command-line-murders/i-07b6e52854089d837

by SadServers 1 year ago

GNU/Linux ◆ xterm-256color ◆ bash 462 views

More by SadServers

admin        681  0.0  0.9   6740  4532 pts/0    S<s+ 17:03   0:00 bash -l      admin        685  0.0  4.1  98188 19252 pts/0    R<l+ 17:03   0:00 /usr/bin/pythadmin        688  0.0  3.0  24456 14384 pts/0    S<+  17:03   0:00 /usr/bin/pythadmin        689  0.0  0.1   2480   572 pts/1    S<s  17:03   0:00 sh -c /bin/baadmin        690  0.0  1.0   6952  4716 pts/1    S<   17:03   0:00 /bin/bash    admin        834  0.0  0.6   8648  3240 pts/1    R<+  17:07   0:00 ps -aux      admin@i-0855e77fc64d64a54:~$ cat /home/admin/webserver                          cat: /home/admin/webserver: No such file or directory                           admin@i-0855e77fc64d64a54:~$ ls /home/admin/                                    agent  webserver.py                                                             admin@i-0855e77fc64d64a54:~$ cat /home/admin/webserver.py                       cat: /home/admin/webserver.py: Permission denied                                admin@i-0855e77fc64d64a54:~$ ls -l /home/admin/webserver.py                     -rwxrwx--- 1 root root 360 Sep 24  2023 /home/admin/webserver.py                admin@i-0855e77fc64d64a54:~$

paris/i-0855e77fc64d64a54 02:42

by SadServers 2 months ago

le="unconfined" name="man_filter" pid=355 comm="apparmor_parser"                [    4.838571] audit: type=1400 audit(1703061908.844:6): apparmor="STATUS" operale="unconfined" name="man_groff" pid=355 comm="apparmor_parser"                                                                                                 [    4.854310] audit: type=1400 audit(1703061908.884:7): apparmor="STATUS" operale="unconfined" name="lsb_release" pid=356 comm="apparmor_parser"               [    4.869891] audit: type=1400 audit(1703061908.892:8): apparmor="STATUS" operale="unconfined" name="tcpdump" pid=357 comm="apparmor_parser"                   [    4.885181] audit: type=1400 audit(1703061908.908:9): apparmor="STATUS" operale="unconfined" name="/usr/sbin/chronyd" pid=358 comm="apparmor_parser"         [   56.344814] IPv6: ADDRCONF(NETDEV_CHANGE): ens5: link becomes ready          [   58.685545] device-mapper: uevent: version 1.0.3                             [   58.690960] device-mapper: ioctl: 4.43.0-ioctl (2020-10-01) initialised: dm-dadmin@i-0934faf01c3d7420c:~$ vim /home/admin/kihei                              root@i-0934faf01c3d7420c:/home/admin# tar czf datafile > /tmp/datafile.tar.gz

kihei/i-0934faf01c3d7420c 04:53

by SadServers 1 year ago

check.sh  sadagent  sadagent.txt                                                admin@i-0ab194c05dd4494ba:~/agent$ cd sadagent                                  bash: cd: sadagent: Not a directory                                             admin@i-0ab194c05dd4494ba:~/agent$ less sadagent                                "sadagent" may be a binary file.  See it anyway?                                admin@i-0ab194c05dd4494ba:~/agent$ ls                                           check.sh  sadagent  sadagent.txt                                                admin@i-0ab194c05dd4494ba:~/agent$ cd ..                                        admin@i-0ab194c05dd4494ba:~$ ls                                                 agent  clmystery  mysolution                                                    admin@i-0ab194c05dd4494ba:~$ cd clmystery                                       admin@i-0ab194c05dd4494ba:~/clmystery$ ls                                       LICENSE.md  README.md  cheatsheet.md  cheatsheet.pdf  hint1  hint2  hint3  hint4admin@i-0ab194c05dd4494ba:~/clmystery$ less cheatsheet.pdf                      admin@i-0ab194c05dd4494ba:~/clmystery$ less

command-line-murders/i-0ab194c05dd4494ba 03:08

by SadServers 1 year ago

message+     560  0.0  0.7   7864  3680 ?        Ss   15:01   0:00 /usr/bin/dbuss=systemd: --nofork --nopidfile --systemd-activation                            root         562  0.0  0.9 220796  4308 ?        Ssl  15:01   0:00 /usr/sbin/rsyroot         569  0.0  1.4  13500  6580 ?        Ss   15:01   0:00 /lib/systemd/root         575  0.1  0.3   2872  1684 tty1     Ss+  15:01   0:00 /sbin/agetty 1 linux                                                                         root         577  0.0  0.4   4396  2104 ttyS0    Ss+  15:01   0:00 /sbin/agetty 15200,57600,38400,9600 ttyS0 vt220                                              root         578  0.0  1.5  13348  7196 ?        Ss   15:01   0:00 sshd: /usr/sbf 10-100 startups                                                               root         585  0.0  3.6  26612 17240 ?        Ss   15:01   0:00 /usr/bin/pyth-upgrades/unattended-upgrade-shutdown --wait-for-sign                           _chrony      586  0.0  0.7  10856  3616 ?        S    15:01   0:00 /usr/sbin/chr_chrony      587  0.0  0.1  10724   552 ?        S    15:01   0:00  \_ /usr/sbinadmin@i-0e32b87ce506c1530:~$ ps faxu | grep ki

kihei/i-0e32b87ce506c1530 00:47

by SadServers 1 year ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay this recording in your terminal with asciinema play command:

asciinema play 340.cast

If you don't have asciinema cli installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from player's releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '340.cast',
      document.getElementById('player'),
      { cols: 105, rows: 41 }
    );
  </script>
</body>
</html>

See asciinema player README for full usage instructions.