Tag: logs

Anti-Forensics, Microsoft Windows

Clear All Windows System Logs – AntiForensics

Clear All Windows System Logs using ClearLogs (wevtutil.exe). wevtutil Enables you to retrieve information about event logs and publishers. You can also use this command to install and uninstall event manifests, to run queries, and to export, archive, and clear logs. Development: Built on .Net Framework 4.5.1 with Visual Studio 2013. Download Page: http://sourceforge.net/projects/clearlogs/ Source …

Anti-Forensics

Clear All Windows Logs

1) Create a .bat file 2) Append the following: @echo off FOR /F "tokens=1,2*" %%V IN (’bcdedit’) DO SET adminTest=%%V IF (%adminTest%)==(Access) goto noAdmin for /F "tokens=*" %%G in (’wevtutil.exe el’) DO (call :do_clear "%%G") echo. echo Event Logs have been cleared! ^<press any key^> goto theEnd :do_clear echo clearing %1 wevtutil.exe cl %1 goto …

Windows 7

Delete all event logs at once in Windows 7

@echo off FOR /F "tokens=1,2*" %%V IN (’bcdedit’) DO SET adminTest=%%V IF (%adminTest%)==(Access) goto noAdmin for /F "tokens=*" %%G in (’wevtutil.exe el’) DO (call :do_clear "%%G") echo. echo Event Logs have been cleared! ^<press any key^> goto theEnd :do_clear echo clearing %1 wevtutil.exe cl %1 goto :eof :noAdmin echo You must run this script as …

Security, Windows 7

Where to look for drivers or rootkits installation failures

On modern Windows such as Windows Vista, Windows 7 and Windows 8, Microsoft has implemented some extra mechanisms to protect Windows users from malicious software such as rootkits. One of these security mechanisms is this: Every driver for Windows Vista x64, Windows 7 x64 and Windows 8 cannot be installed on the system if it …

PHP, WEB

Modify error reporting behavior in PHP Part 2

In this article we will see how to handle errors with our own function. PHP allows you to handle errors with the set_error_handler() function. This function takes two arguments. The first argument is the name of our function to handle errors. The second argument allows you to define which errors the function handles. ex. E_ALL, …

PHP, WEB

Modify error reporting behavior in PHP Part 1

Error reporting behavior can be modified at code level. This is very useful if you don’t have permissions to edit php.ini file. Here is a simple example to show you how to do it: //what should i report? ini_set(’error_reporting’, ‘E_ALL’); //show errors to user? ini_set(’display_errors’, ‘Off’); //log errors? ini_set(’log_errors’, ‘On’); //where should i log errors? …

Apache, Linux

Retrieve useful information from Apache logs

Common locations where you can find Apache logs are /var/log/apache2 and /var/log/httpd/. You can extract valuable information from your apache logs. Here are some useful examples! Extract unique IP addresses: cat /var/log/apache2/access.log | awk ‘{print $1}’ | sort | uniqcat /var/log/apache2/access.log | awk ‘{print $1}’ | sort | uniq   Extract unique IP addresses with …