Please report all spam threads, posts and suspicious members. We receive spam notifications and will take immediate action!
Results 1 to 7 of 7

Thread: NTFS file system vulnerability




  1. #1
    Join Date
    Nov 2001
    Posts
    362

    Default

    A lovely little "feature" built into NTFS called alternative data streams......data which can be attached to files and can't be deleted or seen in directories and the like.......

    have a look......very interesting

    http://www.diamondcs.com.au/streams/streams.htm

    I created one attached to the boot dir on the win2k ntfs system at work......easy peasy...... and no-one in the tech area (very large Govt agency) has ever heard of them and they were amazed when I showed them......
    The older I get...the better I was

  2. #2
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    Now that's very interesting. :?:

  3. #3
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

    Default

    hmmm

    I could use that for something I'm sure

  4. #4
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    Yes I'm sure ya could and it wouldn't take ya long to figure what. :rolleyes2

  5. #5
    Join Date
    Nov 2001
    Location
    Taipei, Taiwan
    Posts
    4,308

    Default

    New to me.
    Cameron "Mr.Tweak" Wilmot
    Managing Director
    Tweak Town Pty Ltd

  6. #6
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

    Default

    it'd make a nice backdoor into the system if i should get fired

  7. #7
    Join Date
    Nov 2001
    Posts
    362

    Default

    Luvly feature isn't it....no wonder Micro$oft has been keeping it quiet....and what's more they stress the security aspects of NTFS....ha.....it blows most security defences away if a file, any file, can be streamed with malicious code.....no-one could find it and it could sit dormant like a time bomb.....especially if its attached to the root dir....only a format could get rid of it....TDS couldn't get rid of the file I attached to my work system root....
    The older I get...the better I was

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •