Many of us need to clear our tracks and logs after
hacking a server or penetration testing. Keeping
this in mind, b0nd bro from Hackers Garage has
coded a script in bash to earse logs and traces left
on a Linux machine while or after compromising it.
Site:
Features in ver 0.2:
- Script has been redesigned from scratch. It’s more customizable now. Pay attention to the global variables declared and initialized at the top of code.
- Non-interactive script: The interactive features might be painful on a remote connect or reverse shell.
- Included features to Erase user activity logs from logs files (wtmp, utmp, lastlog etc)
- Fetch the IP, spoof_ip, and user name to it. The
script will take care to remove all entries of them
from “editable” ascii files and would spoof all of
them in binary files. - Fixed the error in deleting the log entries for the web back door shell from web logs.
- Restore the time stamping for all the log files
which have been accessed and edited. - Get some basic system info
- Verify-IP: To inform user if by mistake he has
entered invalid IP (It includes 3 different checks on user input)
This time, script being non-interactive, please play
safe. The script is ready to go and can be used in
your ventures! Couple more things are running in back of my mind for the same concept. I will try to incorporate them soon in the existing code. Screen shots:
Download it from here:
No comments:
Post a Comment