Difference between pages "Hash (tool)" and "Talk:Linux Logical Volume Manager (LVM)"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(needs expanding)
 
(Created page with "Should we change :To make the volume group known to the system :vgexport $VOLUMEGROUP to :To make the volume group known to the system :vgimport $VOLUMEGROUP ? vgexport ma...")
 
Line 1: Line 1:
{{Expand}}
+
Should we change
{{Infobox_Software |
+
  name = Hash |
+
  maintainer = [[The Grugq]] |
+
  os = {{Linux}} |
+
  genre =  |
+
  license =  |
+
  website = [http://www.tacticalvoip.com/ tacticalvoip.com] |
+
}}
+
  
===Background===
+
:To make the volume group known to the system
 +
:vgexport $VOLUMEGROUP
  
Hash ('''Ha'''cker '''She'''ll) is a tool to enable people to evade detection while penetrating a system.
+
to
  
Hash, originally written in 2003, was re-written in June 2007 and released at the Korean security conference, [http://www.powerofcommunity.net Power of Community] that November.
+
:To make the volume group known to the system
 +
:vgimport $VOLUMEGROUP
 +
?
  
===Features===
+
vgexport makes volume groups ''unknown'' to the system, vgimport makes exported volumes ''known'' to the system. See also [http://www.tldp.org/HOWTO/LVM-HOWTO/recipemovevgtonewsys.html this]. You should also remember, that both vgexport/vgimport alter the data on the physical device. I also added "loop" option to the mount command example, since "-o ro" may alter the data in the file system (replay the journal, etc) [[User:.FUF|.FUF]] ([[User talk:.FUF|talk]]) 10:19, 7 May 2014 (CDT)
 
+
'''Hacking utilities'''  
+
* Inline file transfer
+
* qondom - remote diskless execution
+
 
+
'''Builtins'''
+
* Triggers
+
* Aliasing
+
* Basic file system and shell escape commands
+
 
+
===External Links===
+
* [http://powerofcommunity.net/poc2007/grugq.pdf PoC presentation: ''Hacking Sucks!'']
+
* [http://www.tacticalvoip.com/tools.html hash-0.2.5.tar.gz]
+
 
+
[[Category:Anti-Forensic Tools]]
+
[[Category:Anti-forensics tools]]
+

Latest revision as of 10:19, 7 May 2014

Should we change

To make the volume group known to the system
vgexport $VOLUMEGROUP

to

To make the volume group known to the system
vgimport $VOLUMEGROUP

?

vgexport makes volume groups unknown to the system, vgimport makes exported volumes known to the system. See also this. You should also remember, that both vgexport/vgimport alter the data on the physical device. I also added "loop" option to the mount command example, since "-o ro" may alter the data in the file system (replay the journal, etc) .FUF (talk) 10:19, 7 May 2014 (CDT)