LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-26-2006, 05:43 PM   #1
DropSig
Member
 
Registered: Apr 2004
Location: East of Quebec
Distribution: Kubuntu, LFS
Posts: 208

Rep: Reputation: 30
Can i hide a file with bmap????


i know u can hide text and i can hide most file that way(because they mostly are text or script)
But can i hide a binary file in a slack????
 
Old 01-26-2006, 07:43 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,943
Blog Entries: 54

Rep: Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731
Why don't you just try it. Your system has enough binaries to play with...
 
Old 01-27-2006, 08:31 AM   #3
DropSig
Member
 
Registered: Apr 2004
Location: East of Quebec
Distribution: Kubuntu, LFS
Posts: 208

Original Poster
Rep: Reputation: 30
so far i did'nt have any succes. the somewhat closest i got was with:
bmap --target (File with slack) --mode putslack (Binary file)
which get me a "seek error"

Or i just tried:
cp (binary file) (binary file).2 | bmap --mode putslack (File with slack)
gives me:
stuffing block 1107588
slack size 1490
block size 4096


#i made sure to check that the slack was big enough to hold the file.

well it did copy something in the slack but not what i wanted.

I can easily place the output of any operation mabe by or on a binary in the slack but not the file itself.
 
Old 01-29-2006, 06:32 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,943
Blog Entries: 54

Rep: Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731Reputation: 2731
a "seek error"
Hmm. No idea why. Maybe run strace on it. Then again Bmap is rather old and I think it's not supported/maintained anymore.


#i made sure to check that the slack was big enough to hold the file.
How did you check? Read somewhere the kernel does show the right value but "stat" doesn't.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
If you were OpenGL, where would you hide? Elomis Linux - Software 6 01-05-2005 12:05 AM
idea to hide encrypted file system on audio cd ? qwijibow Linux - Security 2 09-13-2004 08:53 PM
hide ip address treotan Linux - Networking 2 08-02-2004 08:02 AM
Need to hide bootloader ScribeOfTheNile Linux - Newbie 5 11-21-2003 07:42 AM
Why hide the logout? tomplate General 8 03-14-2002 01:04 PM


All times are GMT -5. The time now is 10:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration