+ Post New Thread
Page 3 of 4 FirstFirst 1234 LastLast
Results 31 to 45 of 56
How do you do....it? Thread, Record the websites that are accessed in Technical; That would depend on the LEA having the caching set up right which obviously they would....
  1. #31

    Join Date
    Nov 2005
    Location
    North
    Posts
    1,817
    Thank Post
    24
    Thanked 91 Times in 71 Posts
    Rep Power
    50

    Re: Record the websites that are accessed

    That would depend on the LEA having the caching set up right which obviously they would.

  2. #32
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,237
    Thank Post
    50
    Thanked 273 Times in 211 Posts
    Blog Entries
    6
    Rep Power
    113

    Re: Record the websites that are accessed

    I don't know about them but I know I certainly do.

  3. #33

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Record the websites that are accessed

    Squid + Dansguardian.

    I have tweaks for squid so updates for windows/sophos/java/etc are cached for a month. Speeds things up enormously.

  4. #34

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    19

    Re: Record the websites that are accessed

    Quote Originally Posted by Geoff
    Squid + Dansguardian.

    I have tweaks for squid so updates for windows/sophos/java/etc are cached for a month. Speeds things up enormously.
    Please tell me how! It's driving me mad. I have tried everything but I can;t workout why there should be difference between automatic updates running through on-site squid and through direct connection.
    Manual updates through relevant websites work normally.

  5. #35

    Join Date
    Jan 2006
    Location
    Hertfordshire
    Posts
    151
    Thank Post
    2
    Thanked 8 Times in 8 Posts
    Rep Power
    19

    Re: Record the websites that are accessed

    I use the following vbs:

    Code:
    Code: 
    ' C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat - Starting offset: 0000:5000
    ' +----------------------------------------------------------------------------+
    ' | Ensure that all variable names are defined!                                |
    ' +----------------------------------------------------------------------------+
    Option Explicit
    
    
    ' +----------------------------------------------------------------------------+
    ' | Setup constants                                                            |
    ' +----------------------------------------------------------------------------+
    Const conBarSpeed=80
    Const conForcedTimeOut=3600000 ' 1 hour
    
    
    ' +----------------------------------------------------------------------------+
    ' | Setup Objects and misc variables                                           |
    ' +----------------------------------------------------------------------------+
    Dim spyPath     
    Dim oFSO        : Set oFSO = CreateObject("Scripting.FileSystemObject")
    Dim oWShell     : Set oWShell = CreateObject("WScript.Shell")
    Dim objNet      : Set objNet = CreateObject("WScript.Network")
    Dim Env         : Set Env = oWShell.Environment("SYSTEM")
    Dim arrFiles    : arrFiles = Array()
    'Dim arrUsers    : arrUsers = Array()
    Dim HistoryPath : HistoryPath = Array()
    Dim objIE
    Dim objProgressBar
    Dim objTextLine1
    Dim objTextLine2
    Dim objQuitFlag
    Dim oTextStream
    Dim index
    Dim nBias
    Dim strUserName
    
    ' +----------------------------------------------------------------------------+
    ' | Whose been a naughty surfer? Let's find out! ;)                            |
    ' +----------------------------------------------------------------------------+
    'Here is where we extract the UserName
    strUserName = objNet.UserName
    spyPath = "\\server\logs$\inet\" &strUsername&"\spy.htm"
    StartSpyScan
    'DeleteIndexFiles()
    myDeleteIndexFiles
    
    
    ' +----------------------------------------------------------------------------+
    ' | Outta here ...                                                             |
    ' +----------------------------------------------------------------------------+
    CleanupQuit
    
    
    ' +----------------------------------------------------------------------------+
    ' | Cleanup and Quit                                                           |
    ' +----------------------------------------------------------------------------+
    Sub CleanupQuit()
        Set oFSO = Nothing
        Set oWShell = Nothing
        Set objNet = Nothing
        WScript.Quit
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Start Spy Scan                                                             |
    ' +----------------------------------------------------------------------------+
    Sub StartSpyScan()
        Dim index_folder, history_folder, oSubFolder, oStartDir, sFileRegExPattern, user
    
