October 2018
Intermediate to advanced
404 pages
8h 50m
English
Content preview from Kali Linux 2018: Windows Penetration Testing - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Covering our tracks
If we have either root or sudo access to these machines, we can back out cleanly by running the following commands. This removes the traces of our login. Since this is our attacking machine, we will be running as root. The file that contains the login information for the SSH service is /var/log/auth.log. If we delete it and then make a new file, the logs from our logging in are now gone:
- Go into the /var/log directory:
cd /var/log
- Delete the auth.log file:
rm auth.log
- Make a new empty file:
touch auth.log
- Drop the Terminal session:
exit
Now exit from the server and you're out clean. If you do this on every machine as you back out of your connections, then you can't be found. Since this is all text-based, there ...