Linux Log Cleaner (utmp, wtmp, lastlog)
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
pics
LLC.py
README.md
tmp_version.py

README.md

Description

Linux Log Cleaner

This tool is used to remove log traces.

/var/log/btmp, /var/run/utmp, /var/log/wtmp, /var/log/lastlog.

CookBook

utmp

clear /var/run/utmp to hide your login info in command: w:

then we want to hide the user: macr0phag3:

result:

wtmp

clear /var/log/wtmp to hide your info in command: last.

just like utmp

btmp

clear /var/log/btmp to hide your info in command: lastb.

just like utmp

lastlog

tamper/clear the records in /var/log/lastlog. you can use command: lastlog to check it out:

or just clear the record:

others

usage: LLC.py [-h] -l {0,1,2,3} [-u USERNAME] [-i IP] [-t TTYNAME] [-f FILENAME]
              [-d] [-m] [-mtime MTIME] [-mstime MSTIME] [-mtty MTTY]
              [-mip MIP]

optional arguments:
  -h, --help            显示帮助信息
  -l {0,1,2,3}, --log {0,1,2,3}
                        指定修改的日志文件。 0:btmp; [1:utmp]; 2:wtmp; 3:lastlog
  -u USERNAME, --username USERNAME
                        根据用户名匹配记录
  -i IP, --ip IP        根据 ip 匹配记录
  -t TTYNAME, --ttyname TTYNAME
                        根据 tty 匹配记录
  -f FILENAME, --filename FILENAME
                        如果日志文件不在正常的位置或者不是正常的名字,需要给出具体的路径(包括文件名)
  -d, --debug           调试模式会输出一些详细的东西。
  -m, --mode            默认为清空操作,加了此参数为修改操作(仅用于 lastlog)
  -mtime MTIME          **仅在操作 lastlog 时使用** 指定修改后的时间。时间格式为:"1997-01-01 08:00:00"
  -mstime MSTIME        **仅在操作 lastlog 时使用** 指定修改后的。时间格式为:时间戳
  -mtty MTTY            **仅在操作 lastlog 时使用** 指定修改后的 tty:pts/1
  -mip MIP              **仅在操作 lastlog 时使用** 指定修改后的 ip:192.168.1.1

just run python LLC.py -h

:P

Version

The latest version: 2018.10.30 10:41:03

Dependencies

  • Py 2 or 3

  • ROOT :P

TODO

  • help list. 2018.10.29 14:03
  • fix the bug of lastlog. 2018.10.29 21:03
  • Print func. 2018.10.29 22:03
  • colored. 2018.10.29 22:10 PM
  • compatible with py3.x. 2018.10.30 10:38:36
  • verbose level 2. 2018.10.31 14:47:59
  • replace "" with [empty]. 2018.10.31 14:53:57
  • add func: tamper lastlog time. 2018.10.31 20:16:25
  • add verbos level 0. 2018.10.31 20:30:23
  • README pics. 2018.10.31 22:03:49
  • LOGO. 2018.10.31 22:25:00
  • add logfile: /var/log/btmp. 2018.11.2 13:45:04
  • show record's time in log [0, 1, 2]. 2018.11.2 13:46:58