        LocateHistoryFolder
        index_folder=HistoryPath(0)&"\"&HistoryPath(1)
        
        If Not oFSO.FolderExists(index_folder) Then
          'MsgBox "No history folder exists. Scan Aborted."
        Else  
          
          'StartIE "IE Spy"
          'SetLine1 "Locating history files:"
          
          sFileRegExPattern = "\index.dat$"
          Set oStartDir = oFSO.GetFolder(index_folder)
          
          For Each oSubFolder In oStartDir.SubFolders
            history_folder=oSubFolder.Path&"\"&HistoryPath(3)&"\"&HistoryPath(4)&"\"&"History.IE5"
            If oFSO.FolderExists(history_folder) Then
              user = split(history_folder,"\")
         'SetLine2 user(2)
              'ReDim Preserve arrUsers(UBound(arrUsers) + 1)
              'arrUsers(UBound(arrUsers)) = user(2) 
              if user(2) = strUserName then
                 Set oStartDir = oFSO.GetFolder(history_folder)
                 RecurseFilesAndFolders oStartDir, sFileRegExPattern
         end if
            End If
          Next
          
          If IsEmpty(index) Then
            'CloseIE
            'MsgBox "No Index.dat files found. Scan Aborted."
          Else
            CreateSpyHtmFile
            'CloseIE
            'RunSpyHtmFile
            'DeleteIndexFiles        
          End If
          
        End If
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Locate History Folder                                                      |
    ' +----------------------------------------------------------------------------+
    Sub LocateHistoryFolder() 
        ' Example: C:\Documents and Settings\<username>\Local Settings\History
        ' HistoryPath(0) = C:
        ' HistoryPath(1) = Documents and Settings
        ' HistoryPath(2) = <username>
        ' HistoryPath(3) = Local Settings
        ' HistoryPath(4) = History 
        HistoryPath=split(oWShell.RegRead("HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History"),"\")
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Find ALL History Index.Dat Files                                           |
    ' +----------------------------------------------------------------------------+
    Sub RecurseFilesAndFolders(oRoot, sFileEval)
        Dim oSubFolder, oFile, oRegExp
    
        Set oRegExp = New RegExp
        oRegExp.IgnoreCase = True
    
        If Not (sFileEval = "") Then
          oRegExp.Pattern = sFileEval
          For Each oFile in oRoot.Files
            If (oRegExp.Test(oFile.Name)) Then
              ReDim Preserve arrFiles(UBound(arrFiles) + 1)
              arrFiles(UBound(arrFiles)) = oFile.Path
              index=1 ' Found at least one index.dat file!
            End If
          Next
        End If
    
        For Each oSubFolder In oRoot.SubFolders
          RecurseFilesAndFolders oSubFolder, sFileEval
        Next
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Create Spy.htm file                                                        |
    ' +----------------------------------------------------------------------------+
    Sub CreateSpyHtmFile()
        Dim ub, user, spyTmp, oFS, index_dat
    
        Set oFS = CreateObject("Scripting.FileSystemObject") 
        If Not oFSO.FolderExists("\\server\logs$\inet\" & strUserName) Then
            oFS.CreateFolder(("\\server\logs$\inet\" & strUserName))      
       Set oTextStream = oFSO.OpenTextFile(spyPath,2,True)
            oTextStream.WriteLine "<html><title>IE Log!</title><body><font size=2><h3>"&objNet.UserName &" "& objNet.ComputerName &"</h3>
    
    "     
            'oTextStream.WriteLine ""+CStr(UBound(arrUsers)+1)+" users surfed on your PC:
    "    
            'For Each index_dat In arrUsers
            '    oTextStream.WriteLine "<font color=green>"+index_dat+"</font>
    "             
            'Next 
            oTextStream.WriteLine "
    <table border='0' width='100%' cellspacing='0' cellpadding='0'>"
            oTextStream.WriteLine "<tr><td nowrap>Location:</td><td nowrap>Date:</td><td nowrap> Link:</td></tr>"
            GetTimeZoneBias
           ub = UBound(arrFiles)
           For Each index_dat In arrFiles
              user = split(index_dat,"\")
              spyTmp=oFSO.GetSpecialFolder(2)+"\spy.tmp"
    
              ' Copy index.dat ---> C:\Documents and Settings\<username>\Local Settings\Temp\spy.tmp 
              ' REASON: Avoids file access violations under Windows.
              oFSO.CopyFile index_dat, spyTmp, True
              FindLinks "URL ", RSBinaryToString(ReadBinaryFile(spyTmp)), index_dat
            Next 
            oTextStream.WriteLine "</table>"    
            'For Each index_dat In arrFiles
            '    oTextStream.WriteLine index_dat+"
    "      
            'Next    
            oTextStream.WriteLine "</body></html>"
            oTextStream.Close
            Set oFS = nothing 
    
        Else  
        Set oTextStream = oFSO.OpenTextFile(spyPath,8,True)
             'For Each index_dat In arrUsers
              '    oTextStream.WriteLine "<font color=green>"+index_dat+"</font>
    "             
           'Next 
           oTextStream.WriteLine  "
    
    "
           oTextStream.WriteLine "
    <table border='0' width='100%' cellspacing='0' cellpadding='0'>"
           oTextStream.WriteLine "<tr><td nowrap>" & objNet.UserName &"</td><td nowrap>"&  objNet.ComputerName &"</td><td nowrap> Link:</td></tr>"
           GetTimeZoneBias
           ub = UBound(arrFiles)
           For Each index_dat In arrFiles
          user = split(index_dat,"\")
          spyTmp=oFSO.GetSpecialFolder(2)+"\spy.tmp"
          ' Copy index.dat ---> C:\Documents and Settings\<username>\Local Settings\Temp\spy.tmp 
          ' REASON: Avoids file access violations under Windows.
                oFSO.CopyFile index_dat, spyTmp, True
                FindLinks "URL ", RSBinaryToString(ReadBinaryFile(spyTmp)), index_dat
            Next 
       
           ' oTextStream.WriteLine "</table>
    Listing of history files:
    "    
           ' For Each index_dat In arrFiles
           '     oTextStream.WriteLine index_dat+"
    "      
           ' Next    
           ' oTextStream.WriteLine "</body></html>"
           ' oTextStream.Close
        end if
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Get Time Zone Bias.                                                        |
    ' +----------------------------------------------------------------------------+
    Sub GetTimeZoneBias()
        Dim nBiasKey, k
    
        nBiasKey = oWShell.RegRead("HKLM\System\CurrentControlSet\Control\TimeZoneInformation\ActiveTimeBias")
        If UCase(TypeName(nBiasKey)) = "LONG" Then
          nBias = nBiasKey
        ElseIf UCase(TypeName(nBiasKey)) = "VARIANT()" Then
          nBias = 0
          For k = 0 To UBound(nBiasKey)
            nBias = nBias + (nBiasKey(k) * 256^k)
          Next
        End If
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Find Links within Index.dat                                                |
    ' +----------------------------------------------------------------------------+
    Sub FindLinks(strMatchPattern, strPhrase, file)
    Dim oRE, oMatches, oMatch, dt, start, sArray, timeStamp, url 
    
        Set oRE = New RegExp
        oRE.Pattern = strMatchPattern
        oRE.Global = True
        oRE.IgnoreCase = False
        Set oMatches = oRE.Execute(strPhrase)
        For Each oMatch In oMatches
          start = Instr(oMatch.FirstIndex + 1,strPhrase,": ")
          If start <> 0 Then
            sArray = Split(Mid(strPhrase,start+2),"@")
            url=Left(sArray(1),InStr(sArray(1),chr(0)))
            dt=AsciiToHex(Mid(strPhrase,oMatch.FirstIndex+1+16,8))
            timeStamp = cvtDate(dt(7)&dt(6)&dt(5)&dt(4),dt(3)&dt(2)&dt(1)&dt(0))
            'oTextStream.WriteLine "<nobr>" & sArray(0) & " - " & timeStamp & " - " & ""&url&" - " & file & " - " & CStr(oMatch.FirstIndex + 1) & "</nobr>
    "                      
            'Visit User + Date + Visited URL
            if split(timestamp," ")(0) = FormatDateTime(date) then
                oTextStream.WriteLine "<tr><td nowrap><font color=green size=2>"&objNet.ComputerName&"</font></td>"+"<td nowrap><font color=red size=2>"&timeStamp&"</font></td>"&"<td nowrap><font size=2> "&url&"</font></td></tr>"
            end if
          End If 
        Next
    End Sub 
    
    
    ' +----------------------------------------------------------------------------+
    ' | Convert a 64-bit value to a date, adjusted for local time zone bias.       |
    ' +----------------------------------------------------------------------------+
    Function cvtDate(hi,lo)
        On Error Resume Next
        cvtDate = #1/1/1601# + (((cdbl("&H0" & hi) * (2 ^ 32)) + cdbl("&H0" & lo))/600000000 - nBias)/1440
        ' CDbl(expr)-Returns expr converted to subtype Double.
        ' If expr cannot be converted to subtype Double, a type mismatch or overflow runtime error will occur.   
        cvtDate = CDate(cvtDate)
        If Err.Number <> 0 Then
          'WScript.Echo "Oops! An Error has occured - Error number " & Err.Number & " of the type '" & Err.description & "'."   
          On Error GoTo 0
          cvtDate = #1/1/1601#
          Err.Clear
        End If
        On Error GoTo 0  
    End Function
    
    
    ' +----------------------------------------------------------------------------+
    ' | Turns ASCII string sData into array of hex numerics.                       |
    ' +----------------------------------------------------------------------------+
    Function AsciiToHex(sData)
        Dim i, aTmp()
         
        ReDim aTmp(Len(sData) - 1)
        
        For i = 1 To Len(sData)
          aTmp(i - 1) = Hex(Asc(Mid(sData, i)))
          If len(aTmp(i - 1))=1 Then aTmp(i - 1)="0"+ aTmp(i - 1)      
        Next
        
        ASCIItoHex = aTmp
    End Function
    
    
    ' +----------------------------------------------------------------------------+
    ' | Converts binary data to a string (BSTR) using ADO recordset.               |
    ' +----------------------------------------------------------------------------+
    Function RSBinaryToString(xBinary)
        Dim Binary
        'MultiByte data must be converted To VT_UI1 | VT_ARRAY first.
        If vartype(xBinary)=8 Then Binary = MultiByteToBinary(xBinary) Else Binary = xBinary
        Dim RS, LBinary
        Const adLongVarChar = 201
        Set RS = CreateObject("ADODB.Recordset")
        LBinary = LenB(Binary)
    
        If LBinary>0 Then
          RS.Fields.Append "mBinary", adLongVarChar, LBinary
          RS.Open
          RS.AddNew
          RS("mBinary").AppendChunk Binary 
          RS.Update
          RSBinaryToString = RS("mBinary")
        Else
          RSBinaryToString = ""
        End If
    End Function
    
    
    ' +----------------------------------------------------------------------------+
    ' | Read Binary Index.dat file.                                                |
    ' +----------------------------------------------------------------------------+
    Function ReadBinaryFile(FileName)
        Const adTypeBinary = 1
        Dim BinaryStream : Set BinaryStream = CreateObject("ADODB.Stream")
        BinaryStream.Type = adTypeBinary
        BinaryStream.Open
        BinaryStream.LoadFromFile FileName
        ReadBinaryFile = BinaryStream.Read
        BinaryStream.Close
    End Function
    
    
    ' +----------------------------------------------------------------------------+
    ' | Run Spy.htm file                                                           |
    ' +----------------------------------------------------------------------------+
    Sub RunSpyHtmFile()
        If not oFSO.FileExists(spyPath) Then
          MsgBox "For some odd reason, "+spyPath+" does not exist:"+vbCRLF+vbCRLF+spyPath+vbCRLF+vbCRLF+"Unfortunately, no surfing history can be tracked. (cyber_flash@hotmail.com)", VBOKonly, "Exiting (code=2)"
          CleanupQuit
        Else
          oWShell.Run chr(34)+spyPath+chr(34)
        End If
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Delete Index.dat files                                                     |
    ' +----------------------------------------------------------------------------+
    Sub DeleteIndexFiles()
        Dim sTempExe, elem
          
