cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
71fd27148a708060cb7c87e6eb54110abec1135e
Linux-Server-Management-Too…/tools/erase-toolkit-traces.sh
T
cschantz 71fd27148a Fix history cleaning - disable history recording 
Added 'set +o history' to prevent the trace eraser commands from being re-added to history.

Changes:
• Disable history recording before cleaning (set +o history)
• Clear in-memory history with history -c
• Write empty history with history -w
• Added note to run 'exec bash' for clean shell
• Prevents script commands from being saved

This ensures the last 10 entries are properly removed and the cleanup commands themselves don't get recorded.
2025-11-10 22:50:17 -05:00

179 lines
5.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
################################################################################
# Toolkit Trace Eraser
################################################################################
# Purpose: Remove all traces of toolkit usage from system
# Use Case: Privacy - ensure no record of toolkit installation/usage
################################################################################
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh" 2>/dev/null || true
print_banner "Toolkit Trace Eraser"
echo ""
echo "This will remove all traces of the Server Toolkit from:"
echo " • Bash history (all toolkit-related commands)"
echo " • System logs (toolkit operations)"
echo " • Download records"
echo " • Temporary files"
echo ""
echo -e "${RED}WARNING: This cannot be undone!${NC}"
echo ""
read -p "Are you sure you want to proceed? (yes/no): " confirm
if [ "$confirm" != "yes" ]; then
echo "Cancelled."
exit 0
fi
echo ""
echo "Removing traces..."
echo ""
# Patterns to remove from history
PATTERNS=(
"server-toolkit"
"Linux-Server-Management-Toolkit"
"git.mull.lol.*toolkit"
"launcher.sh"
"bot-analyzer"
"cphulk"
"live-attack-monitor"
"system-health-check"
"/root/server-toolkit"
"toolkit.tar.gz"
"curl.*mull.lol"
"wget.*mull.lol"
"git clone.*mull.lol"
"erase-toolkit-traces"
)
# Clean bash history for root (will be done at the end to avoid re-adding entries)
CLEAN_HISTORY=true
# Skip user bash histories - only clean root
# (User histories are not touched to avoid affecting normal user operations)
# Clean system logs (pattern-based for logs, not history)
echo "→ Cleaning system logs..."
if [ -f /var/log/messages ]; then
for pattern in "${PATTERNS[@]}"; do
# Use grep -v instead of sed to avoid regex issues
grep -v "$pattern" /var/log/messages > /var/log/messages.tmp 2>/dev/null && mv /var/log/messages.tmp /var/log/messages || true
done
fi
if [ -f /var/log/secure ]; then
for pattern in "${PATTERNS[@]}"; do
grep -v "$pattern" /var/log/secure > /var/log/secure.tmp 2>/dev/null && mv /var/log/secure.tmp /var/log/secure || true
done
fi
echo " ✓ System logs cleaned"
# Clean auth logs
echo "→ Cleaning auth logs..."
for log in /var/log/auth.log* /var/log/secure*; do
if [ -f "$log" ] && [ ! -L "$log" ]; then
for pattern in "${PATTERNS[@]}"; do
grep -v "$pattern" "$log" > "${log}.tmp" 2>/dev/null && mv "${log}.tmp" "$log" || true
done
fi
done
echo " ✓ Auth logs cleaned"
# Remove toolkit download artifacts
echo "→ Removing download artifacts..."
rm -f /root/toolkit.tar.gz 2>/dev/null
rm -f /root/Linux-Server-Management-Toolkit*.tar.gz 2>/dev/null
rm -f /tmp/toolkit*.tar.gz 2>/dev/null
rm -f /tmp/Linux-Server-Management-Toolkit*.tar.gz 2>/dev/null
echo " ✓ Download artifacts removed"
# Remove toolkit temp files
echo "→ Removing temporary files..."
rm -rf /tmp/live-monitor-* 2>/dev/null
rm -rf /tmp/server-toolkit-* 2>/dev/null
echo " ✓ Temp files removed"
# Clean last log and audit trails
echo "→ Cleaning lastlog and wtmp..."
# Note: We don't modify lastlog/wtmp as it might break system auditing
echo " ✓ Skipped (would break system auditing)"
# Remove toolkit logs
echo "→ Removing toolkit logs..."
rm -f "$SCRIPT_DIR/logs/"*.log 2>/dev/null
rm -f "$SCRIPT_DIR/"*_report_*.txt 2>/dev/null
echo " ✓ Toolkit logs removed"
# Clean reference database
echo "→ Removing reference database..."
rm -f "$SCRIPT_DIR/.sysref" 2>/dev/null
rm -f "$SCRIPT_DIR/.sysref.timestamp" 2>/dev/null
echo " ✓ Reference database removed"
# Offer to remove the entire toolkit
echo ""
echo -e "${YELLOW}Final step: Remove toolkit directory?${NC}"
echo "This will delete: $SCRIPT_DIR"
echo ""
read -p "Remove entire toolkit directory? (yes/no): " remove_dir
if [ "$remove_dir" = "yes" ]; then
echo ""
echo "Removing toolkit directory..."
cd /root
rm -rf "$SCRIPT_DIR"
echo ""
echo -e "${GREEN}✓ Toolkit completely removed${NC}"
echo ""
echo "All traces have been erased."
exit 0
else
echo ""
echo -e "${GREEN}✓ History and logs cleaned${NC}"
echo ""
echo "Toolkit directory remains at: $SCRIPT_DIR"
echo "You can manually remove it later with: rm -rf $SCRIPT_DIR"
fi
# Final step: Clean bash history (done last to capture all script commands)
if [ "$CLEAN_HISTORY" = true ] && [ -f ~/.bash_history ]; then
echo ""
echo "→ Final cleanup: Removing bash history..."
# Disable history recording for this session to prevent re-adding commands
set +o history
# Remove last 10 lines from history file (covers toolkit download/usage)
total_lines=$(wc -l < ~/.bash_history)
if [ "$total_lines" -gt 10 ]; then
lines_to_keep=$((total_lines - 10))
head -n "$lines_to_keep" ~/.bash_history > ~/.bash_history.tmp
mv ~/.bash_history.tmp ~/.bash_history
echo " ✓ Removed last 10 history entries"
else
> ~/.bash_history
echo " ✓ Cleared entire history (had < 10 entries)"
fi
# Clear in-memory history completely
history -c
# Write the empty history to file
history -w
echo ""
echo " ✓ Bash history cleaned"
echo ""
echo "NOTE: Run 'exec bash' or logout/login to start fresh shell with clean history."
fi
echo ""
echo "All traces removed. The trace eraser commands will also be"
echo "removed when you log out or start a new shell session."
echo ""
Reference in New Issue View Git Blame Copy Permalink