/apache2/conf-available$ cd ~                     admin@i-07b1f6f3834fd3ea0:~$ cd conf-available/                                 

admin@i-0649ad53cc05cfe4d:~$ curl localhost:5000                                Unauthorizedadmin@i-0649ad53cc05cfe4d:~$ cd /etc/ng                             bash: cd: /etc/ng: No such file or directory                                    admin@i-0649ad53cc05cfe4d:~$ netstat -tunlp | grep 5000                         (Not all processes could be identified, non-owned process info                   will not be shown, you would have to be root to see it all.)                   tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      admin@i-0649ad53cc05cfe4d:~$ ss -ntlp | grep 500                                

tmpfs               46636     368     46268   1% /run                           /dev/nvme0n1p1    8026128 6354944   1241928  84% /                              tmpfs              233168      12    233156   1% /dev/shm                       tmpfs                5120       0      5120   0% /run/lock                      /dev/nvme0n1p15    126678    6016    120662   5% /boot/efi                      admin@i-012b34261aecbabc6:~$ strace -o xxx -f ./kihei                           panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-012b34261aecbabc6:~$ strace                                             strace: must have PROG [ARGS] or -p PID                                         Try 'strace -h' for more information.                                           admin@i-012b34261aecbabc6:~$                                                    

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1 bash                                                                       

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   1 bash                                                                       

-rw-r--r-- 1 admin admin 1024 Feb 29 07:33 .webserver.py.swp                    drwxr-xr-x 2 admin root  4096 Sep 24 23:20 agent                                -rwxrwx--- 1 root  root   360 Sep 24 23:20 webserver.py                         admin@i-03d33c47959abc794:~$ file webserver.py                                  webserver.py: regular file, no read permission                                  admin@i-03d33c47959abc794:~$ curl localhost:5000                                Unauthorizedadmin@i-03d33c47959abc794:~$ curl -I localhost:5000                 HTTP/1.1 200 OK                                                                 Server: Werkzeug/2.3.7 Python/3.9.2                                             Date: Thu, 29 Feb 2024 07:34:11 GMT                                             Content-Type: text/html; charset=utf-8                                          Content-Length: 12                                                              Connection: close                                                                                                                                               admin@i-03d33c47959abc794:~$                                                    

admin@i-014a54ca5e84ede39:~$ nc localhost 5000                                  GET /                                                                                                                                                           Welcome! Password is FDZPmh5AX3oiJt^C                                           admin@i-014a54ca5e84ede39:~$ ech                                                

})"                                                                             admin@i-032f08c56ca9f458a:~$ echo "${HTTP_REQUEST}" >&"${NFD}"                  admin@i-032f08c56ca9f458a:~$ while read -u "${NFD}" lz ; do                         echo "${lz}"                                                                done                                                                            admin@i-032f08c56ca9f458a:~$ exec {NFD}>&-                                      admin@i-032f08c56ca9f458a:~$ lynx                                               bash: lynx: command not found                                                   admin@i-032f08c56ca9f458a:~$ nc                                                 usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]                       [-m minttl] [-O length] [-P proxy_username] [-p source_port]                    [-q seconds] [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit]            [-w timeout] [-X proxy_protocol] [-x proxy_address[:port]]                      [destination] [port]                                                  admin@i-032f08c56ca9f458a:~$ /usr/bin/printf 'GET / \n' | nc localhost 8        

drwxr-xr-x 2 admin root    4096 Sep 17 17:28 agent                              drwxr-xr-x 2 admin root    4096 Feb 28 20:56 data                               -rwxr-xr-x 1 admin root 2207109 Sep 17 17:28 kihei                              root@i-054f84a9df96e5500:/home/admin# df -h                                     Filesystem       Size  Used Avail Use% Mounted on                               udev             217M  217M     0 100% /dev                                     tmpfs             46M  384K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                tmpfs             46M     0   46M   0% /run/user/0                              root@i-054f84a9df96e5500:/home/admin# kihei                                     bash: kihei: command not found                                                  root@i-054f84a9df96e5500:/home/admin#                                           

< Server: Werkzeug/2.3.7 Python/3.9.2                                           < Date: Wed, 28 Feb 2024 20:58:43 GMT                                           < Content-Type: text/html; charset=utf-8                                        < Content-Length: 207                                                           < Connection: close                                                             <                                                                               <!doctype html>                                                                 <html lang=en>                                                                  <title>404 Not Found</title>                                                    <h1>Not Found</h1>                                                              <p>The requested URL was not found on the server. If you entered the URL manualllling and try again.</p>                                                        * Closing connection 0                                                          admin@i-045e1170ba04ed4e1:~$ vi mysolution                                      admin@i-045e1170ba04ed4e1:~$ curl localhost:5000/index. -v                      

admin@i-0871758fae78c248d:~$ curl -A "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) G.0" https://example.com/"                                                       >                                                                               >                                                                               > ^C                                                                            admin@i-0871758fae78c248d:~$ ^C                                                 admin@i-0871758fae78c248d:~$ ^C                                                 admin@i-0871758fae78c248d:~$ curl -A "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) G.0" localhost:5000"                                                             > ^C                                                                            admin@i-0871758fae78c248d:~$ curl -v -A "Mozilla/5.0 (X11; Linux x86_64; rv:60.0/81.0" http:localhost:5000"                                                     

    </body>                                                                     </html>                                                                         Connection closed by foreign host.                                              admin@i-06cd2f2879efb2fb1:~$ nmap localhost                                     Starting Nmap 7.80 ( https://nmap.org ) at 2024-02-28 12:40 UTC                 Nmap scan report for localhost (127.0.0.1)                                      Host is up (0.00022s latency).                                                  Not shown: 997 closed ports                                                     PORT     STATE SERVICE                                                          22/tcp   open  ssh                                                              5000/tcp open  upnp                                                             8080/tcp open  http-proxy                                                                                                                                       Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds                     admin@i-06cd2f2879efb2fb1:~$ telnet localhost 5000