- Carnivore - Predator
- Formerly known as THC HackSuite, Carnivore - Predator stands at the forefront of cutting-edge cybersecurity tools, redefining the landscape of penetration testing with unparalleled innovation. Designed to empower ethical hackers, security professionals, and enthusiasts alike, Carnivore - Predator is the ultimate Pentest CMS that puts you in command.
Logging in Carnivore
With the introduction of Carnivore, logging has become significantly more efficient and straightforward. Users can now switch between multiple logbooks, set error severity levels, pinpoint exact error locations, and much more.
In earlier versions, an error would be logged as follows:
This method was inefficient and flawed. For example, setting an error to 'fatal' would halt script execution and log the error in the default logbook. The HackSuite couldn't identify the exact error location, severity, handling method, or display it to the user. It was a rudimentary solution.
Initially, when creating HackSuite, logging was not a priority. It was later implemented for TestServers, which required minimal logging details. As the program grew, the need for a more robust logging system became evident. After four years of working on other software, I revisited HackSuite to address this issue.
Previously, the file Includes/log_error.php handled logging. To avoid breaking existing code, I developed log_errors.php and overhauled the entire logging process, maintaining similar syntax while adding various options.
Most options are optional; you typically only need to set the error, file, and line. Each log has different properties, and the new 'log' property allows switching between log files.
Log files must be defined in the DATA_DIR/logsdata.php file.
Consider this example:
This example logs a new error in the somelog.php file instead of the default log, setting it to the highest severity level (2), which requires user attention. 'Fatal' indicates that script execution will terminate after logging. The 'json' property returns the error as a JSON object to the user, setting $aDataR['jresult'] to false and the error message to the $aDataR['jmessage'] variable. You can use 'jsonvar' to specify a different variable for the error message.
Note that while including the error handler file typically suffices, it complicates debugging.
Example:
This example is acceptable as the error is already set, but the logs will only show the function's file location, which is not recommended due to numerous calls to this function.
Instead, use this approach:
This method overwrites the last error and adds more precise data to the log file.
In Carnivore, the logview file has been replaced with the log manager, allowing users to create and manage their logs. The log manager is located in the configuration section.
It is advisable to use property variable names similar to those in the DATA_DIR/logsdata.php file. For instance, 'time' and 'timestamp' are recognized as timestamps, and 'ip' is recognized as the value for the $_SERVER['REMOTE_ADDR'] variable. This ensures that timestamps are converted according to the configuration's date pattern when viewing logs. Additionally, these properties are automatically added to the log query in the error handler file if not set manually.