-
Notifications
You must be signed in to change notification settings - Fork 0
/
forensics.log
225 lines (225 loc) · 26.1 KB
/
forensics.log
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
2023-03-20T09:23:42.143834-04:00 kali polkitd[552]: Loading rules from directory /etc/polkit-1/rules.d
2023-03-20T09:23:42.144937-04:00 kali polkitd[552]: Loading rules from directory /usr/share/polkit-1/rules.d
2023-03-20T09:23:42.146626-04:00 kali systemd-logind[563]: New seat seat0.
2023-03-20T09:23:42.176105-04:00 kali systemd-logind[563]: Watching system buttons on /dev/input/event1 (Power Button)
2023-03-20T09:23:42.177025-04:00 kali systemd-logind[563]: Watching system buttons on /dev/input/event0 (AT Translated Set 2 keyboard)
2023-03-20T09:23:42.207777-04:00 kali polkitd[552]: Finished loading, compiling and executing 8 rules
2023-03-20T09:23:42.217078-04:00 kali polkitd[552]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
2023-03-20T09:23:46.491177-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-20T09:23:46.520802-04:00 kali systemd-logind[563]: New session c1 of user lightdm.
2023-03-20T09:23:46.540698-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-20T09:24:07.293119-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-20T09:24:07.293410-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-20T09:24:07.807541-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-20T09:24:07.817688-04:00 kali lightdm: pam_unix(lightdm:session): session opened for user kali(uid=1000) by (uid=0)
2023-03-20T09:24:07.819449-04:00 kali systemd-logind[563]: Removed session c1.
2023-03-20T09:24:07.853105-04:00 kali systemd-logind[563]: New session 2 of user kali.
2023-03-20T09:24:07.872183-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user kali(uid=1000) by (uid=0)
2023-03-20T09:24:08.131680-04:00 kali lightdm: gkr-pam: unlocked login keyring
2023-03-20T09:24:13.188005-04:00 kali polkitd[552]: Registered Authentication Agent for unix-session:2 (system bus name :1.36 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
2023-03-20T09:24:18.101136-04:00 kali systemd: pam_unix(systemd-user:session): session closed for user lightdm
2023-03-20T09:24:21.667794-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain ONE-SHOT authorization for action org.kali.pkexec.x-terminal-emulator for unix-process:1171:3762 [xfce4-panel] (owned by unix-user:kali)
2023-03-20T09:24:21.672410-04:00 kali pkexec: pam_unix(polkit-1:session): session opened for user root(uid=0) by (uid=1000)
2023-03-20T09:24:21.674998-04:00 kali pkexec[1615]: kali: Executing command [USER=root] [TTY=unknown] [CWD=/home/kali] [COMMAND=/usr/bin/x-terminal-emulator]
2023-03-20T09:25:01.172759-04:00 kali CRON[2016]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T09:25:01.177073-04:00 kali CRON[2016]: pam_unix(cron:session): session closed for user root
2023-03-20T09:33:02.244279-04:00 kali login[5836]: pam_unix(login:session): session opened for user kali(uid=1000) by (uid=0)
2023-03-20T09:33:26.770918-04:00 kali login[5836]: pam_unix(login:session): session closed for user kali
2023-03-20T09:33:36.884807-04:00 kali login[6216]: pam_unix(login:auth): authentication failure; logname=kali uid=0 euid=0 tty=/dev/pts/0 ruser= rhost= user=kali
2023-03-20T09:33:39.074805-04:00 kali login[6216]: FAILED LOGIN (1) on '/dev/pts/0' FOR 'kali', Authentication failure
2023-03-20T09:35:01.188551-04:00 kali CRON[6934]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T09:35:01.192964-04:00 kali CRON[6934]: pam_unix(cron:session): session closed for user root
2023-03-20T09:39:01.200571-04:00 kali CRON[8859]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T09:39:01.204416-04:00 kali CRON[8859]: pam_unix(cron:session): session closed for user root
2023-03-20T22:35:01.436728-04:00 kali CRON[13761]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T22:35:01.441789-04:00 kali CRON[13761]: pam_unix(cron:session): session closed for user root
2023-03-20T22:39:01.490176-04:00 kali CRON[15669]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T22:39:01.493629-04:00 kali CRON[15669]: pam_unix(cron:session): session closed for user root
2023-03-20T22:39:22.879442-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-20T22:39:22.919439-04:00 kali systemd-logind[563]: New session c2 of user lightdm.
2023-03-20T22:39:22.937747-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-20T22:45:01.524775-04:00 kali CRON[18810]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T22:45:01.529161-04:00 kali CRON[18810]: pam_unix(cron:session): session closed for user root
2023-03-20T22:55:01.542700-04:00 kali CRON[23608]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T22:55:01.548689-04:00 kali CRON[23608]: pam_unix(cron:session): session closed for user root
2023-03-20T23:04:47.120619-04:00 kali lightdm: pam_unix(lightdm:auth): authentication failure; logname= uid=0 euid=0 tty=:1 ruser= rhost= user=kali
2023-03-20T23:04:51.362773-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-20T23:04:51.363301-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-20T23:04:53.191073-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-20T23:04:53.212231-04:00 kali systemd-logind[563]: Removed session c2.
2023-03-20T23:05:01.563175-04:00 kali CRON[28471]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T23:05:01.567995-04:00 kali CRON[28471]: pam_unix(cron:session): session closed for user root
2023-03-20T23:06:07.263406-04:00 kali polkit-agent-helper-1[29027]: pam_unix(polkit-1:auth): authentication failure; logname= uid=1000 euid=0 tty= ruser=kali rhost= user=kali
2023-03-20T23:06:12.146659-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain ONE-SHOT authorization for action org.kali.pkexec.x-terminal-emulator for unix-process:1171:3762 [xfce4-panel] (owned by unix-user:kali)
2023-03-20T23:06:12.151750-04:00 kali pkexec: pam_unix(polkit-1:session): session opened for user root(uid=0) by (uid=1000)
2023-03-20T23:06:12.154165-04:00 kali pkexec[29018]: kali: Executing command [USER=root] [TTY=unknown] [CWD=/home/kali] [COMMAND=/usr/bin/x-terminal-emulator]
2023-03-20T23:07:25.269123-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain TEMPORARY authorization for action org.freedesktop.systemtoolsbackends.set for unix-process:29600:340990 [time-admin] (owned by unix-user:kali)
2023-03-20T23:09:01.183049-04:00 kali CRON[30664]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-20T23:09:01.187310-04:00 kali CRON[30664]: pam_unix(cron:session): session closed for user root
2023-03-21T00:11:31.460369-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain ONE-SHOT authorization for action org.kali.pkexec.x-terminal-emulator for unix-process:1171:3762 [xfce4-panel] (owned by unix-user:kali)
2023-03-21T00:11:31.466605-04:00 kali pkexec: pam_unix(polkit-1:session): session opened for user root(uid=0) by (uid=1000)
2023-03-21T00:11:31.469999-04:00 kali pkexec[32084]: kali: Executing command [USER=root] [TTY=unknown] [CWD=/home/kali] [COMMAND=/usr/bin/x-terminal-emulator]
2023-03-21T00:14:15.597683-04:00 kali sshd[33477]: Server listening on 0.0.0.0 port 22.
2023-03-21T00:14:15.599772-04:00 kali sshd[33477]: Server listening on :: port 22.
