Windows clearing tracks

Clearing Windows Event Logs

Elevated privileges are necessary to clean the Event logs.

  • From the Meterpreter session clear the event log

clearev

#Metasploit

  • Use the Cleanup RC File

# Cleanup Meterpreter RC File:
cat /root/.msf4/logs/persistence/ATTACKDEFENSE_20230429.0454/ATTACKDEFENSE_20230429.0454.rc
background
sessions 1
resource /root/.msf4/logs/persistence/ATTACKDEFENSE_20230429.1019/ATTACKDEFENSE_20230429.1
PreviousClearing TracksNextLinux clearing tracks

Last updated