Home    Training    Downloads    Tutorials    Arbitary    Get Fate    Proxy Info
 
Training session 6: Hiding your Loot
Difficulty: Easy
Learn how it is possible to hide your files
Creator: m101


So your on a public computer and you want to protect your loot (password files, tools, games?) from some scabby administrator, teacher or little brother...

Starting from the basics, break into PURE dos, without any windows running in the background and got into the root directory 'cd \' Now type the folling in full 'md "hello "' thats right put a space there, now type 'cd hello' and it wont get in, now put the brackets and the space in and type 'cd "hello "' and ure in, go back to the root directory and do a 'dir' and you will see it just APPEARS to say 'hello' so many dumb asses will get really confused if they try to get in thru dos.

Next one, there are 256 ASCII characters, ranging from 0 to 255 now windows's character set only recognizes the basic keyboard codes, but nothing like, 245 which windows defaults to a single '_' so you ask how do i do this? ok, get back into dos and type 'md ' followed by holding alt and typing 245 on the numpad and then releasing alt. A wierd character will appear so press enter. Now get back into windows and try opening it, as long as you are running a version of windows lower than windows 2000 it will tell you access is denied, as windows is acctually looking for '_' now this is cool, but under dos a simple dir and an ascii chart can tell you the code. So use multiples and put the space on the end, also there are 4 codes that appear as spaces in dos so make use of them.

Ok now to make this better use the 'subst' command, go into your directory and type 'subst z: .' now go into my computer and there will be a Z drive there untill you reboot that is a direct link to you directory. To access it just type z:\ in explorer, but what if someone looks over your shoulder and sees a Z Drive? Input the following key into the registry

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
NoDrives=4000000

Make sure you type it into the hex value. Now reboot and 'subst' again, there wont be a Z Drive in my computer anymore, to remove the 'subst' just type 'subst z: /d' Subst stands for substitute drive for those who wish to know. To add more security hide your directory in a directory like 'c:\windows\system32\vmm32' dont forget to do a 'attrib +h +s +r' on it so lamers dont find it, many administrators dont even have it set to show hidden files.

So you run windows 2000, and want to stop em, well heres how:

Copy and paste a copy of your recycle bin, that right, your recycle bin, rename it to the characters you like and put it in a hidden folder of your choice. Now go into dos and type 'edit' and browse for your directory, and edit the dekstop.ini file in it, and replace the code after CLS-ID with any of the following:

My Computer :{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Control Panel:{21EC2020-3AEA-1069-A2DD-08002B30309D}
Dial-Up-Networking:{992CFFA0-F557-101A-88EC-00DD01CCC48}
Desktop: {00021400-0000-0000-C000-0000000000046}
Inbox :{00020D76-0000-0000-C000-000000000046}
Network Neighborhood:{208D2C60-3AEA-1069-A2D7-O8002B30309D}
Printers :{2227A280-3AEA-1069-A2DE-O8002B30309D}
Recycle Bin :{645FF040-5081-101B-9F08-00AA002F954E}
The Microsoft Network:{00028B00-0000-0000-C000-000000000046}
History: {FF393560-C2A7-11CF-BFF4-444553540000}
Fonts: {BD84B380-8CA2-1069-AB1D-08000948534}
My Briefcase:{85BBD920-42AO-1069-A2E4-08002B30309D}

just replace the bit between the {} now reboot and go to you directory, double click it and it will open whatever the CLS-ID corresponds to, that eliminates windows from annoying us any futher, create another directory in this folder and do the ASCII thing again to make it hidden, now just 'subst' to this folder and youve got yourself a directory that can only be access by someone with intelligence (definately no administrators) and you can put all your loot in it.

This proccess may seem real slow so you can create a batch file to do this, just remember to give it an ASCII name and to attrib it and remember to ALWAYS disable you drive when you log off.

When you are on the computer a nosey person may always see something in the taskbar that could get you in trouble so download a program called Outtasight from http://rosa.simplenet.com and set it up to autimaticaly hide on start up and password protect acces, then when you want to hide something you can just press a key combination and its gone.

Also change the name of executables to stuff like 'winword.exe' so they dont come up in any logs, and rename any zip files.
Name

URL or Email

Message