Results 1 to 4 of 4

Thread: Looking for a way to record Terminal Sessions

  1. #1
    Join Date
    2016-Jul
    Posts
    7

    Question Looking for a way to record Terminal Sessions

    Hello, everyone,

    I would like a way to record or keep a copy of all input and output in all terminal sessions while logged in to Kali, preferably with timestamped lines.

    I need this data for doing forensic work and keeping my notebook of what / when / where / how accurate.

    In the past, I've just used PuTTY Logging with printable output and a naming convention of &H-%Y-&M-PuTTY.log. That gets me files with names like this 10.10.10.10-2016-07-26-PuTTY.log. So I get a new file every day.
    Unfortunately, PuTTY doesn't timestamp the individual lines in the logs. The problem is, it's a hassle to basically SSH to yourself just to get decent logging.

    Bash itself keeps .bash_history file but that only has commands run and does not timestamp anything.

    I am considering 'snoopy' to supplement the .bash_history file since it will timestamp everything in the syslog, but it still doesn't get me the output of commands.

    I'd like to hear how others have solved this problem.

    Thanks!
    AP

  2. #2
    Join Date
    2016-Jul
    Posts
    40
    Have you try to simply use /home/user/bashrc for setting $HISTFILE var ? Because you can easily deploy your "code to timestamp history file" to /etc/skel/.bashrc (used when a new user profile is created) too !

  3. #3
    Join Date
    2015-Apr
    Posts
    29

  4. #4
    Join Date
    2013-Sep
    Posts
    264
    You can use the native shell command script
    Code:
    kcdtv@ramonperez:~$ script --help
    
    Usage:
     script [options] [file]
    
    Make a typescript of a terminal session.
    
    Options:
     -a, --append            append the output
     -c, --command <command> run command rather than interactive shell
     -e, --return            return exit code of the child process
     -f, --flush             run flush after each write
         --force             use output file even when it is a link
     -q, --quiet             be quiet
     -t, --timing[=<file>]   output timing data to stderr (or to FILE)
     -V, --version           output version information and exit
     -h, --help              display this help and exit
    
    
    For more details see script(1).
    kcdtv@ramonperez:~$

Similar Threads

  1. Can't record handshake with Alfa AWUS051NH v2
    By silent-circuit in forum General Archive
    Replies: 13
    Last Post: 2017-02-26, 16:45
  2. Sniffing RDP Sessions After ARP Spoof
    By techguy3000 in forum General Archive
    Replies: 0
    Last Post: 2016-04-24, 23:48

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •