Using username "sasha".Authenticating with public key "rsa-key-20171101"Welc

1. Using username "sasha".
2. Authenticating with public key "rsa-key-20171101"
3. Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.13.0-32-generic x86_64)
4.  
5. * Documentation: https://help.ubuntu.com
6. * Management: https://landscape.canonical.com
7. * Support: https://ubuntu.com/advantage
8.  
9. 263 packages can be updated.
10. 138 updates are security updates.
11.  
12. Last login: Thu Mar 15 10:11:25 2018 from 10.2.64.83
13. sasha@sasha:~$ ssh -p22013 root@ptaf-kickstart-cl63.rd.ptsecurity.ru
14. The authenticity of host '[ptaf-kickstart-cl63.rd.ptsecurity.ru]:22013 ([10.0.212.25]:22013)' can't be established.
15. ECDSA key fingerprint is SHA256:+JLIQU3rjVh++J8W/+JOm8UpaNlT8FdNKJr54tzazQE.
16. Are you sure you want to continue connecting (yes/no)?
17. Host key verification failed.
18. sasha@sasha:~$ ssh -p22013 root@ptaf-kickstart-cl63.rd.ptsecurity.ru
19. The authenticity of host '[ptaf-kickstart-cl63.rd.ptsecurity.ru]:22013 ([10.0.212.25]:22013)' can't be established.
20. ECDSA key fingerprint is SHA256:+JLIQU3rjVh++J8W/+JOm8UpaNlT8FdNKJr54tzazQE.
21. Are you sure you want to continue connecting (yes/no)? y
22. Please type 'yes' or 'no': yes
23. Warning: Permanently added '[ptaf-kickstart-cl63.rd.ptsecurity.ru]:22013,[10.0.212.25]:22013' (ECDSA) to the list of known hosts.
24. root@ptaf-kickstart-cl63.rd.ptsecurity.ru's password:
25. Linux ptaf-kickstart-cl63.rd.ptsecurity.ru 3.16.0-0.bpo.4-amd64 #1 SMP Debian 3.16.39-1~bpo70+1 (2017-01-12) x86_64
26. Last login: Fri Mar 16 15:35:33 2018 from 10.0.70.43
27. root@ptaf-kickstart-cl63:~# cd
28. root@ptaf-kickstart-cl63:~# cd ..
29. root@ptaf-kickstart-cl63:/# ls
30. bin home lib32 mnt root srv var
31. boot initrd.img lib64 mnt1 run sys vmlinuz
32. dev initrd.img.old lost+found opt sbin tmp vmlinuz.old
33. etc lib media proc selinux usr
34. root@ptaf-kickstart-cl63:/# cd var/lo
35. local/ lock/ log/
36. root@ptaf-kickstart-cl63:/# cd var/lo
37. local/ lock/ log/
38. root@ptaf-kickstart-cl63:/# cd var/log/waf/
39. root@ptaf-kickstart-cl63:/var/log/waf# ls
40. access.log wafd.log waf-sync.log.2
41. arbor waf-gowaf.log waf-sync.log.3
42. backups wafml-access.log waf-sync.log.4
43. deploy waf-passive-bots.log waf-sync.log.5
44. error.log waf-sync.log waf-sync.log.6
45. forensics waf-sync.log.1 waf-sync.log.7
46. reports waf-sync.log.10 waf-sync.log.8
47. stats.log waf-sync.log.11 waf-sync.log.9
48. taperedng.log waf-sync.log.12 waf-sync-twistd.log
49. tproxy-automangle.log waf-sync.log.13 webapp-access.log
50. trainer.log waf-sync.log.14 wsc-config-commit.log
51. waf-active-bots.log waf-sync.log.15 wsc-daemon.log
52. waf-correlator.log waf-sync.log.16 wsc.log
53. waf-ddos.log waf-sync.log.17
54. wafd-helper.log waf-sync.log.18
55. root@ptaf-kickstart-cl63:/var/log/waf# less wafml-access.log
56. root@ptaf-kickstart-cl63:/var/log/waf# tmux с lua-logger: `tmux a -t lua_logger`END
57. ST@RT
58. Tue, 20 Mar 2018 12:02:14 INFO
59. POST /vulnbank/online/api.php HTTP/1.1
60. Host: 10.0.212.25
61. Connection: keep-alive
62. Content-Length: 227
63. Accept: application/json, text/javascript, */*; q=0.01
64. Origin: http://10.0.212.25
65. X-Requested-With: XMLHttpRequest
66. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36
67. Content-Type: application/x-www-form-urlencoded; charset=UTF-8
68. Referer: http://10.0.212.25/vulnbank/online/login.php
69. Accept-Encoding: gzip, deflate
70. Accept-Language: en,ru-RU;q=0.9,ru;q=0.8,en-US;q=0.7
71. Cookie: PHPSESSID=9a2kactldm2oj8a96qrldei0f6
72.  
73. type=user&action=create&username=test_username&password=1111111&firstname=test_name&lastname=test_lastname&birthdate=21-03-1990&email=email%40mail.com&phone=91111111&account=DE65407695705966244289&creditcard=4556-1237-3562-7380
74. END
75. (END)
76. [lua_logge 0:python- 1:less* "ptaf-kickstart-cl63.rd" 12:04 20-Mar-18