PrepAway - Latest Free Exam Questions & Answers

What file system vulnerability does the following command take advantage of?

What file system vulnerability does the following command take advantage of?
type c:anyfile.exe > c:winntsystem32calc.exe:anyfile.exe

PrepAway - Latest Free Exam Questions & Answers

A.
Backdoor access

B.
ADS

C.
NTFS

D.
HFS

Explanation:
ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename :stream .

2 Comments on “What file system vulnerability does the following command take advantage of?

    1. Daniel says:

      correct. The answer is Alternate Data Streams (ADS). ADS is the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer. Alternate Data Streams (ADS) provides hackers with a method of hiding root kits on a breached system and allows them to be executed without being detected by the systems administrator.


Leave a Reply