Credential acceptance event recorded. Target authentication: root / Password@123
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "9e2049f32433",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:50.033449Z",
"end_time": "2026-07-01T22:50:51.279919Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "Password@123"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: main
{
"id": "eb59fe5efa2b",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:45.261469Z",
"end_time": "2026-07-01T22:50:47.021683Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "main",
"pass": "12345"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: user / rootroot
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "fa67a5bca00e",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:40.358369Z",
"end_time": "2026-07-01T22:50:41.615897Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "user",
"pass": "rootroot"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Credential acceptance event recorded. Target authentication: test / 123456
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "fa5ec1656a25",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:35.488688Z",
"end_time": "2026-07-01T22:50:36.741252Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "test",
"pass": "123456"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Credential acceptance event recorded. Target authentication: deploy / password
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "b2a0f6071ea0",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:30.295511Z",
"end_time": "2026-07-01T22:50:31.568724Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "deploy",
"pass": "password"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: pi
{
"id": "1d90a6fe8589",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:25.384790Z",
"end_time": "2026-07-01T22:50:27.249445Z",
"duration": "1.9",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "pi",
"pass": "toor"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 123321
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "808980f1647a",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:20.341889Z",
"end_time": "2026-07-01T22:50:21.582521Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "123321"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: work
{
"id": "f949f0bffe34",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:15.244682Z",
"end_time": "2026-07-01T22:50:17.006168Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "work",
"pass": "work"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 0
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "efa6e3fbda1e",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:10.163895Z",
"end_time": "2026-07-01T22:50:11.302747Z",
"duration": "1.1",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "0"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: gd
{
"id": "acf506e57a2c",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:50:04.981990Z",
"end_time": "2026-07-01T22:50:06.759491Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "gd",
"pass": "gd"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: vncuser
{
"id": "0127447ba185",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:59.915631Z",
"end_time": "2026-07-01T22:50:01.686939Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "vncuser",
"pass": "vncuser"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: labuser
{
"id": "78292f98d47d",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:54.713334Z",
"end_time": "2026-07-01T22:49:56.545389Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "labuser",
"pass": "labuser"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: customer
{
"id": "f0176dff9a9e",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:49.476424Z",
"end_time": "2026-07-01T22:49:51.384053Z",
"duration": "1.9",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "customer",
"pass": "customer"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / Qq123456
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "f0abe7cf0972",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:44.030678Z",
"end_time": "2026-07-01T22:49:45.188032Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "Qq123456"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: sftpuser
{
"id": "f75187a71428",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:38.863353Z",
"end_time": "2026-07-01T22:49:40.724292Z",
"duration": "1.9",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "sftpuser",
"pass": "123"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / abc123
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "b10f66f63212",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:33.745467Z",
"end_time": "2026-07-01T22:49:34.974752Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "abc123"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: teamspeak
{
"id": "be7c2b1daa38",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:28.633412Z",
"end_time": "2026-07-01T22:49:30.399182Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "teamspeak",
"pass": "123456"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: home
{
"id": "9a28adec3fb6",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:23.472040Z",
"end_time": "2026-07-01T22:49:25.295797Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "home",
"pass": "root"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: elastic
{
"id": "51b47008da15",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:18.614406Z",
"end_time": "2026-07-01T22:49:20.383660Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "elastic",
"pass": "123456"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: rocky
{
"id": "4ab08d99f15b",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:13.689712Z",
"end_time": "2026-07-01T22:49:15.602126Z",
"duration": "1.9",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "rocky",
"pass": "1234"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: admin1
{
"id": "a65996d44b5e",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:08.914632Z",
"end_time": "2026-07-01T22:49:10.677905Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [
{
"user": "admin1",
"pass": "modzmodz"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: user / user1234
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "dc457c76b542",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:49:03.922189Z",
"end_time": "2026-07-01T22:49:05.298490Z",
"duration": "1.4",
"version": "SSH-2.0-Go",
"hassh": "0a07365cc01fa9fc82608ba4019af499",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "user",
"pass": "user1234"
},
"commands": [
"uname -s -v -n -r -m"
],
"detailed_commands": [
{
"cmd": "uname -s -v -n -r -m",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "3b120210123f",
"src_ip": "45.156.87.93",
"start_time": "2026-07-01T22:48:00.699203Z",
"end_time": "2026-07-01T22:48:08.698276Z",
"duration": "8.0",
"version": "SSH-2.0-Go",
"hassh": "084386fa7ae5039bcf6f07298a05a227",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "8cb46c5f88d8",
"src_ip": "223.83.114.88",
"start_time": "2026-07-01T22:42:16.828831Z",
"end_time": "2026-07-01T22:44:16.898883Z",
"duration": "120.1",
"version": "SSH-2.0-libssh2_1.11.1",
"hassh": null,
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 10,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "b9d45b5c7281",
"src_ip": "195.178.110.137",
"start_time": "2026-07-01T22:41:11.882766Z",
"end_time": "2026-07-01T22:41:12.026795Z",
"duration": "0.1",
"version": null,
"hassh": null,
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "ac3359bdbf34",
"src_ip": "195.178.110.137",
"start_time": "2026-07-01T22:32:33.933541Z",
"end_time": "2026-07-01T22:32:34.077505Z",
"duration": "0.1",
"version": null,
"hassh": null,
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Credential acceptance event recorded. Target authentication: root / blackcat
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "ac03f549c134",
"src_ip": "152.53.42.70",
"start_time": "2026-07-01T22:21:31.776425Z",
"end_time": "2026-07-01T22:21:32.880188Z",
"duration": "1.1",
"version": "SSH-2.0-Go",
"hassh": "16443846184eafde36765c9bab2f4397",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "blackcat"
},
"commands": [
"uname -a"
],
"detailed_commands": [
{
"cmd": "uname -a",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 100,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Credential acceptance event recorded. Target authentication: support / support
{
"id": "6c216bf9ec1a",
"src_ip": "176.53.159.196",
"start_time": "2026-07-01T22:18:34.230963Z",
"end_time": "2026-07-01T22:18:35.393965Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "eff4c24daffc8532c160e86e5f006e53",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "support",
"pass": "support"
},
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 50,
"tags": [
"SUCCESSFUL LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 54321
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "d00bef05ba6e",
"src_ip": "92.118.39.77",
"start_time": "2026-07-01T22:11:32.364578Z",
"end_time": "2026-07-01T22:11:33.624773Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "54321"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "fcfa867d9448",
"src_ip": "45.148.10.157",
"start_time": "2026-07-01T22:06:56.160385Z",
"end_time": "2026-07-01T22:06:56.911090Z",
"duration": "0.7",
"version": "SSH-2.0-PUTTY",
"hassh": "5bd26477da5440a6187bd3f1b39a429c",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: international
{
"id": "5b16b0e456a3",
"src_ip": "61.43.121.132",
"start_time": "2026-07-01T22:05:28.422160Z",
"end_time": "2026-07-01T22:05:30.355965Z",
"duration": "1.9",
"version": "SSH-2.0-libssh_0.9.6",
"hassh": "f555226df1963d1d3c09daf865abdc9a",
"attempts": [
{
"user": "international",
"pass": "123456"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 4321
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "08a426714feb",
"src_ip": "92.118.39.77",
"start_time": "2026-07-01T22:05:09.863352Z",
"end_time": "2026-07-01T22:05:11.138531Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "4321"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "8409dfc342a9",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:10.389191Z",
"end_time": "2026-07-01T22:04:10.473293Z",
"duration": "0.1",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "0c4e72d982c9",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:09.463091Z",
"end_time": "2026-07-01T22:04:10.348940Z",
"duration": "0.9",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "7ce774a87417",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:09.005388Z",
"end_time": "2026-07-01T22:04:09.229812Z",
"duration": "0.2",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "87476b88e15e",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:08.051904Z",
"end_time": "2026-07-01T22:04:08.690248Z",
"duration": "0.6",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "1ed333ab6ea1",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:07.911079Z",
"end_time": "2026-07-01T22:04:07.994477Z",
"duration": "0.1",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "490420a58caa",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:07.048727Z",
"end_time": "2026-07-01T22:04:07.744973Z",
"duration": "0.7",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "b0b839d97388",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:06.516154Z",
"end_time": "2026-07-01T22:04:07.008384Z",
"duration": "0.5",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "97b13ea18ddf",
"src_ip": "34.222.65.186",
"start_time": "2026-07-01T22:04:06.045866Z",
"end_time": "2026-07-01T22:04:06.475610Z",
"duration": "0.4",
"version": "SSH-2.0-paramiko_3.4.1",
"hassh": "87e3d9ffee0540b0390f8a5b9c343c08",
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: honda
{
"id": "309d3072b176",
"src_ip": "61.43.121.132",
"start_time": "2026-07-01T22:03:00.789292Z",
"end_time": "2026-07-01T22:03:02.720498Z",
"duration": "1.9",
"version": "SSH-2.0-libssh_0.9.6",
"hassh": "f555226df1963d1d3c09daf865abdc9a",
"attempts": [
{
"user": "honda",
"pass": "honda"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: oec
{
"id": "bab1c4c1a72e",
"src_ip": "61.43.121.132",
"start_time": "2026-07-01T22:00:40.922496Z",
"end_time": "2026-07-01T22:00:42.885011Z",
"duration": "2.0",
"version": "SSH-2.0-libssh_0.9.6",
"hassh": "f555226df1963d1d3c09daf865abdc9a",
"attempts": [
{
"user": "oec",
"pass": "123456"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 321
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "e827b70ccf46",
"src_ip": "92.118.39.77",
"start_time": "2026-07-01T22:00:00.790271Z",
"end_time": "2026-07-01T22:00:01.993568Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "321"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Autonomous probing activity normalized. Remote entity established connection but deferred authentication.
{
"id": "0901c5b21034",
"src_ip": "192.168.0.1",
"start_time": "2026-07-01T21:56:55.865382Z",
"end_time": "2026-07-01T21:56:55.875799Z",
"duration": "0.0",
"version": null,
"hassh": null,
"attempts": [],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": []
}Credential acceptance event recorded. Target authentication: root / 21
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "f7007e774dfe",
"src_ip": "92.118.39.77",
"start_time": "2026-07-01T21:56:41.159569Z",
"end_time": "2026-07-01T21:56:42.588654Z",
"duration": "1.4",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "21"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: mails
{
"id": "804a77a41b08",
"src_ip": "61.43.121.132",
"start_time": "2026-07-01T21:55:45.042181Z",
"end_time": "2026-07-01T21:55:47.052541Z",
"duration": "2.0",
"version": "SSH-2.0-libssh_0.9.6",
"hassh": "f555226df1963d1d3c09daf865abdc9a",
"attempts": [
{
"user": "mails",
"pass": "mails123"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 123qwerty
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "9147379ed032",
"src_ip": "92.118.39.77",
"start_time": "2026-07-01T21:54:09.027035Z",
"end_time": "2026-07-01T21:54:10.786416Z",
"duration": "1.8",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "123qwerty"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}Credential acceptance event recorded. Target authentication: root / 123456aA@
