SadServers Joined on September 10, 2023

  R                    Repaint screen, discarding buffered input.                       ---------------------------------------------------                             Default "window" is the screen height.                                          Default "half-window" is half of the screen height.                      ---------------------------------------------------------------------------                                                                                                              SEARCHING                                                                                                                               /pattern          *  Search forward for (N-th) matching line.                   ?pattern          *  Search backward for (N-th) matching line.                  n                 *  Repeat previous search (for N-th occurrence).              N                 *  Repeat previous search in reverse direction.               ESC-n             *  Repeat previous search, spanning files.                    ESC-N             *  Repeat previous search, reverse dir. & spanning files.   HELP -- Press RETURN for more, or q when done                                   

nt/         webserver.py                                                        admin@i-051f7c5ffc2106615:~$ sudo user                                                                                                                          We trust you have received the usual lecture from the local System              Administrator. It usually boils down to these three things:                                                                                                         #1) Respect the privacy of others.                                              #2) Think before you type.                                                      #3) With great power comes great responsibility.                                                                                                            [sudo] password for admin:                                                      Sorry, try again.                                                               [sudo] password for admin:                                                      sudo: 1 incorrect password attempt                                              admin@i-051f7c5ffc2106615:~$ vim                                                

0021ace0  6e 65 45 78 63 65 65 64  65 64 45 72 72 6f 72 2c  |neExceededError,|  0021acf0  65 72 72 6f 72 00 67 6f  2e 69 74 61 62 2e 69 6e  |error.go.itab.in|  0021ad00  74 65 72 6e 61 6c 2f 70  6f 6c 6c 2e 65 72 72 4e  |ternal/poll.errN|  0021ad10  65 74 43 6c 6f 73 69 6e  67 2c 65 72 72 6f 72 00  |etClosing,error.|  0021ad20  72 75 6e 74 69 6d 65 2e  64 65 66 61 75 6c 74 47  |runtime.defaultG|  0021ad30  4f 52 4f 4f 54 2e 73 74  72 00 72 75 6e 74 69 6d  |OROOT.str.runtim|  0021ad40  65 2e 62 75 69 6c 64 56  65 72 73 69 6f 6e 2e 73  |e.buildVersion.s|  0021ad50  74 72 00 72 75 6e 74 69  6d 65 2e 6d 6f 64 69 6e  |tr.runtime.modin|  0021ad60  66 6f 2e 73 74 72 00 74  79 70 65 2e 2a 00 72 75  |fo.str.type.*.ru|  0021ad70  6e 74 69 6d 65 2e 74 65  78 74 73 65 63 74 69 6f  |ntime.textsectio|  0021ad80  6e 6d 61 70 00                                    |nmap.|             0021ad85                                                                        admin@i-01aeb2c22dddf5e3e:~$ strings ./kihei                                    bash: strings: command not found                                                admin@i-01aeb2c22dddf5e3e:~$ reade                                              

admin        801  0.0  4.1  98188 19424 pts/0    S<l+ 10:11   0:00 /usr/bin/pythec -t kihei/i-025570eb46de4c5ab -q -i 2 /var/log/cast/i-025570eb46de4c5ab       admin        804  0.0  3.0  24456 14368 pts/0    S<+  10:11   0:00 /usr/bin/pythec -t kihei/i-025570eb46de4c5ab -q -i 2 /var/log/cast/i-025570eb46de4c5ab       admin        953  0.0  0.1   5264   640 pts/1    S<+  10:16   0:00 grep kihei   admin@i-025570eb46de4c5ab:~$ kill 801                                           admin@i-025570eb46de4c5ab:~$ ps aux | grep kihei                                admin        987  2.0  4.1  98188 19436 pts/0    S<l+ 10:16   0:00 /usr/bin/pythec -t kihei/i-025570eb46de4c5ab --append -q -i 2 /var/log/cast/i-025570eb46de4c5admin        990  0.0  3.1  24456 14872 pts/0    S<+  10:16   0:00 /usr/bin/pythec -t kihei/i-025570eb46de4c5ab --append -q -i 2 /var/log/cast/i-025570eb46de4c5admin        996  0.0  0.1   5264   640 pts/1    S<+  10:16   0:00 grep kihei   admin@i-025570eb46de4c5ab:~$ ls -al /var/log/cast/i-025570eb46de4c5ab           -rw-r--r-- 1 admin admin 19241 Nov  5 10:17 /var/log/cast/i-025570eb46de4c5ab   admin@i-025570eb46de4c5ab:~$ l /var/log/cast/i-025570eb46de4c5ab                

admin@i-082a10ed701b98ae6:~$ /home/admin/kihei                                  panic: exit status 1                                                                                                                                            goroutine 1 [running]:                                                          main.main()                                                                             ./main.go:64 +0x47d                                                     admin@i-082a10ed701b98ae6:~$ df -h                                              Filesystem       Size  Used Avail Use% Mounted on                               udev             217M     0  217M   0% /dev                                     tmpfs             46M  368K   46M   1% /run                                     /dev/nvme0n1p1   7.7G  6.1G  1.2G  84% /                                        tmpfs            228M   12K  228M   1% /dev/shm                                 tmpfs            5.0M     0  5.0M   0% /run/lock                                /dev/nvme0n1p15  124M  5.9M  118M   5% /boot/efi                                admin@i-082a10ed701b98ae6:~$                                                    

drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-06c820ab5c704e842:~$ less webserver.py                                  webserver.py: Permission denied                                                 admin@i-06c820ab5c704e842:~$ cat webserver.py                                   cat: webserver.py: Permission denied                                            admin@i-06c820ab5c704e842:~$ strace /home/admin/webserver.py                    execve("/home/admin/webserver.py", ["/home/admin/webserver.py"], 0x7ffd151c1ec0 ES (Permission denied)                                                          strace: exec: Permission denied                                                 +++ exited with 1 +++                                                           admin@i-06c820ab5c704e842:~$ ctrace /home/admin/webserver.py                    bash: ctrace: command not found                                                 admin@i-06c820ab5c704e842:~$                                                    

asciinema 1021 admin  mem    REG  259,1   149520  15088 /usr/lib/x86_64-linux-gnasciinema 1021 admin  mem    REG  259,1    14536 132274 /usr/lib/python3.9/lib-dx86_64-linux-gnu.so                                                             asciinema 1021 admin  mem    REG  259,1   177928     13 /usr/lib/x86_64-linux-gnasciinema 1021 admin  DEL    REG   0,23               2 /dev/shm/Ovvy0c         asciinema 1021 admin    0u   CHR  136,0      0t0      3 /dev/pts/0              asciinema 1021 admin    1u   CHR  136,0      0t0      3 /dev/pts/0              asciinema 1021 admin    2u   CHR  136,0      0t0      3 /dev/pts/0              asciinema 1021 admin    3r  FIFO   0,11      0t0  12195 pipe                    asciinema 1021 admin    4w  FIFO   0,11      0t0  12195 pipe                    asciinema 1021 admin    5r   CHR    1,3      0t0      4 /dev/null               asciinema 1021 admin    6w  FIFO   0,11      0t0  12196 pipe                    asciinema 1021 admin    7r  FIFO   0,11      0t0  12197 pipe                    asciinema 1021 admin    8w   REG  259,1     9550 264863 /var/log/cast/i-09d7e7d9admin@i-09d7e7d93e5a6dcdb:~$ less /var/log/cast/i-09d7e7d93e5a6dcdb             

  --privileged: Assume that the user is fully privileged                          --unprivileged: Assume the user lacks raw socket privileges                     -V: Print version number                                                        -h: Print this help summary page.                                             EXAMPLES:                                                                         nmap -v -A scanme.nmap.org                                                      nmap -v -sn 192.168.0.0/16 10.0.0.0/8                                           nmap -v -iR 10000 -Pn -p 80                                                   SEE THE MAN PAGE (https://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES admin@i-01a29057fe7aae69b:~$ nmap -A localhost:5000                             Starting Nmap 7.80 ( https://nmap.org ) at 2024-11-04 04:09 UTC                 Failed to resolve "localhost:5000".                                             WARNING: No targets were specified, so 0 hosts scanned.                         Nmap done: 0 IP addresses (0 hosts up) scanned in 0.65 seconds                  admin@i-01a29057fe7aae69b:~$                                                    

