Design and Implementation of a Documentation Tool for ... - MADOC
07.06.2013 Views
Share Embed Flag

Design and Implementation of a Documentation Tool for ... - MADOC

Design and Implementation of a Documentation Tool for ... - MADOC

Design and Implementation of a Documentation Tool for ... - MADOC

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
ub.madoc.bib.uni.mannheim.de

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

The user now enters the letter n <strong>and</strong> hits the return key (represented as<br />

ASCII byte 0d) in order to execute the comm<strong>and</strong> echo -n. After executing the<br />

comm<strong>and</strong> (which produces no output), the shell displays the prompt again.<br />

0e 0e 16 00 00 00 00 37 50 74 | .......7Pt|<br />

a3 0f 0e 6e 0f 0e 0e 16 00 00 00 00 00 79 c4 67 |...n.........y.g|<br />

0f 6e 0e 0e 16 00 00 00 00 2e bb 20 01 0f 0e 0d |.n......... ....|<br />

0f 0e 0e 16 00 00 00 00 00 79 f9 df 0f 0d 0a 0e |.........y......|<br />

0e 16 00 00 00 00 02 25 be d3 0f 1b 5d 30 3b 73 |.......%....]0;s|<br />

63 79 40 62 69 6a 61 7a 3a 7e 07 1b 5b 31 3b 33 |cy@bijaz:~..[1;3|<br />

32 6d 73 63 79 1b 5b 30 3b 33 32 6d 40 1b 5b 31 |2mscy.[0;32m@.[1|<br />

3b 33 32 6d 62 69 6a 61 7a 1b 5b 31 3b 33 34 6d |;32mbijaz.[1;34m|<br />

20 7e 20 1b 5b 30 3b 33 36 6d 6d 61 73 74 65 72 | ~ .[0;36mmaster|<br />

20 3f 20 1b 5b 31 3b 33 30 6d 30 2e 31 30 20 1b | ? .[1;30m0.10 .|<br />

5b 30 3b 33 37 6d 31 39 3a 34 36 20 1b 5b 30 3b |[0;37m19:46 .[0;|<br />

33 33 6d 1b 5b 31 3b 33 32 6d 24 1b 5b 30 6d 20 |33m.[1;32m$.[0m |<br />

Note that without recording the users input, it would be impossible to determine<br />

whether the user pressed return to actually run the comm<strong>and</strong> or whether<br />

entering the comm<strong>and</strong> was cancelled, <strong>for</strong> example by pressing ^C.<br />

1.587984366 seconds later, the user decides to end the current session by<br />

pressing ^D, which is equivalent to the byte value 04.<br />

0e 0e 16 00 00 00 01 23 0b ed ee 0f 0e 04 0f |.......#....... |<br />

The shell reacts by printing exit <strong>and</strong> terminating. Then, <strong>for</strong>script prints<br />

its shutdown message.<br />

65 | e|<br />

78 69 74 0d 0a 66 6f 72 73 63 72 69 70 74 20 64 |xit..<strong>for</strong>script d|<br />

6f 6e 65 20 6f 6e 20 4d 6f 6e 20 32 32 20 46 65 |one on Mon 22 Fe|<br />

62 20 32 30 31 30 20 30 37 3a 34 36 3a 32 31 20 |b 2010 07:46:21 |<br />

50 4d 20 43 45 54 2c 20 66 69 6c 65 20 69 73 20 |PM CET, file is |<br />

74 72 61 6e 73 63 72 69 70 74 0d 0a |transcript.. |<br />

Finally, the exit status (0) <strong>of</strong> the shell is recorded in an end <strong>of</strong> session<br />

metadata chunk <strong>and</strong> the transcript file ends.<br />

0e 0e 03 00 | ....|<br />

0f |.|<br />

6 Conclusions <strong>and</strong> Future Work<br />

We presented why script, although <strong>of</strong>ten used <strong>for</strong> digital investigations, lacks<br />

features that are crucial <strong>for</strong> reliable documentation. A new s<strong>of</strong>tware, <strong>for</strong>script,<br />

has been designed <strong>and</strong> implemented, the weaknesses <strong>of</strong> script have been eliminated.<br />

13

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!