paris/i-008ec799d95ca98b2
by SadServersMore by SadServers
admin@i-0ce4088ffc36025b0:~$ sudo netstat -ntlup We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for admin: Sorry, try again. [sudo] password for admin: sudo: 1 incorrect password attempt admin@i-0ce4088ffc36025b0:~$ ^C admin@i-0ce4088ffc36025b0:~$
paris/i-0ce4088ffc36025b0 01:09
by SadServersmodprobe.d pam.conf rc0.d rsyslog.conf skel sysctl.confapparmor.d cron.daily e2scrub.conf gshadow issue modules pam.d rc1.d rsyslog.d ssh sysctl.d apt cron.hourly environment gshadow- issue.n modules-load.d passwd rc2.d runit ssl systemd bash.bashrc cron.monthly ethertypes gss kernel motd passwd- rc3.d sadscenario subgid terminfo bash_completion cron.weekly fonts host.conf kernel- mtab perl rc4.d screenrc subgid- timezone bindresvport.blacklist crontab fstab hostname ld.so.c nanorc pm rc5.d security subuid tmpfiles.d binfmt.d dbus-1 fstab.old hosts ld.so.c netconfig ppp rc6.d selinux subuid- ucf.conf admin@i-0d57ae06890a9cfc8:/etc$ cd admin@i-0d57ae06890a9cfc8:~$
paris/i-0d57ae06890a9cfc8 05:22
by SadServersadmin@i-09ca4fe48eca1e59f:~$ ls agent index.html webserver.py admin@i-09ca4fe48eca1e59f:~$ cat index.html Unauthorizedadmin@i-09ca4fe48eca1e59f:~$ telnet localhost 5000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. admin@i-09ca4fe48eca1e59f:~$ nc localhost 5000 GET 、 GET / ^C admin@i-09ca4fe48eca1e59f:~$ nc localhost 5000
paris/i-09ca4fe48eca1e59f 01:59
by SadServersudp UNCONN 0 0 127.0.0.1:323 0.0.udp UNCONN 0 0 0.0.0.0:68 0.0.udp UNCONN 0 0 [fe80::8a8:d3ff:fe19:c113]%ens5:546 [udp UNCONN 0 0 [::1]:323 [tcp LISTEN 0 511 0.0.0.0:80 0.0.tcp LISTEN 0 128 0.0.0.0:22 0.0.tcp LISTEN 0 4096 *:6767 tcp LISTEN 0 511 [::]:80 [tcp LISTEN 0 4096 *:8080 tcp LISTEN 0 128 [::]:22 [admin@i-0fe60fd5038ba7352:/etc$ ls -l /proc/511/cmd ls: cannot access '/proc/511/cmd': No such file or directory admin@i-0fe60fd5038ba7352:/etc$ curl http://localhost:80 curl: (7) Failed to connect to localhost port 80: Connection refused admin@i-0fe60fd5038ba7352:/etc$ echonc -u