a simple utilitiy which is fine to look inside others people computers
Back to our tools
by TWD, 4 October 1998
Courtesy of fravia's pages of reverse engineering
Hi Fravia,
I wrote a simple utility (applog.zip: 121 Kb) which is fine to look
inside others people computers.
It works that way : "Tell what programs you use and I tell you who you
are ...".
Some time ago I was searching for a program on my hard disk and I used
the searching function included in my OS (Win98) (at the task bar).
I didn't only found the program, but I also found a file in my
"Win98/App Log" with extension .lgc
I took a deeper look inside this directory (which has the hidden
attribute) and found a file called applog.ind .
After a lot of analyzing I could write a tool, which does all the work
for you.
There are some interesting information stored, e.g. the total number of
runs for this program, the location, and for every executed file there
is protocol, which tracks all the disk accesses.
Wondering if anyone else had found this bunch of data storage, I made a
search in the Internet and I found out that these stuff is used by
Defrag to arrange the files in the best order (according to
access speed).
Nevertheless, it's an incredible source of information about the
behavior of the computer user.
Heavy use of IDAW of W32DASM in combination with other suspect programs
will let the most people get to a simple conclusion (about the user).
But this works only with Win98. If you are interested in more facts
(file structure, etc.) then tell me.
I will soon create a new version, which can read the .lgc files.
Try it and tell me about the results...
Bye till next time
TWD
--
i don't stunt i regulate
take a hit to http://twdrulez.home.ml.org (censored)
TWD RuleZ
homepage
links
anonymity
+ORC
students' essays
academy database
bots wars
antismut
tools
cocktails
javascript wars
search_forms
mail_fravia Is reverse engineering legal?