Remote entity achieved interactive shell state. Command sequence (1 executed):
{
"id": "6021ee61e3fb",
"src_ip": "185.242.3.195",
"start_time": "2026-07-01T21:53:41.586855Z",
"end_time": "2026-07-01T21:53:42.764631Z",
"duration": "1.2",
"version": "SSH-2.0-Go",
"hassh": "16443846184eafde36765c9bab2f4397",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "123456aA@"
},
"commands": [
"echo OK"
],
"detailed_commands": [
{
"cmd": "echo OK",
"failed": false,
"error": null
}
],
"failed_commands": [],
"score": 80,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN"
]
}Unauthorized authentication attempt escalated. Dictionary traversal detected (1 distinct queries). Vector identities: ayuda
{
"id": "14f1f146a40c",
"src_ip": "61.43.121.132",
"start_time": "2026-07-01T21:53:20.804372Z",
"end_time": "2026-07-01T21:53:22.752413Z",
"duration": "1.9",
"version": "SSH-2.0-libssh_0.9.6",
"hassh": "f555226df1963d1d3c09daf865abdc9a",
"attempts": [
{
"user": "ayuda",
"pass": "ayuda123"
}
],
"success_login": false,
"success_credential": null,
"commands": [],
"detailed_commands": [],
"failed_commands": [],
"score": 0,
"tags": [
"FAILED LOGIN"
]
}Credential acceptance event recorded. Target authentication: root / 12345
Remote entity achieved interactive shell state. Command sequence (9 executed):
{
"id": "71f149fd5d80",
"src_ip": "91.92.40.176",
"start_time": "2026-07-01T21:53:07.732567Z",
"end_time": "2026-07-01T21:53:09.027589Z",
"duration": "1.3",
"version": "SSH-2.0-Go",
"hassh": "2ec37a7cc8daf20b10e1ad6221061ca5",
"attempts": [],
"success_login": true,
"success_credential": {
"user": "root",
"pass": "12345"
},
"commands": [
"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"uname -s -v -n -m 2 > /dev/null",
"/bin/uname -s -v -n -m 2 > /dev/null",
"/usr/bin/uname -s -v -n -m 2 > /dev/null",
"busybox uname -s -v -n -m 2 > /dev/null",
"( [ -f /proc/version ]",
"[ -f /proc/version ]",
"head -1 /proc/version | cut -d -f1",
"[ -f /etc/os-release ]"
],
"detailed_commands": [
{
"cmd": "export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH; uname=$(uname -s -v -n -m 2>/dev/null || /bin/uname -s -v -n -m 2>/dev/null || /usr/bin/uname -s -v -n -m 2>/dev/null || busybox uname -s -v -n -m 2>/dev/null || ( [ -f /proc/version ] && head -1 /proc/version | cut -d' ' -f1 ) || ( [ -f /etc/os-release ] && grep '^ID=' /etc/os-release | cut -d= -f2 | tr -d '\"' ) || echo \"\"); arch=$(uname -m 2>/dev/null || /bin/uname -m 2>/dev/null || /usr/bin/uname -m 2>/dev/null || busybox uname -m 2>/dev/null || ( [ -f /proc/cpuinfo ] && grep -q \"lm\" /proc/cpuinfo && echo x86_64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 8\" /proc/cpuinfo && echo aarch64 ) || ( [ -f /proc/cpuinfo ] && grep -q \"CPU architecture: 7\" /proc/cpuinfo && echo armv7l ) || echo \"\"); uptime=$(cat /proc/uptime 2>/dev/null || busybox cat /proc/uptime 2>/dev/null); cpus=$(nproc 2>/dev/null || /usr/bin/nproc 2>/dev/null || busybox nproc 2>/dev/null || grep -c \"^processor\" /proc/cpuinfo 2>/dev/null); cpu_model=$( { grep -m1 -E \"model name|Hardware\" /proc/cpuinfo 2>/dev/null; lscpu 2>/dev/null | grep \"Model name\"; dmidecode -s processor-version 2>/dev/null; uname -p 2>/dev/null; busybox uname -p 2>/dev/null; } ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia; busybox lspci 2>/dev/null | grep -i vga; busybox lspci 2>/dev/null | grep -i nvidia) 2>/dev/null ); last_output=$(last 2>/dev/null); filter_output=$( ( export LANG=C LC_ALL=C; echo '===SHELL_BEHAVIOR==='; printf 'path_err='; ( ./xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; printf 'cmd_err='; ( xxxxxx 2>&1 || true ) | head -c 250; printf '\\n'; echo '===DONE===' ) 2>&1 ); echo \"UNAME:$uname\"; echo \"ARCH:$arch\"; echo \"UPTIME:$uptime\"; echo \"CPUS:$cpus\"; echo \"CPU_MODEL:$cpu_model\"; echo \"GPU:$gpu_info\"; echo \"LAST:$last_output\"; echo \"FILTER:$filter_output\"",
"failed": false,
"error": null
},
{
"cmd": "uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/bin/uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "/usr/bin/uname -s -v -n -m 2 > /dev/null",
"failed": true,
"error": "Command not found: /usr/bin/uname -s -v -n -m"
},
{
"cmd": "busybox uname -s -v -n -m 2 > /dev/null",
"failed": false,
"error": null
},
{
"cmd": "( [ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "[ -f /proc/version ]",
"failed": false,
"error": null
},
{
"cmd": "head -1 /proc/version | cut -d -f1",
"failed": false,
"error": null
},
{
"cmd": "[ -f /etc/os-release ]",
"failed": false,
"error": null
}
],
"failed_commands": [
"/usr/bin/uname -s -v -n -m"
],
"score": 200,
"tags": [
"SUCCESSFUL LOGIN",
"COMMANDS RUN",
"RECONNAISSANCE"
]
}