SadServers Joined on September 10, 2023

2030 public recordings by SadServers

-rw-r--r-- 1 root root 0 Mar  2 05:08 overflowgid                               -rw-r--r-- 1 root root 0 Mar  2 05:08 mount-max                                 -rw-r--r-- 1 root root 0 Mar  2 05:08 leases-enable                             -rw-r--r-- 1 root root 0 Mar  2 05:08 lease-break-time                          dr-xr-xr-x 1 root root 0 Mar  2 05:08 inotify                                   -r--r--r-- 1 root root 0 Mar  2 05:08 inode-state                               -r--r--r-- 1 root root 0 Mar  2 05:08 inode-nr                                  -r--r--r-- 1 root root 0 Mar  2 05:08 file-nr                                   dr-xr-xr-x 1 root root 0 Mar  2 05:08 epoll                                     -rw-r--r-- 1 root root 0 Mar  2 05:08 dir-notify-enable                         -r--r--r-- 1 root root 0 Mar  2 05:08 dentry-state                              -r--r--r-- 1 root root 0 Mar  2 05:08 aio-nr                                    -rw-r--r-- 1 root root 0 Mar  2 05:08 aio-max-nr                                drwxr-xr-x 2 root root 0 Mar  2 05:08 binfmt_misc                               admin@i-0e43863c72b6409f1:/proc/sys/fs$ cd /home/ad

paris/i-0e43863c72b6409f1 06:39

by SadServers 11 days ago

admin@i-080818b7cdb9f789c:~/agent$ ls                                           check.sh  sadagent  sadagent.txt                                                admin@i-080818b7cdb9f789c:~/agent$ ping localhost:500                           ping: localhost:500: Name or service not known                                  admin@i-080818b7cdb9f789c:~/agent$ ping localhost:5000                          ping: localhost:5000: Name or service not known                                 admin@i-080818b7cdb9f789c:~/agent$ ping localhost:5000

paris/i-080818b7cdb9f789c 02:36

by SadServers 11 days ago

ls                                        #1740693057                               pwd                                       #1740693069                               ls -a                                     #1740693085                               cd bash_history                           #1740693116                               cd .bash_history                          admin@i-04b1619a31d169ee7:~$ ls           agent  webserver.py                       admin@i-04b1619a31d169ee7:~$ python ./webserver.py                                  bash: python: command not found           admin@i-04b1619a31d169ee7:~$

paris/i-04b1619a31d169ee7 02:23

by SadServers 14 days ago

admin@i-0a1bcc85d0fd2797c:~$

kihei/i-0a1bcc85d0fd2797c 00:03

by SadServers 14 days ago

  -l, --lock                    lock the password of the named account            -n, --mindays MIN_DAYS        set minimum number of days before password                                      change to MIN_DAYS                                -q, --quiet                   quiet mode                                        -r, --repository REPOSITORY   change password in REPOSITORY repository          -R, --root CHROOT_DIR         directory to chroot into                          -S, --status                  report password status on the named account       -u, --unlock                  unlock the password of the named account          -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS          -x, --maxdays MAX_DAYS        set maximum number of days before password                                      change to MAX_DAYS                                                                                                              admin@i-05d764fc7a0200ea6:~$ passwd                                             Changing password for admin.                                                    Current password:

paris/i-05d764fc7a0200ea6 00:32

by SadServers 14 days ago

Unauthorizedadmin@i-01f465ecb0e6b6e62:~$ curl localhost:5000                    Unauthorizedadmin@i-01f465ecb0e6b6e62:~$ ls                                     agent  webserver.py                                                             admin@i-01f465ecb0e6b6e62:~$ nano webserver.py                                  admin@i-01f465ecb0e6b6e62:~$ sudo nano webserver.py                                                                                                             We trust you have received the usual lecture from the local System              Administrator. It usually boils down to these three things:                                                                                                         #1) Respect the privacy of others.                                              #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:

paris/i-01f465ecb0e6b6e62 00:44

by SadServers 14 days ago

strings: webserver.py: Permission denied                                        admin@i-0eed1c77d78127958:~$ ls -al                                             total 44                                                                        drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             -rw------- 1 admin admin  530 Feb 26 17:43 .bash_history                        -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-0eed1c77d78127958:~$

paris/i-0eed1c77d78127958 02:26

by SadServers 15 days ago

             man:sshd_config(5)                                                     Process: 581 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)    Main PID: 590 (sshd)                                                               Tasks: 1 (limit: 521)                                                          Memory: 3.4M                                                                       CPU: 38ms                                                                    CGroup: /system.slice/ssh.service                                                       └─590 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups                                                                                      Feb 26 15:21:30 i-0543a291e6e295bb0 systemd[1]: Starting OpenBSD Secure Shell seFeb 26 15:21:31 i-0543a291e6e295bb0 sshd[590]: Server listening on 0.0.0.0 port Feb 26 15:21:31 i-0543a291e6e295bb0 sshd[590]: Server listening on :: port 22.  Feb 26 15:21:31 i-0543a291e6e295bb0 systemd[1]: Started OpenBSD Secure Shell seradmin@i-0543a291e6e295bb0:~$ lsof -i :22                                        admin@i-0543a291e6e295bb0:~$ ps aux

paris/i-0543a291e6e295bb0 02:24

by SadServers 15 days ago

/dev/nvme0n1p1  7.7G  6.1G  1.2G  84% /                                         admin@i-0cb4275c09b1a51bf:~$ ls -l                                              total 5245048                                                                   drwxr-xr-x 2 admin root       4096 Sep 17  2023 agent                           drwxr-xr-x 2 admin root       4096 Feb 26 13:33 data                            -rw-r--r-- 1 root  root 5368709120 Sep 17  2023 datafile                        -rwxr-xr-x 1 admin root    2207109 Sep 17  2023 kihei                           admin@i-0cb4275c09b1a51bf:~$ du -sh .                                           5.1G    .                                                                       admin@i-0cb4275c09b1a51bf:~$ strings datafile |less                             bash: strings: command not found                                                admin@i-0cb4275c09b1a51bf:~$                                                    admin@i-0cb4275c09b1a51bf:~$ cd /                                               admin@i-0cb4275c09b1a51bf:/$ cd                                                 admin@i-0cb4275c09b1a51bf:~$

kihei/i-0cb4275c09b1a51bf 03:42

by SadServers 15 days ago

4.0K    /usr/libx32                                                             4.0K    /usr/src                                                                36K     /usr/libexec                                                            52K     /usr/include                                                            13M     /usr/local                                                              23M     /usr/sbin                                                               105M    /usr/bin                                                                231M    /usr/share                                                              386M    /usr/lib                                                                root@i-0f8f92f7d2a80ebe0:~#                                                     exit                                                                            admin@i-0f8f92f7d2a80ebe0:~$ hd datafile | less                                 admin@i-0f8f92f7d2a80ebe0:~$ tr -d '\0' < datafile > bla                        admin@i-0f8f92f7d2a80ebe0:~$ mv bla datafile                                    mv: replace 'datafile', overriding mode 0644 (rw-r--r--)?

kihei/i-0f8f92f7d2a80ebe0 02:14

by SadServers 15 days ago

admin@i-09ca4fe48eca1e59f:~$ ls                                                 agent  index.html  webserver.py                                                 admin@i-09ca4fe48eca1e59f:~$ cat index.html                                     Unauthorizedadmin@i-09ca4fe48eca1e59f:~$ telnet localhost 5000                  Trying 127.0.0.1...                                                             Connected to localhost.                                                         Escape character is '^]'.                                                                                                                                       Connection closed by foreign host.                                              admin@i-09ca4fe48eca1e59f:~$ nc localhost 5000                                  GET 、                                                                           GET /                                                                           ^C                                                                              admin@i-09ca4fe48eca1e59f:~$ nc localhost 5000

paris/i-09ca4fe48eca1e59f 01:59

by SadServers 15 days ago

admin@i-01fcc0a2dcfcdf2e2:~$ ll                                                 bash: ll: command not found                                                     admin@i-01fcc0a2dcfcdf2e2:~$ ls -l                                              total 5245048                                                                   drwxr-xr-x 2 admin root       4096 Sep 17  2023 agent                           drwxr-xr-x 2 admin root       4096 Sep 17  2023 data                            -rw-r--r-- 1 root  root 5368709120 Sep 17  2023 datafile                        -rwxr-xr-x 1 admin root    2207109 Sep 17  2023 kihei                           admin@i-01fcc0a2dcfcdf2e2:~$ head ki

kihei/i-01fcc0a2dcfcdf2e2 00:16

by SadServers 15 days ago

ternal/cpu.maxExtendedFunctionInformationpath..inittaskpath.ErrBadPatterngo.itabuego.itab.*os.File,io.Writergo.itab.*strconv.NumError,errorgo.itab.*reflect.rtypag.durationValue,flag.Valuego.itab.*flag.float64Value,flag.Valuego.itab.*flag.in*flag.int64Value,flag.Valuego.itab.*flag.stringValue,flag.Valuego.itab.*flag.uin*flag.uint64Value,flag.Valuego.itab.*strings.Builder,io.Writergo.itab.*errors.ermt.wrapError,errorgo.itab.*fmt.pp,fmt.Statego.itab.*os.File,io.Readergo.itab.systab.*io/fs.PathError,errorgo.itab.*os.SyscallError,errorgo.itab.syscall.Errno,erio.Writergo.itab.*os.fileStat,io/fs.FileInfogo.itab.*io.LimitedReader,io.Readerggo.itab.*os/exec.ExitError,errorgo.itab.*os/exec.Error,errorgo.itab.*bufio.Reader.UnknownUserIdError,errorgo.itab.*internal/reflectlite.rtype,internal/reflectliizeError,errorgo.itab.*internal/fmtsort.SortedMap,sort.Interfacego.itab.runtime.t_cgo_thread_start_cgo_notify_runtime_init_done_cgo_callers_cgo_yield_cgo_mmap_cntime.mainPCgo.itab.*internal/poll.DeadlineExceededError,errorgo.itab.internal/pntime.defaultGOROOT.strruntime.buildVersion.strruntime.modinfo.strtype.*runtime.be3026ca784072:~$

kihei/i-08bbe3026ca784072 00:15

by SadServers 15 days ago

total 5245048                                                                   drwxr-xr-x 2 admin root       4096 Sep 17  2023 agent                           drwxr-xr-x 2 admin root       4096 Feb 26 00:50 data                            -rw-r--r-- 1 admin root 5368709120 Sep 17  2023 datafile                        -rwxr-xr-x 1 admin root    2207109 Sep 17  2023 kihei                           admin@i-0f9aeca12a8d8e203:~$ ./kihei datafile                                   panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-0f9aeca12a8d8e203:~$ mv datafile ..                                     mv: cannot move 'datafile' to '../datafile': Permission denied                  admin@i-0f9aeca12a8d8e203:~$ sudo mv datafile ..                                admin@i-0f9aeca12a8d8e203:~$

kihei/i-0f9aeca12a8d8e203 08:57

by SadServers 15 days ago