突然私のユーザーホームディレクトリにこの "Typescript"ファイルが表示され始め、好奇心が強く開いてみると次のようになります。
Script started on 2020-04-11 20:59:06+0600
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# i a
Command 'i' not found, but can be installed with:
apt install iprint
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# iprint
Command 'iprint' not found, did you mean:
command 'qprint' from deb qprint
command 'print' from deb mime-support
Try: apt install <deb name>
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# list
Command 'list' not found, did you mean:
command 'hist' from deb loki
command 'bist' from deb bist
command 'klist' from deb heimdal-clients
command 'klist' from deb krb5-user
command 'flist' from deb mmh
command 'flist' from deb nmh
command 'mlist' from deb mblaze
command 'last' from deb util-linux
command 'dist' from deb mmh
command 'dist' from deb nmh
command 'lift' from deb lift
command 'gist' from deb yorick
Try: apt install <deb name>
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# kclose
Command 'kclose' not found, did you mean:
command 'gclose' from deb gnustep-gui-runtime
Try: apt install <deb name>
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# close
Command 'close' not found, did you mean:
command 'gclose' from deb gnustep-gui-runtime
Try: apt install <deb name>
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# help
GNU bash, version 4.4.20(1)-release (x86_64-pc-linux-gnu)
These shell commands are defined internally. Type `help' to see this list.
Type `help name' to find out more about the function `name'.
Use `info bash' to find out more about the shell in general.
Use `man -k' or `info' to find out more about commands not in this list.
A star (*) next to a name means that the command is disabled.
job_spec [&] history [-c] [-d offset] [n] or hist>
(( expression )) if COMMANDS; then COMMANDS; [ elif C>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs >
: kill [-s sigspec | -n signum | -sigs>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O or>
bind [-lpsvPSVX] [-m keymap] [-f file> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...)> read [-ers] [-a array] [-d delim] [->
cd [-L|[-P [-e]] [-@]] [dir] readarray [-n count] [-O origin] [-s>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] o>
compgen [-abcdefgjksuv] [-o option] [> return [n]
complete [-abcdefgjksuv] [-pr] [-DE] > select NAME [in WORDS ... ;] do COMM>
compopt [-o|+o option] [-DE] [name ..> set [-abefhkmnptuvxBCHP] [-o option->
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgilnrtux] [-p] [name[=v> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid > test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [na> times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argume> true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or ex> typeset [-aAfFgilnrtux] [-p] name[=v>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [l>
fc [-e ename] [-lnr] [first] [last] o> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMAND> unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMAN> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name > variables - Names and meanings of so>
getopts optstring name [arg] wait [-n] [id ...]
hash [-lr] [-p pathname] [-dt] [name > while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# helpclosekclose[2Plistiprint[3P aclear[3Pfgclearfgclea[1Pclear[3Pfgclearwifiteeifite[4Psuunsuputhon ./home/abartoha/script.py
[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[Cclear[Kpython[1Pclearpythonscript.py[6Pdirclearscript.pyu --loginh[Kclearsuundo --loginabartoha[6Pclearsu abartoha[1PCOMMAND[5Pclearsu -shclearclear[6Phelp[1P--h[1Ph-help[4Pfgwifiteexit()[Kwifite[4Pjjwifite clee[Kar
[32m .;' `;,
[32m .;' ,;' `;, `;, [0mWiFite v2 (r87)
[32m.;' ,;' ,;' `;, `;, `;,
[32m:: :: : [37m( )[32m : :: :: [37mautomated wireless auditor
[32m':. ':. ':. [37m/_\[32m ,:' ,:' ,:'
[32m ':. ':. [37m/___\[32m ,:' ,:' [37mdesigned for Linux
[32m ':. [37m/_____\[32m ,:'
[32m [37m/ \[32m
[0m
usage: wifite [-h] [--check CHECK] [--cracked] [--recrack] [--all]
[-i INTERFACE] [--mac] [--mon-iface MONITOR_INTERFACE]
[-c CHANNEL] [-e ESSID] [-b BSSID] [--showb] [--nodeauth]
[--power POWER] [--tx TX] [--quiet] [--wpa] [--wpat WPAT]
[--wpadt WPADT] [--strip] [--crack] [--dict DIC] [--aircrack]
[--pyrit] [--tshark] [--cowpatty] [--wep] [--pps PPS]
[--wept WEPT] [--chopchop] [--arpreplay] [--fragment]
[--caffelatte] [--p0841] [--hirte] [--nofakeauth]
[--wepca WEPCA] [--wepsave WEPSAVE] [--wps] [--pixie]
[--wpst WPST] [--wpsratio WPSRATIO] [--wpsretry WPSRETRY]
wifite: error: unrecognized arguments: clear
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# clear
[3J[H[2J]0;root@abar: /home/abartoharoot@abar:/home/abartoha# history 0c
bash: history: 0c: numeric argument required
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# clear
[3J[H[2J]0;root@abar: /home/abartoharoot@abar:/home/abartoha# help\[K
GNU bash, version 4.4.20(1)-release (x86_64-pc-linux-gnu)
These shell commands are defined internally. Type `help' to see this list.
Type `help name' to find out more about the function `name'.
Use `info bash' to find out more about the shell in general.
Use `man -k' or `info' to find out more about commands not in this list.
A star (*) next to a name means that the command is disabled.
job_spec [&] history [-c] [-d offset] [n] or hist>
(( expression )) if COMMANDS; then COMMANDS; [ elif C>
. filename [arguments] jobs [-lnprs] [jobspec ...] or jobs >
: kill [-s sigspec | -n signum | -sigs>
[ arg... ] let arg [arg ...]
[[ expression ]] local [option] name[=value] ...
alias [-p] [name[=value] ... ] logout [n]
bg [job_spec ...] mapfile [-d delim] [-n count] [-O or>
bind [-lpsvPSVX] [-m keymap] [-f file> popd [-n] [+N | -N]
break [n] printf [-v var] format [arguments]
builtin [shell-builtin [arg ...]] pushd [-n] [+N | -N | dir]
caller [expr] pwd [-LP]
case WORD in [PATTERN [| PATTERN]...)> read [-ers] [-a array] [-d delim] [->
cd [-L|[-P [-e]] [-@]] [dir] readarray [-n count] [-O origin] [-s>
command [-pVv] command [arg ...] readonly [-aAf] [name[=value] ...] o>
compgen [-abcdefgjksuv] [-o option] [> return [n]
complete [-abcdefgjksuv] [-pr] [-DE] > select NAME [in WORDS ... ;] do COMM>
compopt [-o|+o option] [-DE] [name ..> set [-abefhkmnptuvxBCHP] [-o option->
continue [n] shift [n]
coproc [NAME] command [redirections] shopt [-pqsu] [-o] [optname ...]
declare [-aAfFgilnrtux] [-p] [name[=v> source filename [arguments]
dirs [-clpv] [+N] [-N] suspend [-f]
disown [-h] [-ar] [jobspec ... | pid > test [expr]
echo [-neE] [arg ...] time [-p] pipeline
enable [-a] [-dnps] [-f filename] [na> times
eval [arg ...] trap [-lp] [[arg] signal_spec ...]
exec [-cl] [-a name] [command [argume> true
exit [n] type [-afptP] name [name ...]
export [-fn] [name[=value] ...] or ex> typeset [-aAfFgilnrtux] [-p] name[=v>
false ulimit [-SHabcdefiklmnpqrstuvxPT] [l>
fc [-e ename] [-lnr] [first] [last] o> umask [-p] [-S] [mode]
fg [job_spec] unalias [-a] name [name ...]
for NAME [in WORDS ... ] ; do COMMAND> unset [-f] [-v] [-n] [name ...]
for (( exp1; exp2; exp3 )); do COMMAN> until COMMANDS; do COMMANDS; done
function name { COMMANDS ; } or name > variables - Names and meanings of so>
getopts optstring name [arg] wait [-n] [id ...]
hash [-lr] [-p pathname] [-dt] [name > while COMMANDS; do COMMANDS; done
help [-dms] [pattern ...] { COMMANDS ; }
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# helpclearhistory 0c[5Pclearwifite clear[8Phelpclosekclose[2Plistiprint[3P aclear[3Pfgclearfgclea[1Pclear[3Pfgclearwifiteeifite[4Psuunsuputhon ./home/abartoha/script.py
[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[Cclear[Kpython[1Pclearpythonscript.py[6Pdirclearscript.pyu --loginh[Kclearsuundo --loginabartoha[6Pclearsu abartoha[1PCOMMAND[5Pclearsu -shclearclear[6Phelp[1P--h[1Ph-help[4Pfgwifiteexit()[Kwifite[4Pjjwifite jj[Kwifite[2Pexit()wifite[4Pfg--help[Kh-hhelpclearclear[Ksu -hsclearsu COMMANDabartoha[6Pclearsu abartoha[1P--login[4Pundo[1Pclearsu -h-login[1Pcript.py[4Pclear[2Pdirscript.py[3Ppython[1Pclearpython[1Pclearputhon ./home/abartoha/script.py
[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[Cunsu[K[2Psueifitewifite[1Pclear[3Pfgclearfgclea[1Pclear[3Pfgclear[2Pi aprint[2Plistkclose[1Pclose[1Phelpwifite clear[7Pclearhistory 0c[5Pclear[1Phelp[Khistory -c
]0;root@abar: /home/abartoharoot@abar:/home/abartoha# e[Kexit
わかりません。推測は少しありますが、良い人が現実を提供できたらと思います。私はLinux Mint、Windows on SSD、Linux on HDDを使用しています。ここまで滞在していただきありがとうございます。
答え1
昨年(2020年)4月11日にこのscript
コマンドを実行しました(参照man script
)。実行すると、端末のすべての入力と出力をキャプチャしてログファイルに書き込みます。デフォルトでは、このファイルは呼び出され、typescript
現在のディレクトリに書き込まれます。
はい
セッションログの取得
script
Script started, file is typescript
~$ date
19 Feb 2021 10:07:29
~$ exit
exit
Script done, file is typescript
ログファイルの表示
cat typescript
Script started on 2021-02-19 10:07:27+00:00 [TERM="xterm" TTY="/dev/pty0" COLUMNS="112" LINES="24"]
~$ date
19 Feb 2021 10:07:29
~$ exit
exit
Script done on 2021-02-19 10:07:31+00:00 [COMMAND_EXIT_CODE="0"]
シェルプロンプト、エスケープコードシーケンス、誤った入力から削除されたコンテンツなど、ほとんどすべてがキャプチャされることを確認できます。 (このようなログファイルを研究するときは、単に理解していない限り、フルスクリーン編集セッションを理解することはほとんど不可能ですcat
。)