total 44                                                                        drwxr-xr-x 6 admin admin 4096 Sep 24  2023 .                                    drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             -rw------- 1 admin admin  379 Nov  4 03:55 .bash_history                        -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-0462cf041b08d8861:~$ chown -R admin:admin /home/admin/                  chown: changing ownership of '/home/admin/webserver.py': Operation not permittedadmin@i-0462cf041b08d8861:~$ curl http                                          

drwxr-xr-x 6 admin admin 4096 Nov  4 03:11 .                                    drwxr-xr-x 3 root  root  4096 Sep 17  2023 ..                                   drwx------ 3 admin admin 4096 Sep 20  2023 .ansible                             -rw------- 1 admin admin  448 Nov  4 03:13 .bash_history                        -rw-r--r-- 1 admin admin  220 Aug  4  2021 .bash_logout                         -rw-r--r-- 1 admin admin 3526 Aug  4  2021 .bashrc                              drwxr-xr-x 3 admin admin 4096 Sep 20  2023 .config                              -rw-r--r-- 1 admin admin  807 Aug  4  2021 .profile                             drwx------ 2 admin admin 4096 Sep 17  2023 .ssh                                 -rw------- 1 admin admin 1232 Nov  4 03:11 .viminfo                             drwxr-xr-x 2 admin root  4096 Sep 24  2023 agent                                -rwxrwx--- 1 root  root   360 Sep 24  2023 webserver.py                         admin@i-0ae37c2b2950f7142:~$ visudo                                             visudo: /etc/sudoers: Permission denied                                         admin@i-0ae37c2b2950f7142:~$                                                    

admin@i-085653597bb6a4090:~$ curl localhost:5000                                Unauthorizedadmin@i-085653597bb6a4090:~$ curl localhost:5000                    

root@i-0df2d9e82ec0588c0:~# vgcreate backup /dev/nvme1n1p1 /dev/nvme2n1p1         Volume group "backup" successfully created                                    root@i-0df2d9e82ec0588c0:~# vgs                                                   VG     #PV #LV #SN Attr   VSize VFree                                           backup   2   0   0 wz--n- 1.99g 1.99g                                         root@i-0df2d9e82ec0588c0:~# df -hT                                              Filesystem      Type      Size  Used Avail Use% Mounted on                      udev            devtmpfs  217M     0  217M   0% /dev                            tmpfs           tmpfs      46M  392K   46M   1% /run                            /dev/nvme0n1p1  ext4      7.7G  6.1G  1.2G  84% /                               tmpfs           tmpfs     228M   24K  228M   1% /dev/shm                        tmpfs           tmpfs     5.0M     0  5.0M   0% /run/lock                       /dev/nvme0n1p15 vfat      124M  5.9M  118M   5% /boot/efi                       tmpfs           tmpfs      46M     0   46M   0% /run/user/0                     root@i-0df2d9e82ec0588c0:~# mkfs.ext                                            

lsof      1008                   1000  mem       REG              259,1   149520inux-gnu/libpthread-2.31.so                                                     lsof      1008                   1000  mem       REG              259,1    18688inux-gnu/libdl-2.31.so                                                          lsof      1008                   1000  mem       REG              259,1   617128inux-gnu/libpcre2-8.so.0.10.1                                                   lsof      1008                   1000  mem       REG              259,1  1901536inux-gnu/libc-2.31.so                                                           lsof      1008                   1000  mem       REG              259,1   166120inux-gnu/libselinux.so.1                                                        lsof      1008                   1000  mem       REG              259,1   177928inux-gnu/ld-2.31.so                                                             lsof      1008                   1000    4r     FIFO               0,11      0t0lsof      1008                   1000    7w     FIFO               0,11      0t0admin@i-096a29f104e7847fe:~$ lsof -i                                            

admin@i-0a0425e08d1f07658:~$ strace -ff -y