I'd like to create a program that completely hides folders from the OS (like Magic Folders). Any ideas on a starting point? Can entries be removed from the FAT table through MASM and then restored? Thanks.
Yes, an extremely dangerous way of doing so as those "clusters" can and will be used if they are not set as used already. The best way to do such a thing is to edit the way the GUI displays folders/files. You would have to intercept the GUI and "inject" a list of the folders you do not want shown; that itself would take something similiar to an organized database to run.
A good starting point would be to read this....
http://www.microsoft.com/hwdev/download/hardware/FATGEN103.pdf
You could leave the clusters marked in the FAT table so they don't get written over, but remove the directory info.... Though I'm not sure defraging would be a good idea after doing so...
But you could probaly come up with more ideas on the subject by carefully messing with the file system on a floppy disk using debug.... Just don't rush to try it on the hd you're using :)
http://www.microsoft.com/hwdev/download/hardware/FATGEN103.pdf
You could leave the clusters marked in the FAT table so they don't get written over, but remove the directory info.... Though I'm not sure defraging would be a good idea after doing so...
But you could probaly come up with more ideas on the subject by carefully messing with the file system on a floppy disk using debug.... Just don't rush to try it on the hd you're using :)
I am sure there is an easier and much less dangerous way. For example, globally hooking FindFirstFile and FindNextFile could be a start.
The cleanest+most powerful way is probably some filesystem filtering driver.
Too bad there doesn't seem to be too much good info around on this - or
perhaps kayaker or some other guy has some good links available? ;)
Too bad there doesn't seem to be too much good info around on this - or
perhaps kayaker or some other guy has some good links available? ;)
The cleanest+most powerful way is probably some filesystem filtering driver.
Too bad there doesn't seem to be too much good info around on this - or
perhaps kayaker or some other guy has some good links available? ;)
There are some advanced links on the 'filesystem drivers' topic on the following (well-known) pages(s):
http://www.acc.umu.se/~bosse/
http://www.insidewindows.info/
And the way that Magic Folders does it is to install a filter driver, shame it was such an unstable piece of sh*it.
Thanks for the replies. After I posted this originally I discovered the file system filter driver stuff. Too bad information on the subject is extremely limited.
here is my example that i've made so i could learn how to write VxD. when i'll finish it, you can restrict to some folders access or even make them "invisible" but for now, i've just wanted to learn something new :grin:
for now it is a very stupid app, when you will start VxDLoader, push Hook It and try to open/create some .TXT
full source attached
any suggestions are welcom
this project won't be update for about 2~3 weeks, i'm going on vacation :grin: :grin: :grin: at last :grin:
for now it is a very stupid app, when you will start VxDLoader, push Hook It and try to open/create some .TXT
full source attached
any suggestions are welcom
this project won't be update for about 2~3 weeks, i'm going on vacation :grin: :grin: :grin: at last :grin:
:stupid:
forgot the attachment :grin:
forgot the attachment :grin:
i'm going on vacation :grin: :grin: :grin: at last :grin:
It is useless! Im trying to make something similar to MagicFolders but in asm and freeware. But there is one little problem... i dont know how to handle IFSFN_FINDOPEN and IFSFN_FINDNEXT in FileSystemApiHookFunction. i read DDK infos, i googled around searching some tuts, infos, help, i even searched some VXD virus source and tuts. but nothing!
for those who can get mad about the rules:
NO! im not makeing a virus, but if i were a virus writer i do some stuff to maka my vir invisble for the system, so i would hook File System and filter it to hide my vir.
i have.... no, i had a freshly installed win98 to test, but it had a milion crashses since that time.
i real do not know what to do, but im convinced that I m missing something stupid and simple but right now i dont have a clue what it is, I ve got a major headache, i feel like i was hit bz a train:(
if You have any infos, source examples of how could i property handle IFSFN_FINDOPEN and IFSFN_FINDNEXT "functions" i will be glad to read them :grin:
to bitRAKE:
some time ago U posted masm-vxd for RadASM... i used it fo my project :) thx for that
I m not going out from Poland, but imma get 18 days without TV, computer or even radio.... it will be great time :)
GOD i need vaction
Regards!
for those who can get mad about the rules:
NO! im not makeing a virus, but if i were a virus writer i do some stuff to maka my vir invisble for the system, so i would hook File System and filter it to hide my vir.
i have.... no, i had a freshly installed win98 to test, but it had a milion crashses since that time.
i real do not know what to do, but im convinced that I m missing something stupid and simple but right now i dont have a clue what it is, I ve got a major headache, i feel like i was hit bz a train:(
if You have any infos, source examples of how could i property handle IFSFN_FINDOPEN and IFSFN_FINDNEXT "functions" i will be glad to read them :grin:
to bitRAKE:
some time ago U posted masm-vxd for RadASM... i used it fo my project :) thx for that
I m not going out from Poland, but imma get 18 days without TV, computer or even radio.... it will be great time :)
GOD i need vaction
Regards!
i'm posting new version of the example. when my friend tested it had few crushes when he tried to open My Computer, it seems that windows has some very importatnt text files which I didnt allow him to read :grin:
now the "error" is eliminated by more specific file filter, U can open any .TXT file which name isn't M$.TXT
but still do not know how to property handle IFSFN_FINDOPEN and IFSFN_FINDNEXT :(
now the "error" is eliminated by more specific file filter, U can open any .TXT file which name isn't M$.TXT
but still do not know how to property handle IFSFN_FINDOPEN and IFSFN_FINDNEXT :(
vxds, hummmmm well lots of people are going xp and vxds dont work under nt.
I'd like to create a program that completely hides folders from the OS (like Magic Folders). Any ideas on a starting point? Can entries be removed from the FAT table through MASM and then restored? Thanks.
Another way is to create folders using the extended ASCII characters. You would have to shell out to DOS and create the directories. Windows Explorer can see a directory but can't display any of the files.