Categories
Linux 杂七杂八

Fake Linux Login Log

By @sskaje
Link: https://sskaje.me/2017/01/fake-linux-login-log/

Linux saves its login log as utmp file, you can read more on wikipedia: https://en.wikipedia.org/wiki/Utmp.

Linux uses ‘/var/log/wtmp’ store its success login log, and ‘/var/log/btmp’ bad trials.

I wrote a page parsing utmp/wtmp/btmp file, and another convert linux last command output to utmp file, this is useful if you want to fake login log.

Here are links:
Parse UTMP file: upload your wtmp, btmp, utmp, and read it field by field.
UTMP file to last output: run commands like last -f xxx.
Generate UTMP File from Linux Output: fake your utmp here!

BTW, you can man utmp on linux to read utmp file format.

Fake Linux Login Log by @sskaje: https://sskaje.me/2017/01/fake-linux-login-log/