Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Project: Linux Log Eraser v0.2 Share/Save - My123World.Com!

  1. #11
    Network Security Administrator Hackuin's Avatar
    Join Date
    Apr 2011
    Location
    10011001 10011001
    Posts
    104
    Quote Originally Posted by b0nd View Post
    I would refrain from doing that. Two arrays have been declared; user with 1 ounce of brain shall be able to comment/uncomment or add in new log file. User would just need to customize it once per the scenario.
    Actually, people running *nix, have little sense of manipulating scripts no doubt about that. I was pointing at standards, we all know, we shall keep the script as simple as possible for end-user. We should not consider the end-user either a idiot/dumb at IT nor should be consider them being a professional at IT.
    If the 1 ounce user have a brain, then why did you made verify_ip() those all checks? doesn't this 1 ounce user know how to type IP Address? or You could have just echoed, something like, echo -e "IP example: 192.168.1.12" , Main intension of making scripts is to make things simple and/or at end-usage. :] I hope you got my point. But, agree or little biased towards your refrain with the dumb-tards, who have no-idea and try to experiment thing in there offices, lolz, that will surely bring him/her to ironic situations.
    Even more, if you have intension's of user to manipulate the script, as do our script has a large number of functions. Just create library and source in the script. So, even the user manipulates the script, it doesn't effect any of the function we use. Just an idea, not useful though, but if the actual script meant to be edited/manipulated, this is quite safer method.

    Quote Originally Posted by b0nd View Post
    Could you please be more specific here with some practical example?
    What actually I meant by that is: what does our fuck_logs_files() does?
    It determines all the log-files and erase them, that is what I told, of about STDIN, consider, I have no problem with other files, except one particular file, say wtmp and I just want to erase this particular file, and don't want to erase anyof the other log files. Our function doesn't do it, it just finds ALL the log files on system and erases them. Yep, we can only specify "wtmp" file in our array, and it does, but, it becomes one feature at one time scenario. That the reason I told to get a user input file and do thing according to the desire function of the user. Like in my case, I just wanted to erase "wtmp" file, I run our shell script, I pass "wtmp", it locates and erases it. Simple.
    So is the reason, I was objecting to restrict user to manipulate the script itself. :]


    Code:
    #!/bin/bash
    
    #: Just an example to erase the particular user defined file
    
    user_specified_erases()
    {
    CH_DIR=/var/log
    read FILE
    
    #: As we know all the log-files are lowercase file, if the user specified a uppercase file
    #:+ name, or mixed character locate fails.
    #: function to read the input of end-user and convert it to lower-case.
    
    FILE=`echo ${FILE,,}`
    
    #: However, we know the log files are located in /var/logs/
    #: We cange to log directory
    cd $CH_DIR 2>/dev/null	#: If any error while changing directory.
    
    if [ "$PWD" != "$CH_DIR" ]
    then
    	echo "Cannot change directory!!";
    	exit 1
    fi
    
    #: Check weather the file exists?
    
    file $FILE >/dev/null
    
    if [ "$?" != 0 ]
    then
    	echo "File does not exist";
    	exit 1
    else
    	:>$FILE
    fi
    }
    
    #: function calling, and 0bviously can make more user-friendly messages.
    user_specified_erases
    So either place the function in the library or use it and place another parameter/option like "-E" which leads to, if a user specified a -E option it prompts user to supply a file name which he/she wants to erase. :]

    Quote Originally Posted by b0nd View Post
    How?
    Ether with
    Code:
    #!/bin/bash
    #: Description: Forcing user to be a root or Displaying the message to end-users to become root.
    
    __rootUid=0       #: As we know the user ID of root is 0
    
    if [ "$UID" -ne "$__rootUid" ]	 #: Please use desired STDOUT message for end-user.
     then
     printf "%s\n" "Cannot run script: Permission denied." "Please be root to use this script".
     exit 1
    fi
    or

    Code:
    #!/bin/bash
    #: Description: Forcing user to be a root or Displaying the message to end-users to become root.
    if [ "$(whoami)" != "root" ] ; then
    printf "%s\n" "Cannot run script: Permission denied." "Please be root to use this script". >&2
      exit 1
    fi
    -Hackuin.
    "Free software" is a matter of liberty, not price. To understand the concept, you should think of "free" as in "free speech," not as in "free beer."
    "Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the answer."
    "Ubuntu - Linux For Human Beings."

    Currently reading books:
    Integrating Forensic Investigation Methodology into eDiscovery -- by Colin Chisholm.
    Digital Forensics with Open Source Toolss -- by Cory Altheide && Harlan Carvey.

  2. #12
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Hey Hackuin,
    Thanks for taking out your time for analyzing the script and for the good feedbacks.

    As per you suggestions:
    1. A separate file has been sourced containing the arrays of log files. So whenever any editing is needed, the main source files and it's functions are safe.

    2. Restricted the checks to verify "root" privileges, only UID and EUID would be verified:
    Code:
    if [ "$UID" != "0" ]
    then
    	if [ "$EUID" != "0" ]
    	then
    		echo -e "\n[*] Cannot run script: Permission denied." "Please be root to use this script".
    		call_exit
    	fi
    fi
    Apart from those amendments, a new feature has been added which would help the user to execute the script with less pain (the manual efforts)

    Running with that parameter, user would be presented with following two information's:
    1. The various log files (/var/log/*) in which his IP has been found. So from the result, if he sees any log file which is not in the list of default log files in script, he can add the new one into the list before editing the files.
    2. Search all log files (/var/log/*) and present top 30 IP's with most occurrences in the log files. This would help the user to pick up any suitable one for spoofing his IP.

    [*] TOP 30 IP's Found in log files:

    2278 times -----> 255.255.255.255
    126 times -----> 127.0.0.1
    104 times -----> 192.168.1.1
    96 times -----> 192.168.1.7
    90 times -----> 192.168.1.5
    .... upto 30 entries
    Any further comments guys?

    Rgds
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  3. #13

    Lightbulb cleaning history

    Thanks to b0nd for this script. nicely taken care of binary log files. history -c , -w OR clearing lines from .bash_history would be plus.

    As added feature, would be great if script can take care of history commands as well. I suppose, sysadmins will find someone did something nasty on machine if history is not cleaned.
    Regards,
    __yum__
    If someone isn't working, did you tried restarting it?

  4. #14
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Hey, thanks for the input. It's hard for me to recall scripts features now. What I remember is - I coded v0.3 of it and it was nearly complete when I stuck badly with one functionality of it and could never complete the script that time.
    V0.3 had massive improvements; need to find it buried deep down in some directory (hopefully) - it's been years now.

    Cheers!
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •