Home > Developer > Windows

Hiding files with ntfs streams

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

When you copy files from an ntfs partition to a non-ntfs partition, you may occasionally encounter the following situation: the system prompts that data will be lost. What is the problem?

In fact, the ntfs file system introduces the concept of "stream". Each file can have multiple streams, but we generally only use one. By allocating more streams to the file, it can realize "file hiding" in a certain sense ". for example, you can use the following command in the console to create a text file:
Dir d:> abc.txt
It lists all the files in the d: root directory, and then redirects them to the abc.txt file. Now you can check the size and content of the abc.txt file and record it. Then run the following command dir c:> abc.txt: stream.txt
After the script is executed, check that the size and content of abc.txt have not changed. However, the actual abc.txthas already added a stream.txt stream, and the redirected content is output to it. The cursor ends, otherwise the notepad cannot be found ):
Notepad abc.txt: stream.txt
In this way, a file is hidden. the dir command cannot be seen, the file attributes cannot be seen, and the resource manager cannot be seen. If you do not know the stream name, notepad cannot be accessed.

In fact, the stream does not depend on the file. The following command is also valid (do not try it first, otherwise it may be a bit troublesome ):
Dir e:>: stream.txt
This is to bind the stream to a folder, which is more concealed. generally, to delete a stream, you only need to delete its host. If you execute the command and run it on the root folder, if you want to delete it, congratulations! You want to resize the disk :). however, it is not difficult to delete a stream by writing a program. You only need to call DeleteFile and provide the stream name. to enumerate all streams in a file, only BackupRead can be used currently. I wrote a small program that can be used to enumerate, delete, and import and export data in the stream. The following is its code (the writing is too hasty, and there may be some bugs, however, the main functions are all implemented. Its name is nsvw, that is, Ntfs Stream Viewer ).


This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ostrich hiding transfer files with ssh delete directory with files find files with owner php working with files open rar files with redis streams
Related Article
Unable to access Windows Installer service while attempting t...
How to remove bootcamp Windows partition in Mac dual system
Windows Server 2016-active Directory Domain Services Port rollup
Windows Server 2003 key
Using word to convert a PDF file to a DOC file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More