hiding exectables using ADS (Alternate data streams)

Posted by Dr Deo on Stack Overflow See other posts from Stack Overflow or by Dr Deo
Published on 2010-03-30T18:28:12Z Indexed on 2010/03/30 18:43 UTC
Read the original article Hit count: 350

Filed under:

c

|

c++

|

filesystems

|

Microsoft

|

ntfs

i hear that NTFS alternate data streams can be used to hide running executabes.
eg supporse i have an exe called hiddenProgram.exe on windows xp,using cmd.exe or system(char*) calls in c,

type hiddenProgram.exe > c:\windows\system32\svchost.exe:hiddenProgram.exe

start c:\windows\system32\svchost.exe:hiddenProgram.exe

starts svchost and at the same time hiddenProgram.exe
but hiddenProgam.exe is not displayed in windows task manager!! unfortunately, svchost is displayed as svchost:hiddenProgram

Qn how can i ensure that hiddenProgram.exe is hidden totally in task manager.

Related posts about c++

Which C++ book shold I get between "C++ Primer" vs "C++ Primer Plus"

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to learn C++ by using Vim and MinGW as compiler. I'm interesting at "C++ Primer (4th Edition)" and "C++ Primer Plus (5th Edition)" but I don't know how about it different. It has no book store that I can review those books, so I want to know, what is the different between those book and which… >>> More
C++ : C++ Primer (Stanley Lipmann) or The C++ programming language (special edition)

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a Computer Science degree (long2 time ago) .. I do know Java OOP but i am now trying to pick up C++. I do have C and of course data structure using C or pascal. I have started reading Bjarne Stroustrup book (The C++ Programming Language - Special Edition) but find it extremely difficult esp… >>> More
I need help on my C++ assignment using MS Visual C++

as seen on Stack Overflow - Search for 'Stack Overflow'
Ok, so I don't want you to do my homework for me, but I'm a little lost with this final assignment and need all the help I can get. Learning about programming is tough enough, but doing it online is next to impossible for me... Now, to get to the program, I am going to paste what I have so far. This… >>> More
Managed c++ std::string not accessible in unmanaged c++

as seen on Stack Overflow - Search for 'Stack Overflow'
In unmanaged c++ dll i have a function which takes constant std::string as argument Prototype : void read ( const std::string &imageSpec_ ) I call this function from managed c++ dll by passing a std::string. When i debug the unmanaged c++ code the parameter imageSpec_ shows the value correctly… >>> More
The Definitive C++ Book Guide and List

as seen on Stack Overflow - Search for 'Stack Overflow'
After more than a few questions about deciding on C++ books I thought we could make a better community wiki version. Providing QUALITY books and an approximate skill level. Maybe we can add a short blurb/description about each book that you have personally read / benefited from. Feel free to debate… >>> More

Developer IT

hiding exectables using ADS (Alternate data streams) - Developer IT

hiding exectables using ADS (Alternate data streams)

c

c++

filesystems

Microsoft

ntfs

Related posts about c

Related posts about c++

Which C++ book shold I get between "C++ Primer" vs "C++ Primer Plus"

C++ : C++ Primer (Stanley Lipmann) or The C++ programming language (special edition)

I need help on my C++ assignment using MS Visual C++

Managed c++ std::string not accessible in unmanaged c++

The Definitive C++ Book Guide and List

Categories cloud