[framework] Meterpreter irb shell/scripting questions

[gat0r]

Probably easy answers for the pros but I have been staring at the API and
google didn't help me so far.  I know I can do the first one with timestomp
but I want to do some scripting with  it.  I didn't see any eventlog options
so I wanted to do some scripting with that.


http://www.metasploit.com/projects/Framework/msf3/api/rex/classes/Rex/Post/M
eterpreter/Extensions/Priv/Fs.html

says:
set_file_mace(file_path, modified = nil, accessed = nil, created = nil,
entry_modified = nil)

Sets the Modified, Accessed, Created, and Entry Modified attributes of the
specified file path. If a nil is supplied for a value, it will not be
modified. Otherwise, the times should be instances of the Time class.

What is the format of Time Class?  Can someone give me an example?



http://www.metasploit.com/projects/Framework/msf3/api/rex/classes/Rex/Post/M
eterpreter/Extensions/Stdapi/Sys/EventLog.html

How do I pass the name of which event log I want to read (system, security,
etc)

If I pass it "security" I get a bunch of stuff but it all looks meterpreter
related.

>> client.sys.eventlog.open'security'
=> #<#<Class:0x33d2754>:0x343dcac @handle=25403664,
@client=#<Msf::Sessions::Meterpreter:0x33d6fc0
@orig_suspend=#<Proc:0x01358584 at ./lib/rex/ui/interactive.rb:208>, @sid=5,
@ext=#<Rex::Post::Meterpreter::ObjectAliases:0x33d6f20
@aliases={"stdapi"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Stdapi:0x3
3d2fc4 @name="stdapi", @client=#<Msf::Sessions::Meterpreter:0x33d6fc0 ...>>,
"priv"=>#<Rex::Post::Meterpreter::Extensions::Priv::Priv:0x33cd7b8
@fs=#<Rex::Post::Meterpreter::Extensions::Priv::Fs:0x33ce03c
@client=#<Msf::Sessions::Meterpreter:0x33d6fc0 ...>>,

....

Looks like I get the same thing with

>> client.sys.eventlog.open'system'

And trying to clear it gives me

>> client.sys.eventlog.clear'system'
NoMethodError: undefined method `clear' for #<Class:0x33d2754>

Thanks in advance for any replies

-G