       ' If MsgBox ("Would you like to delete specific Index.dat files?", 65, "Notice")=1 Then
    
          ' Example: C:\Documents and Settings\<username>\Local Settings\Temp\deindex.exe
          sTempExe = oFSO.GetSpecialFolder(2)+"\deindex.exe"
    
          BuildDeIndexFile(sTempExe)
          
          For Each elem In arrFiles
    '        If MsgBox ("Delete file upon PC restart?"&vbcrlf&elem, 65, "Delete?")=1 Then
              oWShell.Run sTempExe+" "+chr(34)+elem+chr(34)
    '        End If
          Next
          
    '      MsgBox "Any pending file deletions are stored under this registry key:"&vbcrlf&vbcrlf&"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations"&vbcrlf&vbcrlf&"If you want to undo the pending deletions, goto the above value and simply delete it! (use: regedit.exe)",0,"Notice"
          
    '      If MsgBox ("Would you like to RESTART your PC now?", 33, "Notice")=1 Then      
    '        oWShell.Run "cmd.exe /c shutdown.exe "+chr(34)+"-r"+chr(34),0,True
    '      End If
          
    '    End If
    End Sub
    
    Sub myDeleteIndexFiles
       Dim elem, oTextStream
       For Each elem In arrFiles
    On Error Resume Next
          Set oTextStream = oFSO.OpenTextFile(elem,2)
       Next
    End Sub
    
    ' +----------------------------------------------------------------------------+
    ' | Build DeIndex.exe (see source code below)                                  |
    ' +----------------------------------------------------------------------------+
    Sub BuildDeIndexFile(sTempExe)
        Dim t, i, deindex
        
        If not oFSO.FileExists(sTempExe) Then
          t=split("4D,5A,90,00,03,00,00,00,04,00,00,00,FF,FF,00,00,B8,00,00,00,00,00,00,00,40,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,B0,00,00,00,0E,1F,BA,0E,00,B4,09,CD,21,B8,01,4C,CD,21,54,68,69,73,20,70,72,6F,67,72,61,6D,20,63,61,6E,6E,6F,74,20,62,65,20,72,75,6E,20,69,6E,20,44,4F,53,20,6D,6F,64,65,2E,0D,0D,0A,24,00,00,00,00,00,00,00,D5,FA,31,DE,91,9B,5F,8D,91,9B,5F,8D,91,9B,5F,8D,1F,84,4C,8D,97,9B,5F,8D,6D,BB,4D,8D,93,9B,5F,8D,52,69,63,68,91,9B,5F,8D,00,00,00,00,00,00,00,00,50,45,00,00,4C,01,03,00,70,78,71,40,00,00,00,00,00,00,00,00,E0,00,0F,01,0B,01,05,0C,00,02,00,00,00,04,00,00,00,00,00,00,00,10,00,00,00,10,00,00,00,20,00,00,00,00,40,00,00,10,00,00,00,02,00,00,04,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,00,40,00,00,00,04,00,00,00,00,00,00,02,00,00,00,00,00,10,00,00,10,00,00,00,00,10,00,00,10,00,00,00,00,00,00,10,00,00,00,00,00,00,00,00,00,00,00,10,20,00,00,28,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,20,00,00,10,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,2E,74,65,78,74,00,00,00,48,01,00,00,00,10,00,00,00,02,00,00,00,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,20,00,00,60,2E,72,64,61,74,61,00,00,84,00,00,00,00,20,00,00,00,02,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,00,00,00,40,00,00,40,2E,64,61,74,61,00,00,00,04,01,00,00,00,30,00,00,00,02,00,00,00,08,00,00,00,00,00,00,00,00,00,00,00,00,00,00,40,00,00,C0,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,68,00,30,40,00,6A,01,E8,24,00,00,00,6A,04,6A,00,68,00,30,40,00,E8,0E,00,00,00,6A,00,E8,01,00,00,00,CC,FF,25,08,20,40,00,FF,25,00,20,40,00,CC,CC,55,8B,EC,81,C4,7C,FE,FF,FF,56,57,E8,02,01,00,00,89,45,FC,33,C9,8B,75,FC,AC,3C,00,74,07,3C,22,75,F7,41,EB,F4,51,D1,E9,D1,E1,58,3B,C1,74,0B,5F,5E,B8,03,00,00,00,C9,C2,08,00,8B,75,FC,8D,BD,3C,FF,FF,FF,AC,3C,00,74,09,3C,09,75,02,B0,20,AA,EB,F2,AA,8D,85,3C,FF,FF,FF,8B,F0,8B,F8,AC,3C,00,75,02,EB,1B,3C,22,75,03,AA,EB,03,AA,EB,EF,AC,3C,20,75,02,B0,FE,3C,22,75,03,AA,EB,E1,AA,EB,EF,AA,8D,85,3C,FF,FF,FF,8B,F0,8D,BD,7C,FE,FF,FF,B9,00,00,00,00,AC,3C,20,74,FB,3B,4D,08,74,15,AC,3C,00,74,1D,3C,20,75,0A,AC,3C,20,74,FB,41,3C,00,74,0F,EB,E6,AA,AC,3C,20,74,07,3C,00,74,03,AA,EB,F4,B0,00,AA,3B,4D,08,73,11,8B,7D,0C,B0,00,AA,B8,02,00,00,00,5F,5E,C9,C2,08,00,8D,85,7C,FE,FF,FF,8B,F0,8B,7D,0C,AC,3C,00,74,0D,3C,22,74,F7,3C,FE,75,02,B0,20,AA,EB,EE,AA,8B,75,0C,AC,3C,00,75,0B,5F,5E,B8,04,00,00,00,C9,C2,08,00,B8,01,00,00,00,5F,5E,C9,C2,08,00,FF,25,04,20,40,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,56,20,00,00,72,20,00,00,48,20,00,00,00,00,00,00,38,20,00,00,00,00,00,00,00,00,00,00,64,20,00,00,00,20,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,56,20,00,00,72,20,00,00,48,20,00,00,00,00,00,00,80,00,45,78,69,74,50,72,6F,63,65,73,73,00,C1,01,4D,6F,76,65,46,69,6C,65,45,78,41,00,6B,65,72,6E,65,6C,33,32,2E,64,6C,6C,00,00,C8,00,47,65,74,43,6F,6D,6D,61,6E,64,4C,69,6E,65,41,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00",",")
    
          Set deindex=oFSO.CreateTextFile(sTempExe,2)
    
          ' Check that deindex.exe was created.   
          If not oFSO.FileExists(sTempExe) Then
            MsgBox "For some odd reason, DEINDEX.EXE does not exist:"+vbCRLF+vbCRLF+sTempExe+vbCRLF+vbCRLF+"Unfortunately, no surfing history can be deleted. (cyber_flash@hotmail.com)", VBOKonly, "Exiting (code=3)"
            CleanupQuit
          End If    
    
          For i=0 To UBound(t)
            deindex.Write chr(Int("&H"&t(i)))
          Next
    
          deindex.Close
        End If
         
    End Sub
    
    
    ' +----------------------------------------------------------------------------+
    ' | Source code for DeIndex.exe                                                |
    ' +----------------------------------------------------------------------------+
    ' ;Title:    Delete Index.dat files!
    ' ;Author:   Vengy! (-_-)
    ' ;Date:     2004 and beyond ...
    ' ;Tested:   Win2K/XP ...
    ' ;Compiled: MASM32
    ' ;Comments: cyber_flash @ hotmail.com
    '
    ' ;This program takes the index.dat file path as a commandline argument,
    ' ;then invokes the MoveFileEx API which deletes the specified file upon RESTART.
    '
    ' ;The Pending file renames are stored under this registry key:
    ' ;HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations
    '
    ' ;Please visit the link below for more details. Thanks!
    ' ;http://msdn.microsoft.com/library/en...movefileex.asp
    '
    '
    ' .486p
    ' .MODEL flat, stdcall
    ' option casemap:none
    '
    ' include             \masm32\include\windows.inc
    ' include             \masm32\include\kernel32.inc
    ' include             \masm32\include\masm32.inc
    ' includelib          \masm32\lib\kernel32.lib
    ' includelib          \masm32\lib\masm32.lib
    '
    ' .DATA
    '       szSrcFile db MAX_PATH dup(0)
    '
    ' .CODE
    ' Main:
    '       invoke    GetCL, 1, addr szSrcFile
    '       invoke    MoveFileEx, addr szSrcFile, NULL, MOVEFILE_DELAY_UNTIL_REBOOT
    '       invoke    ExitProcess, 0
    ' End   Main
    ' +----------------------------------------------------------------------------+
    ' | End of DeIndex.exe source code                                             |
    ' +----------------------------------------------------------------------------+
    Just assign the above script in the logoff user section in gp and it should record all site visited and on what computer.

