lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: geoincidents at getinfo.org (Geo) Subject: NTFS exploit I've seen this mentioned before (on bugtraq I think) but I had never seen a way to use it to hose a drive before. To see Windows 2000 NTFS use up all free space in an unrecoverable manner. (don't do this on a drive you can't afford to format) Create a directory called "dead" go into that directory and create a text file called dead.txt copy these instructions into the text file before saving it. (just some text to take up space should be under 1K in size) Ok, now open my computer, right click on the disk drive you are using and pick properties, pick tools, pick defragment and click on the analyze button. Notice how much of the drive shows as green system files. ok now from a command window log to the directory cd /dead and type this FOR /L %1 in (1,1,2000000) copy dead.txt dead%1.txt what this does is creates 2,000,000 copies of the dead.txt file. Now that they are created go ahead and check again in the defragment/analyze window, see all the green? Ok now in your command window making sure you are still logged to /dead go ahead and delete all those files cd /dead delete *.txt now check the defragment/analyze window again, no change right? If you had created enough .txt files to use up all the free space on your drive you would now not be able to save a large file to the drive. The problem is that NTFS stores small files in the actual directory table instead of as a separate data stream, it does this for efficiency. It also never releases this space once it's been used. Geo.
Powered by blists - more mailing lists