NTFS file system in windows allows you to store data behind a file name with the use of a stream name it's not detectable browsing the file system any where within windows . It can be access it with secret key which are name of the stream
NTFS file system stream contain the data that is written to a file .
1 Hiding data in a secret compartment
2 Detecting secret files :-Secret files can be detect by using " dir /r " (without quotation) in command prompt (cmd.exe)
3 Adding value in secret file
4 Reading secret file:-
5 Deleting secret files:-
download the stream.exe from here download.sysinternals.com/files/Streams.zip
And follow as shown in image
No comments:
Post a Comment