Appendix B. Sample session history (console)
(note: this session history was made with the pre-release version of ComLog. The same commands would now produce a slightly different result. "" on DIR entries have been added to prevent a screwed up display)
Microsoft(R) Windows NT(TM)
(C) Copyright 1985-1996 Microsoft Corp.
D:\commandlog>dir
Volume in drive D is D
Volume Serial Number is 0480-D01C
Directory of D:\commandlog
08/04/02 04:35a "<"DIR> .
08/04/02 04:35a "<"DIR> ..
08/04/02 04:26a 655,520 cmd.exe
08/04/02 04:20a 8,726 comlog.pl
08/04/02 04:10a 18,433 comlog.txt
05/13/02 02:42p 1,506 command logger.txt
02/11/02 11:47a 971 pseudo code.txt
08/04/02 04:26a 655,520 root.exe
08/04/02 04:28a 583 Shortcut to cmd.exe.lnk
05/30/02 02:04p 35 systempath.txt
07/21/02 03:27p 878 test.txt
13 File(s) 1,557,580 bytes
488,346,112 bytes free
D:\commandlog>echo "There is a copy of cm_.exe and history.txt in here, but we d
on't see it"
D:\commandlog>echo "That last message didn't echo because it contained the fobid
den words"
"That last message didn't echo because it contained the fobidden words"
D:\commandlog>cd ..
D:\>dir
Volume in drive D is D
Volume Serial Number is 0480-D01C
Directory of D:\
08/04/02 04:35a "<"DIR> commandlog
06/25/02 12:57p "<"DIR> Dev
12/25/00 09:34p "<"DIR> downloads
08/04/02 04:20a "<"DIR> Log
08/04/02 04:21a "<"DIR> LogAgent 2.0
01/02/01 03:57p "<"DIR> movies
07/24/01 12:59p "<"DIR> Musique
08/04/02 02:42a "<"DIR> NONE
06/25/02 01:59p "<"DIR> NTRESKIT
08/04/02 02:59a 67,108,864 pagefile.sys
05/20/01 06:10a "<"DIR> Program Files
08/04/02 04:36a "<"DIR> TEMP
04/30/02 02:33p "<"DIR> Test
10/15/00 04:06p "<"DIR> VIRUSES
05/24/02 06:22p "<"DIR> WINNT
05/24/02 06:22p 92 WINNTdun.bat
16 File(s) 67,109,842 bytes
488,345,088 bytes free
D:\>ipconfig
Windows NT IP Configuration
Ethernet adapter DE5284:
IP Address. . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . : 192.168.0.1
PPP adapter NdisWan3:
IP Address. . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . :
D:\>net share
Share name Resource Remark
--------------------------------------------------------------------------------
IPC$ Remote IPC
C$ C:\ Default share
D$ D:\ Default share
G$ G:\ Default share
Log$ D:\Log
ADMIN$ D:\WINNT Remote Admin
Log D:\Log
The command completed successfully.
D:\>dir \log >> dirlog.txt
D:\>echo "The user see no display because he sent the output to a file"
"The user see no display because he sent the output to a file"
D:\>type dirlog.txt
Volume in drive D is D
Volume Serial Number is 0480-D01C
Directory of D:\log
08/04/02 04:20a "<"DIR> .
08/04/02 04:20a "<"DIR> ..
04/30/02 02:37p 3,819 adam.log
09/25/00 08:31p 373 bind.log
05/20/01 05:46a 6,917 getright.log
08/04/02 02:50a 131,546 IAMDB.RDB
09/25/00 08:31p 41 restart.log
08/04/02 04:20a 177 Scan Viruses.lnk
09/25/00 08:31p 36 shutdown.log
09/25/00 08:31p 104 startup.log
04/29/02 02:56p 218 test.bat
04/30/02 02:33p 3,721 test.txt
07/24/01 11:26a 5,553 ZALog.txt
14 File(s) 153,044 bytes
488,340,480 bytes free
D:\>dir
Volume in drive D is D
Volume Serial Number is 0480-D01C
Directory of D:\
08/04/02 04:35a "<"DIR> commandlog
06/25/02 12:57p "<"DIR> Dev
08/04/02 04:39a 886 dirlog.txt
12/25/00 09:34p "<"DIR> downloads
08/04/02 04:20a "<"DIR> Log
08/04/02 04:21a "<"DIR> LogAgent 2.0
01/02/01 03:57p "<"DIR> movies
07/24/01 12:59p "<"DIR> Musique
08/04/02 02:42a "<"DIR> NONE
06/25/02 01:59p "<"DIR> NTRESKIT
08/04/02 02:59a 67,108,864 pagefile.sys
05/20/01 06:10a "<"DIR> Program Files
08/04/02 04:36a "<"DIR> TEMP
04/30/02 02:33p "<"DIR> Test
10/15/00 04:06p "<"DIR> VIRUSES
05/24/02 06:22p "<"DIR> WINNT
05/24/02 06:22p 92 WINNTdun.bat
17 File(s) 67,109,842 bytes
488,339,456 bytes free
D:\>cd commandlog
D:\commandlog>dir
Volume in drive D is D
Volume Serial Number is 0480-D01C
Directory of D:\commandlog
08/04/02 04:35a "<"DIR> .
08/04/02 04:35a "<"DIR> ..
08/04/02 04:26a 655,520 cmd.exe
08/04/02 04:20a 8,726 comlog.pl
08/04/02 04:10a 18,433 comlog.txt
05/13/02 02:42p 1,506 command logger.txt
02/11/02 11:47a 971 pseudo code.txt
08/04/02 04:26a 655,520 root.exe
08/04/02 04:28a 583 Shortcut to cmd.exe.lnk
05/30/02 02:04p 35 systempath.txt
07/21/02 03:27p 878 test.txt
13 File(s) 1,563,574 bytes
488,338,432 bytes free
D:\commandlog>copy cmd.exe root.exe
1 file(s) copied.
D:\commandlog>exit
<\pre>
Appendix A. Source code
Appendix C. Sample session history (history.txt)
Table of contents