ADS(Alternate Data Stream):- Windows Has a weired feature
in NTFS file system. Which can be used for different purpose. Its upto you.
Using this you can hide a file/folder inside an another file so that no one else
can see that, most amazingly the file size will not increase. I am giving you an
example to hide an exe into a text file. Try it. Visit Ethical hacking Section
of my blog & request for detail if you want to know all the aspect of this feature & counter forensic
technique.
copy calc.exe from windows\system32 folder to c: drive
Now create a text file (say sample.txt) in c: drive
now run following command
C:\>type calc.exe>sample.txt:calc.exe
Delete the calc.exe.
Now open sample.txt & check its isze also . & then run
C:\>start .\sample.txt:calc.exe
copy calc.exe from windows\system32 folder to c: drive
Now create a text file (say sample.txt) in c: drive
now run following command
C:\>type calc.exe>sample.txt:calc.exe
Delete the calc.exe.
Now open sample.txt & check its isze also . & then run
C:\>start .\sample.txt:calc.exe
No comments:
Post a Comment