ext2 info hiding mod online with Winfy
We have hosted the application ext2 info hiding mod in order to run this application in our online workstations with Wine or directly.
Quick description about ext2 info hiding mod:
This modification of the ext2 kernel module allows to create files (cover files) whose block arrangement gets manipulated to represent a binary code, which can be extracted later.The information hiding approach used in this project was introduced by Khan et. al in
'Designing a cluster-based covert channel to evade disk investigation and forensics' (1st approach).
Algorithm:
When a cover file is written, an even blocknr. (for the 1st datablock) is choosen to represent a 0 or an odd blocknr. to represent an 1. For the remaining blocks of the cover file till the end of the code is reached,
an adjacent blocknr. represents the same bit as the previous one and a non-adjacent blocknr. (a block will be skipped) a negated previous bit.
It's necessary to use a partition with enough adjacent free blocks (code length + holes for fragmentation) within a blockgroup, for this algorithm to work correctly.
WARNING: This is experimental software and could cause crashes or data loss!.
Features:
- Hides a binary code in ext2/3 partitions through fragmentation of blocks from cover files
- Simply replace the existing ext2 module with this one to generate cover files
- Write on existing ext2 and ext3 partitions
- No additional storage space for the code is required
Audience: Science/Research, Developers, Security Professionals, Security.
Programming Language: C.
Categories:
Security, Filesystems
©2024. Winfy. All Rights Reserved.
By OD Group OU – Registry code: 1609791 -VAT number: EE102345621.