You have hidden a Trojan file virus.exe inside another file readme.txt using NTFS streaming.
Which command would you execute to extract the Trojan to a standalone file?
A.
c:\> type readme.txt:virus.exe > virus.exe
B.
c:\> more readme.txt | virus.exe > virus.exe
C.
c:\> cat readme.txt:virus.exe > virus.exe
D.
c:\> list redme.txt$virus.exe > virus.exe
Explanation:
cat will concatenate,or write,the alternate data stream to its own file named
virus.exe
cat is Unix/Linux command. On Windows it is not available (default install). So I think right answer should be A.
C
A should be the correct answer: http://www.irongeek.com/i.php?page=security/altds
Your link shows that the Type command cant understand the Colon in the ADS Syntax
C
A is correct
Confirmed it by creating a stream file and then extracting it using the command in A.
for me is A, for CEH is…..?????