• Tech

    How to Set NTFS Permissions

    NTFS (New Technology File System) is the standard file system for Microsoft Windows environments. The file system is also supported in other operating systems like Linux, but MacOS only offers read-only support. These NTFS permissions are the rules applied to files and folders to allow, or limit, user access. If you’re looking to work in information security, then you should know permission management is a critical security concept – and you should be using these permissions alongside share permissions. Don’t worry if you don’t know the difference as we’ll discuss it later! Setting NTFS Permissions To set permissions you use the Access Control List, which is accessed through a file/folders properties.…

  • Hiding Files with NTFS Alternate Data Streams

    Hiding Files with NTFS Alternate Data Streams

    Alternate Data Streams (ADS) are a feature of the NTFS file system. NTFS alternate data streams were originally designed to provide compatibility with the Hierarchal File System (HFS) of Mac Systems. Now, they mainly act as a form of text steganography to hide executables or proprietary content by threat agents. For example, they can provide attackers with a method of hiding hacker tools, keyloggers, and so on, on a breached system without being detected. Why do Alternate Data Streams exist? Considering the malicious use of alternate data streams, shouldn’t have we really got rid of them? Well, alternate data streams actually have their benefits too, such as: Windows Resource Manager leverages ADS to identify…

  • How to Bypass the Windows Boot Process

    How to Bypass the Windows Boot Process

    Before we get ahead of ourselves, this how-to guide is based on vulnerable virtual machines. The purpose of the guide is to show how easy it is to bypass the Windows boot process and OS security features to gain access to information stored on the drives. Disclaimer: This is an educational exercise which should only be attempted on virtual machines belonging to yourself. This is not intended to cause harm and you should allows follow the Computer Misuse Act. Is this Exercise for You? This guide is for penetration testing practices, designed for CTF participants and exploit researchers. It is assumed you already have a (potentially) vulnerable machine which may be…