2023-03-21T00:15:01.484542-04:00 kali CRON[33853]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:15:01.489615-04:00 kali CRON[33853]: pam_unix(cron:session): session closed for user root
2023-03-21T00:17:01.496209-04:00 kali CRON[34809]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:17:01.502302-04:00 kali CRON[34809]: pam_unix(cron:session): session closed for user root
2023-03-21T00:22:14.689632-04:00 kali polkit-agent-helper-1[37330]: pam_unix(polkit-1:auth): authentication failure; logname= uid=1000 euid=0 tty= ruser=kali rhost= user=kali
2023-03-21T00:22:21.484688-04:00 kali polkitd[552]: Operator of unix-session:2 FAILED to authenticate to gain authorization for action org.kali.pkexec.x-terminal-emulator for unix-process:1171:3762 [xfce4-panel] (owned by unix-user:kali)
2023-03-21T00:22:21.486990-04:00 kali pkexec[37321]: kali: Error executing command as another user: Request dismissed [USER=root] [TTY=unknown] [CWD=/home/kali] [COMMAND=/usr/bin/x-terminal-emulator]
2023-03-21T00:25:01.511138-04:00 kali CRON[38702]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:25:01.515264-04:00 kali CRON[38702]: pam_unix(cron:session): session closed for user root
2023-03-21T00:35:01.529582-04:00 kali CRON[43526]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:35:01.534591-04:00 kali CRON[43526]: pam_unix(cron:session): session closed for user root
2023-03-21T00:39:01.541380-04:00 kali CRON[45445]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:39:01.543979-04:00 kali CRON[45445]: pam_unix(cron:session): session closed for user root
2023-03-21T00:40:12.242037-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T00:40:12.292790-04:00 kali systemd-logind[563]: New session c3 of user lightdm.
2023-03-21T00:40:12.315142-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T00:45:01.553263-04:00 kali CRON[48550]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:45:01.566269-04:00 kali CRON[48550]: pam_unix(cron:session): session closed for user root
2023-03-21T00:48:40.609653-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-21T00:48:40.610428-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-21T00:48:42.840624-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-21T00:48:42.854784-04:00 kali systemd-logind[563]: Removed session c3.
2023-03-21T00:48:53.008103-04:00 kali systemd: pam_unix(systemd-user:session): session closed for user lightdm
2023-03-21T00:50:05.547082-04:00 kali sshd[50752]: Accepted password for kali from 192.168.1.106 port 2490 ssh2
2023-03-21T00:50:05.549282-04:00 kali sshd[50752]: pam_unix(sshd:session): session opened for user kali(uid=1000) by (uid=0)
2023-03-21T00:50:05.557132-04:00 kali systemd-logind[563]: New session 21 of user kali.
2023-03-21T00:50:05.620504-04:00 kali sshd[50752]: pam_env(sshd:session): deprecated reading of user environment enabled
2023-03-21T00:54:04.062470-04:00 kali sshd[53024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.106 user=kali
2023-03-21T00:54:05.776875-04:00 kali sshd[53024]: Failed password for kali from 192.168.1.106 port 2651 ssh2
2023-03-21T00:54:11.410611-04:00 kali sshd[53024]: error: Received disconnect from 192.168.1.106 port 2651:0: [preauth]
2023-03-21T00:54:11.411168-04:00 kali sshd[53024]: Disconnected from authenticating user kali 192.168.1.106 port 2651 [preauth]
2023-03-21T00:55:01.581846-04:00 kali CRON[53565]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T00:55:01.586639-04:00 kali CRON[53565]: pam_unix(cron:session): session closed for user root
2023-03-21T00:59:17.247097-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain TEMPORARY authorization for action org.freedesktop.systemtoolsbackends.set for system-bus-name::1.102 [users-admin] (owned by unix-user:kali)
2023-03-21T00:59:31.134054-04:00 kali groupadd[56019]: group added to /etc/group: name=neko31662, GID=1001
2023-03-21T00:59:31.143175-04:00 kali groupadd[56019]: group added to /etc/gshadow: name=neko31662
2023-03-21T00:59:31.147057-04:00 kali groupadd[56019]: new group: name=neko31662, GID=1001
2023-03-21T00:59:31.182622-04:00 kali useradd[56025]: new user: name=neko31662, UID=1001, GID=1001, home=/home/neko31662, shell=/bin/bash, from=none
2023-03-21T00:59:31.268888-04:00 kali chfn[56034]: changed user 'neko31662' information
2023-03-21T00:59:31.297663-04:00 kali gpasswd[56040]: members of group users set by root to kali,neko31662
2023-03-21T00:59:31.364857-04:00 kali passwd[56055]: password for 'neko31662' changed by 'root'
2023-03-21T00:59:31.392220-04:00 kali passwd[56063]: password for 'neko31662' changed by 'root'
2023-03-21T00:59:47.234953-04:00 kali chpasswd[56434]: pam_unix(chpasswd:chauthtok): password changed for neko31662
2023-03-21T00:59:47.235782-04:00 kali chpasswd[56434]: gkr-pam: couldn't update the login keyring password: no old password was entered
2023-03-21T00:59:47.256351-04:00 kali passwd[56446]: password for 'neko31662' changed by 'root'
2023-03-21T01:00:18.021487-04:00 kali chpasswd[56819]: pam_unix(chpasswd:chauthtok): new password not acceptable
2023-03-21T01:00:38.044123-04:00 kali sshd[56885]: Accepted password for neko31662 from 192.168.1.106 port 2906 ssh2
2023-03-21T01:00:38.046901-04:00 kali sshd[56885]: pam_unix(sshd:session): session opened for user neko31662(uid=1001) by (uid=0)
2023-03-21T01:00:38.102756-04:00 kali systemd-logind[563]: New session 23 of user neko31662.
2023-03-21T01:00:38.123220-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user neko31662(uid=1001) by (uid=0)
2023-03-21T01:00:38.337775-04:00 kali sshd[56885]: pam_env(sshd:session): deprecated reading of user environment enabled
2023-03-21T01:05:01.597913-04:00 kali CRON[59246]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:05:01.602103-04:00 kali CRON[59246]: pam_unix(cron:session): session closed for user root
2023-03-21T01:09:01.609227-04:00 kali CRON[61172]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:09:01.612285-04:00 kali CRON[61172]: pam_unix(cron:session): session closed for user root
2023-03-21T01:10:30.902150-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T01:10:30.934474-04:00 kali systemd-logind[563]: New session c4 of user lightdm.
2023-03-21T01:10:30.953657-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T01:15:01.620153-04:00 kali CRON[64217]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:15:01.624000-04:00 kali CRON[64217]: pam_unix(cron:session): session closed for user root
2023-03-21T01:17:01.627910-04:00 kali CRON[65174]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:17:01.632398-04:00 kali CRON[65174]: pam_unix(cron:session): session closed for user root
2023-03-21T01:19:25.025877-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-21T01:19:25.026301-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-21T01:19:26.348755-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-21T01:19:26.356973-04:00 kali systemd-logind[563]: Removed session c4.
2023-03-21T01:19:36.501971-04:00 kali systemd: pam_unix(systemd-user:session): session closed for user lightdm
2023-03-21T01:25:01.641460-04:00 kali CRON[69101]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:25:01.646436-04:00 kali CRON[69101]: pam_unix(cron:session): session closed for user root
2023-03-21T01:30:10.069533-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T01:30:10.106594-04:00 kali systemd-logind[563]: New session c5 of user lightdm.
2023-03-21T01:30:10.124053-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T01:35:01.658329-04:00 kali CRON[74038]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:35:01.663393-04:00 kali CRON[74038]: pam_unix(cron:session): session closed for user root
2023-03-21T01:39:01.671852-04:00 kali CRON[75956]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:39:01.674923-04:00 kali CRON[75956]: pam_unix(cron:session): session closed for user root
2023-03-21T01:45:01.682449-04:00 kali CRON[78877]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:45:01.687353-04:00 kali CRON[78877]: pam_unix(cron:session): session closed for user root
2023-03-21T01:55:01.699980-04:00 kali CRON[83683]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T01:55:01.704056-04:00 kali CRON[83683]: pam_unix(cron:session): session closed for user root
2023-03-21T01:56:57.521221-04:00 kali sshd[56885]: pam_unix(sshd:session): session closed for user neko31662
2023-03-21T01:56:57.528015-04:00 kali systemd-logind[563]: Session 23 logged out. Waiting for processes to exit.
2023-03-21T01:56:57.532700-04:00 kali systemd-logind[563]: Removed session 23.
2023-03-21T01:57:07.760653-04:00 kali systemd: pam_unix(systemd-user:session): session closed for user neko31662
2023-03-21T02:01:47.620360-04:00 kali sshd[86883]: Accepted password for kali from 192.168.1.106 port 24589 ssh2
2023-03-21T02:01:47.623281-04:00 kali sshd[86883]: pam_unix(sshd:session): session opened for user kali(uid=1000) by (uid=0)
2023-03-21T02:01:47.659656-04:00 kali systemd-logind[563]: New session 36 of user kali.
2023-03-21T02:01:47.685716-04:00 kali sshd[86883]: pam_env(sshd:session): deprecated reading of user environment enabled
2023-03-21T02:02:14.229914-04:00 kali sshd[50752]: pam_unix(sshd:session): session closed for user kali
2023-03-21T02:02:14.241532-04:00 kali systemd-logind[563]: Session 21 logged out. Waiting for processes to exit.
2023-03-21T02:02:14.243743-04:00 kali systemd-logind[563]: Removed session 21.
2023-03-21T02:05:01.715136-04:00 kali CRON[88590]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:05:01.719982-04:00 kali CRON[88590]: pam_unix(cron:session): session closed for user root
2023-03-21T02:09:01.725870-04:00 kali CRON[90515]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:09:01.728810-04:00 kali CRON[90515]: pam_unix(cron:session): session closed for user root
2023-03-21T02:15:01.735453-04:00 kali CRON[93437]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:15:01.740210-04:00 kali CRON[93437]: pam_unix(cron:session): session closed for user root
2023-03-21T02:17:01.746172-04:00 kali CRON[94401]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:17:01.750575-04:00 kali CRON[94401]: pam_unix(cron:session): session closed for user root
2023-03-21T02:25:01.763787-04:00 kali CRON[98232]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:25:01.769440-04:00 kali CRON[98232]: pam_unix(cron:session): session closed for user root
2023-03-21T02:35:01.783685-04:00 kali CRON[103030]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:35:01.788055-04:00 kali CRON[103030]: pam_unix(cron:session): session closed for user root
2023-03-21T02:39:01.795867-04:00 kali CRON[104956]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:39:01.800609-04:00 kali CRON[104956]: pam_unix(cron:session): session closed for user root
2023-03-21T02:45:01.808909-04:00 kali CRON[107876]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:45:01.813364-04:00 kali CRON[107876]: pam_unix(cron:session): session closed for user root
2023-03-21T02:55:01.825774-04:00 kali CRON[112682]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T02:55:01.831143-04:00 kali CRON[112682]: pam_unix(cron:session): session closed for user root
2023-03-21T03:05:01.843494-04:00 kali CRON[117480]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T03:05:01.847681-04:00 kali CRON[117480]: pam_unix(cron:session): session closed for user root
2023-03-21T03:09:01.854500-04:00 kali CRON[119397]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T03:09:01.857687-04:00 kali CRON[119397]: pam_unix(cron:session): session closed for user root
2023-03-21T06:35:01.990675-04:00 kali CRON[121178]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T06:35:01.995484-04:00 kali CRON[121178]: pam_unix(cron:session): session closed for user root
2023-03-21T06:39:02.001388-04:00 kali CRON[123095]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T06:39:02.004006-04:00 kali CRON[123095]: pam_unix(cron:session): session closed for user root
2023-03-21T06:45:01.012382-04:00 kali CRON[126007]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T06:45:01.017180-04:00 kali CRON[126007]: pam_unix(cron:session): session closed for user root
2023-03-21T06:55:01.027935-04:00 kali CRON[130813]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T06:55:01.032848-04:00 kali CRON[130813]: pam_unix(cron:session): session closed for user root
2023-03-21T07:05:01.043666-04:00 kali CRON[135620]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:05:01.049360-04:00 kali CRON[135620]: pam_unix(cron:session): session closed for user root
2023-03-21T07:09:01.054144-04:00 kali CRON[137538]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:09:01.057194-04:00 kali CRON[137538]: pam_unix(cron:session): session closed for user root
2023-03-21T07:15:01.064160-04:00 kali CRON[140461]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:15:01.070038-04:00 kali CRON[140461]: pam_unix(cron:session): session closed for user root
2023-03-21T07:17:01.075910-04:00 kali CRON[141425]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:17:01.081029-04:00 kali CRON[141425]: pam_unix(cron:session): session closed for user root
2023-03-21T07:25:01.089769-04:00 kali CRON[145271]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:25:01.095921-04:00 kali CRON[145271]: pam_unix(cron:session): session closed for user root
2023-03-21T07:35:01.107630-04:00 kali CRON[150077]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:35:01.115737-04:00 kali CRON[150077]: pam_unix(cron:session): session closed for user root
2023-03-21T07:39:01.122467-04:00 kali CRON[151995]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:39:01.125622-04:00 kali CRON[151995]: pam_unix(cron:session): session closed for user root
2023-03-21T07:45:01.136042-04:00 kali CRON[154916]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:45:01.150307-04:00 kali CRON[154916]: pam_unix(cron:session): session closed for user root
2023-03-21T07:55:01.757219-04:00 kali CRON[159714]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T07:55:01.761846-04:00 kali CRON[159714]: pam_unix(cron:session): session closed for user root
2023-03-21T07:56:15.802512-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-21T07:56:15.802723-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-21T07:56:17.117699-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-21T07:56:17.128938-04:00 kali systemd-logind[563]: Removed session c5.
2023-03-21T07:56:36.429375-04:00 kali polkitd[552]: Operator of unix-session:2 successfully authenticated as unix-user:kali to gain TEMPORARY authorization for action org.freedesktop.systemtoolsbackends.set for system-bus-name::1.155 [users-admin] (owned by unix-user:kali)
2023-03-21T08:05:01.772218-04:00 kali CRON[164875]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T08:05:01.778274-04:00 kali CRON[164875]: pam_unix(cron:session): session closed for user root
2023-03-21T08:07:01.704294-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T08:07:01.740272-04:00 kali systemd-logind[563]: New session c6 of user lightdm.
2023-03-21T08:07:01.759372-04:00 kali systemd: pam_unix(systemd-user:session): session opened for user lightdm(uid=111) by (uid=0)
2023-03-21T08:09:01.784639-04:00 kali CRON[166915]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T08:09:01.788553-04:00 kali CRON[166915]: pam_unix(cron:session): session closed for user root
2023-03-21T08:15:01.796476-04:00 kali CRON[169852]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T08:15:01.801767-04:00 kali CRON[169852]: pam_unix(cron:session): session closed for user root
2023-03-21T08:17:01.808079-04:00 kali CRON[170808]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T08:17:01.812410-04:00 kali CRON[170808]: pam_unix(cron:session): session closed for user root
2023-03-21T08:25:01.822186-04:00 kali CRON[174652]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
2023-03-21T08:25:01.828007-04:00 kali CRON[174652]: pam_unix(cron:session): session closed for user root
2023-03-21T08:25:39.781938-04:00 kali lightdm: gkr-pam: unable to locate daemon control file
2023-03-21T08:25:39.782212-04:00 kali lightdm: gkr-pam: stashed password to try later in open session
2023-03-21T08:25:41.881167-04:00 kali lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
2023-03-21T08:25:41.891006-04:00 kali systemd-logind[563]: Removed session c6.
2023-03-21T08:25:51.974992-04:00 kali systemd: pam_unix(systemd-user:session): session closed for user lightdm