| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <016b01c268f3$b53dc0e0$3264a8c0@local> From: hggdh at attbi.com (HggdH) Subject: NTFS exploit This is actually not new -- it was discussed on BugTraq some 2 years ago. What happens here is NTFS will increase the size of the MFT as needed to store all file headers. A zero-lenght file will cause the same result -- all available space will eventually be taken by the MFT. The bad part of it is... there is no way for you to "downsize" the MFT. You _will_ have to format the drive. This is a nice DoS... ..hggdh.. ----- Original Message ----- From: "Geo" <geoincidents@...info.org> To: <full-disclosure@...ts.netsys.com> Cc: <paulwagner429@...mail.com> Sent: Monday, September 30, 2002 10:27 Subject: [Full-Disclosure] NTFS exploit I've seen this mentioned before (on bugtraq I think) but I had never seen a way to use it to hose a drive before. To see Windows 2000 NTFS use up all free space in an unrecoverable manner. (don't do this on a drive you can't afford to format) Create a directory called "dead" go into that directory and create a text file called dead.txt copy these instructions into the text file before saving it. (just some text to take up space should be under 1K in size) Ok, now open my computer, right click on the disk drive you are using and pick properties, pick tools, pick defragment and click on the analyze button. Notice how much of the drive shows as green system files. ok now from a command window log to the directory cd /dead and type this FOR /L %1 in (1,1,2000000) copy dead.txt dead%1.txt what this does is creates 2,000,000 copies of the dead.txt file. Now that they are created go ahead and check again in the defragment/analyze window, see all the green? Ok now in your command window making sure you are still logged to /dead go ahead and delete all those files cd /dead delete *.txt now check the defragment/analyze window again, no change right? If you had created enough .txt files to use up all the free space on your drive you would now not be able to save a large file to the drive. The problem is that NTFS stores small files in the actual directory table instead of as a separate data stream, it does this for efficiency. It also never releases this space once it's been used. Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists