리눅스 로그 지우기

리눅스 로그 지우기

리눅스 해킹후 로그를 지울때 유용하다 

http://www.garage4hackers.com/showthread.php?t=1033 에서 받을수 있다.

OPTIONS:

        -h help                         Show this message

        -i [ip_address]              Search for a particular ip_address in all log files and search for top 20 IP's logged in log files

        -d [ip_address]             Delete the ip_address from log files

        -s [spoof_ip_address]   Spoof the IP following -d with the one following -s wherever deletion is not possible

        -u [user_name]             The user name whose logs are to be erased/spoofed

        -w [web_shell_path]       The web back door (e.g. c99) shell absolute path you wish to erase from logs

        -f fuck logs files             To erase all log files completely, not recommended though

        -e "file extensions"         To find other backdoors planted on system

        -r [web_root_directory]  The web root directory to start searching backdoors from

        Ex: ./linux_log_eraser-v1.0.sh -h

            * To show this help message

        Ex: ./linux_log_eraser-v1.0.sh -i 192.168.1.7

            * To search 192.168.1.7 in all logs files. Basically finding which logs files have trace of it, and

            * In addition to that, search all log files (/var/log/*) and show Top 20 most logged IP's in log files.

            * They could be good choices for spoofing

        Ex: ./linux_log_eraser-v1.0.sh -d 192.168.1.7 -s 10.1.1.7 -u "cracker"

            * To delete lines containing 192.168.1.7 and|or user_name "cracker" from ASCII files, and

            * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root"

        Ex: ./linux_log_eraser-v1.0.sh -d 192.168.1.7 -s 10.1.1.7 -u "cracker" -w "/var/www/xyz.com/uploads/c99.php"

            * To delete lines containing 192.168.1.7 and|or user_name "cracker" and|or web_shell_path from ASCII files, and

            * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root"

          

        Ex: ./linux_log_eraser-v1.0.sh -f

            * To erase all log files listed in log_files.sh completely (not recommended)

        Ex: ./linux_log_eraser-v1.0.sh -e "php txt asp" -r /var/www

            * To search for probable web backdoors planted on system. Once found, it is recommended to verify the result

            * The current example searches for files having extensions php or txt or asp in /var/www and subdirectories

            * Extensions and web_root_directory are customizable

   [!]  Stick to the above OPTION combinations only, else the script might not work properly

Author

======

b0nd, b0nd.g4h@gmail.com and www.garage4hackers.com

여러가지 옵션이 있습니다.  

로그를 검색하거나 바꿀수도 있고 지울수도 있습니다.

쉘스크립트로 제작이 되어있습니다.

@ver1.0이후 업데이트는 없을것이라고 합니다.