Perfect hidden files
Advantages
Unlike in the previous trick, This will work in all the windows versions. This is a very effective method
Method
- Create a temporary folder on the root of your NTFS drive. Name the folder test, or give it another suitable name.
- Copy notepad.exe into the test folder and rename it hack.exe. You will use this file to simulate it as the hacking tool.
- Next, create a text file called testfile.txt. Place some text inside the readme file, something like hello world will work.
- Open a command prompt and change directories to place yourself in the test folder. By performing a directory listing, you should see two files: hack.exe and readme.txt. Record the total free space shown after the directory listing
- From the command line, issue the following command:
Type hack.exe > testfile.txt:hack.exe
- Now run a directory listing again and record the free space results
- Has anything changed? You should have noticed that free space has been reduced. That is because you streamed hack.exe behind readme.txt.
- Erase hack.exe as it’s no longer needed, and then execute the following from the command line:
Start c:\test\testfile.txt:hack.exe
Or if you want to get the exe back try following
testfile.txt>hack.exe
- Did you notice what happened? Your hacked file, notepad.exe, should have popped open on the screen. The file is completely hidden, as it is streamed behind readme.txt.
A caution
Since windows cant ’see’ the file. It may overwrite it by some other file. As a result rarely you may not be able to recover your file! So do not use this method on important files unless you have a backup. Partitions that are frequently create or delete files is not a suitable place. Do not defragment the partition after hiding the file.
Detecting streaming files
Use a scanner tool such as sfind or LNS (http://www.ntsecurity.nu/toolbox/lns/.)