Neo23x0
commented
3 years ago I've changed the log format and location.
Closed Omodaka9375 closed 3 years ago
Neo23x0
commented
3 years ago I've changed the log format and location.
Omodaka9375
commented
3 years ago Looks better visually definitely 👍
Added safe logging functionality. Made it fast for access and reading using a static file pointer (otherwise it's exponentially slower). Checks for file 'Raccine_log.txt' in C:\Windows\ dir, if none exist it creates it - if file exists it appends to it. Logs formated ctime, processID, malicious command, and a flag. intercepted, terminated, or whitelisted.
eg: Fri Oct 16 19:17:02 2020 =>pid:1328=>bcdedit.exe/set{default}_recoveryenabledno=> Intercepted =>pid:8496=>bcdedit.exe/set{default}_recoveryenabledno=> Whitelisted
Applied patch for encoded command '/e' in OR condition for '-e' https://twitter.com/FuzzySec/status/1317118979639566336