This article is only for
tutorial purpose where we are trying to share our experience to enhance skills
of IT researchers. This article will help attackers to protect themselves if
they were caught by firewall. Usually when an attacker establish the connection
with target’s system a log is generated having some details like time, ports,
IP address and MAC address of attacker. So if you are not aware of such things
then you might leave an evidence of your attacks in victim’s system. To prevent
yourself you must go through this article where you will learn how to read the
firewall logs as well as how to delete the logs from victim’s PC.
Being an intelligent attack once
you have hacked the target then after fetching important data the most
essential thing is to read and delete the log files from the target system.
First hack The Victim PC read Here
So now we are inside windows/system32 where we can perform
admin level task. Type following command inside CMD shell to move inside the
logs directory
cd logfiles/firewall
Type dir to observe the present directory of firewall.
Dir
From screenshot you can find
that there are two files and two directories, therefore being an attacker I
need to check the log firewall from target PC. Now Type following command to
read firewall logs.
type pfirewall.log
So the highlighted log is showing
MAC address of attacker system.
Hence to protect yourself always delete these logs.
To delete pfirewall.log we
must turn off firewall, type following command to disable firewall from victim
PC.
Netsh firewall set
opmode mode= DISABLE
Now type given below command to delete pfirewall.log
Del pfirewall.log
Now type given below command to verify pfirewall.log is
still available or not in victim’s PC
type pfirewall.log
0 comments:
Post a Comment