  6. #36

    SpuffMonkey's Avatar
    Join Date
    Jul 2005
    Posts
    2,230
    Thank Post
    54
    Thanked 278 Times in 186 Posts
    Rep Power
    134

    Re: Record the websites that are accessed

    Could we try that again??

  7. #37

    Join Date
    Mar 2006
    Location
    Bradford
    Posts
    99
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Record the websites that are accessed

    I use Webspy.

  8. #38

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Record the websites that are accessed

    Please tell me how! It's driving me mad. I have tried everything but I can;t workout why there should be difference between automatic updates running through on-site squid and through direct connection.
    Updates for what?

  9. #39

    Join Date
    Feb 2006
    Location
    Leeds
    Posts
    4
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Record the websites that are accessed

    The other option is to get someone to collect the information for you, then sit back and read the results.

  10. #40

    Join Date
    Feb 2006
    Posts
    1,187
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: Record the websites that are accessed

    Quote Originally Posted by Geoff
    Please tell me how! It's driving me mad. I have tried everything but I can;t workout why there should be difference between automatic updates running through on-site squid and through direct connection.
    Updates for what?
    I presume he/she meant the os/app updates that are barred by a default squid configuration.

  11. #41

    SpuffMonkey's Avatar
    Join Date
    Jul 2005
    Posts
    2,230
    Thank Post
    54
    Thanked 278 Times in 186 Posts
    Rep Power
    134

    Re: Record the websites that are accessed

    Hey - uk101man - that is a peach of a script and seems to do exactly what I was after - definitely worth a beer if we ever meet up at one of these Edugeek gigs - thanks so much for sharing your knowledge & hard work

    Cheers

    Spuffy

  12. #42
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,414
    Thank Post
    359
    Thanked 256 Times in 187 Posts
    Rep Power
    75

    Re: Record the websites that are accessed

    Quote Originally Posted by Marcus
    The other option is to get someone to collect the information for you, then sit back and read the results.
    lol - how sneaky was that post?

  13. #43

    Join Date
    Jan 2006
    Location
    Hertfordshire
    Posts
    151
    Thank Post
    2
    Thanked 8 Times in 8 Posts
    Rep Power
    19

    Re: Record the websites that are accessed

    hi,

    i got the code of the web somewhere bt done a lot of hacks to it.


    hope the ppl using it finds it helpful

    Tom

  14. #44
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22

    Re: Record the websites that are accessed

    @ uk101man: That script you supplied is probably the most useful I have ever come across - excellent post.

    One tweak would help us though, we'd prefer all the htm files to be in one folder, so instead of:
    Code:
    \\servername\logs$\inet\%username%\spy.htm
    Would it be possible to store the files as:
    Code:
    \\servername\logs$\inet\%username%.htm
    I've had a play with the script, but to be honest I can't really understand how it works. Do you think you could customize it as I've described?

    Thanks again though

  15. #45
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: Record the websites that are accessed

    Assuming this doesnt mess anything up futher on in the script change:

    Code:
    spyPath = "\\server\logs$\inet\" &strUsername&"\spy.htm"
    to

    Code:
    spyPath = "\\server\logs$\inet\" &strUsername&".htm"

SHARE:
+ Post New Thread
Page 3 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. Ranger issue?! BBC site closes down whenever it is accessed
    By IT_Man_Dan in forum Network and Classroom Management
    Replies: 12
    Last Post: 1st February 2009, 05:53 PM
  2. A record day
    By Dos_Box in forum General EduGeek News/Announcements
    Replies: 11
    Last Post: 25th January 2006, 01:04 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •