private bool GetStreamInfo() { if (File.FileInformation .AlternateDataStreamExists("MeediOS.Item")) { try { StreamInfo = File.FileInformation.GetAlternateDataStream( "MeediOS_Item", FileMode.Open); return true; } catch (Exception) { return false; } } return false; }
public override bool Equals(object obj) { if (object.ReferenceEquals(null, obj)) { return(false); } if (object.ReferenceEquals(this, obj)) { return(true); } StreamInfo info = obj as StreamInfo; if (null != info) { return(_stream.Equals(info._stream)); } AlternateDataStreamInfo other = obj as AlternateDataStreamInfo; if (null != other) { return(_stream.Equals(other)); } string path = obj as string; if (null != path) { return(string.Equals(path, _stream.FullPath, StringComparison.OrdinalIgnoreCase)); } return(false); }
private static void getZoneIdFromFileName(string fileName, bool quietMode) { var fileInfo = new FileInfo(fileName); // Read the "Zone.Identifier" stream, if it exists: if (fileInfo.AlternateDataStreamExists("Zone.Identifier")) { AlternateDataStreamInfo s = fileInfo.GetAlternateDataStream("Zone.Identifier", FileMode.Open); if (!quietMode) { Console.WriteLine("Found the Zone.Identifier ADS in {0}. Size: {1} bytes. ", fileName, s.Size); Console.WriteLine("--------------------[BEGIN]--------------------"); } using (TextReader reader = s.OpenText()) { Console.WriteLine(reader.ReadToEnd()); } if (!quietMode) { Console.WriteLine("---------------------[END]---------------------"); } } else { if (!quietMode) { Console.WriteLine("Zone.Identifier ADS is not found on {0}", fileName); } } }
private static void ShowContentsOfStream(FileInfo file, AlternateDataStreamInfo s) { Console.WriteLine($" {s.Name}"); using (TextReader reader = s.OpenText()) { Console.WriteLine(reader.ReadToEnd()); } }
public static void SaveMD5Stream(AlternateDataStreamInfo md5StreamInfo, byte[] fileHash, DateTime fileWriteTimeUtc) { FileStream md5Stream = md5StreamInfo.OpenWrite(); MD5Descriptor descriptor = new MD5Descriptor(); descriptor.FileHash = fileHash; descriptor.FileWriteTimeUtc = fileWriteTimeUtc; descriptor.WriteToStream(md5Stream); md5Stream.Close(); }
public void SetZoneIdentifier() { var fileInfo = new FileInfo(path); var ads = new AlternateDataStreamInfo(path, "Zone.Identifier", null, false); using(var stream = ads.OpenWrite()) using(var writer = new StreamWriter(stream)) { writer.WriteLine("[ZoneTransfer]"); writer.WriteLine("ZoneId=3"); } }
static void Main(string[] args) { try { const string Path = @"E:\123.txt"; const string StreamName = "stream1"; //FileInfo file = new FileInfo(Path); //if (!file.Exists) //if (!file.AlternateDataStreamExists(StreamName)) //{ //} if (!File.Exists(Path)) { throw new FileNotFoundException(null, Path); } if (!FileSystem.AlternateDataStreamExists(Path, StreamName)) { Console.WriteLine("Stream not found; creating it..."); AlternateDataStreamInfo data = FileSystem.GetAlternateDataStream(Path, StreamName); FileStream fsWriter = data.OpenWrite(); fsWriter.WriteByte(65); fsWriter.Close(); } else { AlternateDataStreamInfo data = FileSystem.GetAlternateDataStream(Path, StreamName); FileStream fsWriter = data.OpenWrite(); fsWriter.WriteByte(97); fsWriter.Close(); } AlternateDataStreamInfo data1 = FileSystem.GetAlternateDataStream(Path, StreamName); FileStream fsReader1 = data1.OpenRead(); byte[] buffer = new byte[100]; fsReader1.Read(buffer, 0, Convert.ToInt32(fsReader1.Length)); FileStream fsWriter1 = data1.OpenWrite(); fsWriter1.WriteByte(49); fsWriter1.Close(); } catch (Exception ex) { Console.WriteLine(ex); } Console.ReadKey(); }
public void SetZoneIdentifier() { var fileInfo = new FileInfo(path); var ads = new AlternateDataStreamInfo(path, "Zone.Identifier", null, false); using (var stream = ads.OpenWrite()) using (var writer = new StreamWriter(stream)) { writer.WriteLine("[ZoneTransfer]"); writer.WriteLine("ZoneId=3"); } }
private void button1_Click(object sender, EventArgs e) { if (listBox3.SelectedIndex < 0 || listBox2.SelectedIndex < 0) { MessageBox.Show("请选择带有隐藏信息的文件!"); return; } FileInfo fi = listBox2.SelectedItem as FileInfo; AlternateDataStreamInfo ai = listBox3.SelectedItem as AlternateDataStreamInfo; string fullname = fi.FullName + ":" + ai.Name; ADSHelper.ExecADSFile(fullname); }
private static void setZoneIdInFileName(string fileName, int zoneId, string referrerUrl, bool quietMode) { var fileInfo = new FileInfo(fileName); if (fileInfo.AlternateDataStreamExists("Zone.Identifier")) { deleteZoneIdFromFile(fileName, quietMode); } AlternateDataStreamInfo ads = fileInfo.GetAlternateDataStream("Zone.Identifier", FileMode.OpenOrCreate); writeZoneIdentifier(fileName, zoneId, referrerUrl, quietMode, ads); }
private void button3_Click(object sender, EventArgs e) { string encrypttext = ""; listBox1.Items.Clear(); textBox2.Clear(); for (int i = 0; i < files.Count(); i++) { FileInfo file = new FileInfo(path + Convert.ToString(files[i])); foreach (AlternateDataStreamInfo s in file.ListAlternateDataStreams()) { AlternateDataStreamInfo r = file.GetAlternateDataStream(s.Name, FileMode.Open); using (TextReader reader = r.OpenText()) { encrypttext += reader.ReadToEnd(); } listBox1.Items.Add(s.Name + " " + s.Size + " B " + s.StreamType); } } for (int i = 0; i < dirs.Count(); i++) { DirectoryInfo dir = new DirectoryInfo(path + Convert.ToString(dirs[i])); foreach (AlternateDataStreamInfo s in dir.ListAlternateDataStreams()) { AlternateDataStreamInfo r = dir.GetAlternateDataStream(s.Name, FileMode.Open); using (TextReader reader = r.OpenText()) { encrypttext += reader.ReadToEnd(); } listBox1.Items.Add(s.Name + " " + s.Size + " B " + s.StreamType); } } if ((checkBox1.Checked == true) && (textBox3.Text != "")) { try { textBox2.Text = RSA.StringCipher.Decrypt(encrypttext, textBox3.Text); MessageBox.Show("Считано успешно!"); } catch { MessageBox.Show("Неверный пароль!"); } } else { textBox2.Text = encrypttext; MessageBox.Show("Считано успешно!"); } }
private bool IsDLLBlocked(string path) { FileInfo file = new FileInfo(path); if (file.AlternateDataStreamExists("Zone.Identifier")) { AlternateDataStreamInfo s = file.GetAlternateDataStream("Zone.Identifier", FileMode.Open); using (TextReader reader = s.OpenText()) { var zoneId = reader.ReadToEnd().ToUpperInvariant(); return(zoneId.Contains("ZONEID=3") || zoneId.Contains("ZONEID=4")); } } return(false); }
public void SearchFiles(List <string> files, DriveInfo drive) { foreach (string file in files) { //Console.Out.WriteLine(File.ReadAllText(file)); try { Console.WriteLine("Skanowanie " + file); LevenshteinMatches matches = SearchPhraseInFile(file); Console.WriteLine("Przeskanowano " + file); //foreach(string str in File.ReadLines(file)) if (matches.hasMatches) { window.AddTextToFileBox(file); window.AddTextToFileBox("\n"); window.AddTextToFileBox(matches); } } catch (UnauthorizedAccessException) { window.AddTextToFileBox("Cannot access:" + file); } catch (IOException) { //device detached } if (Settings.Default.ScanADS && drive.DriveFormat.Equals("NTFS")) { //search for ads //string fileName = Path.GetFileName(file); FileInfo fileInfo = new FileInfo(file); foreach (AlternateDataStreamInfo stream in fileInfo.ListAlternateDataStreams()) { string streamName = stream.Name; AlternateDataStreamInfo s = fileInfo.GetAlternateDataStream(stream.Name, FileMode.Open); LevenshteinMatches matches = null; using (StreamReader reader = s.OpenText()) { matches = ExtractPhrase(reader.ReadToEnd()); } if (matches.hasMatches) { window.AddTextToFileBox(file + ":" + streamName); window.AddTextToFileBox("\n"); window.AddTextToFileBox(matches); } } } } }
private static void ShowContents(string fileName, string streamName) { FileInfo file = new FileInfo(fileName); Console.WriteLine($"{file.Name} - {file.Length:n0}"); if (!string.IsNullOrWhiteSpace(streamName) && file.AlternateDataStreamExists(streamName)) { AlternateDataStreamInfo s = file.GetAlternateDataStream(streamName, FileMode.Open); ShowContentsOfStream(file, s); } else if (string.IsNullOrWhiteSpace(streamName)) { foreach (AlternateDataStreamInfo s in file.ListAlternateDataStreams()) { ShowContentsOfStream(file, s); } } }
public static MD5StreamStatus TestMD5Stream(FileInfo fileInfo) { byte[] fileHash = GetFileHash(fileInfo.FullName); AlternateDataStreamInfo md5StreamInfo = FileSystem.GetAlternateDataStream(fileInfo, MD5StreamName); if (md5StreamInfo.Exists) { Stream md5Stream = md5StreamInfo.OpenRead(); MD5Descriptor descriptor = MD5Descriptor.ReadFromStream(md5Stream); if (descriptor == null) { return(MD5StreamStatus.Invalid); } if (DateTime.Equals(fileInfo.LastWriteTimeUtc, descriptor.FileWriteTimeUtc)) { if (ByteUtils.AreByteArraysEqual(fileHash, descriptor.FileHash)) { return(MD5StreamStatus.Correct); } else { return(MD5StreamStatus.Incorrect); } } else // file was updated since MD5 was stored { SaveMD5Stream(md5StreamInfo, fileHash, fileInfo.LastWriteTimeUtc); // We revert to the last write time before the ADS was written File.SetLastWriteTimeUtc(fileInfo.FullName, fileInfo.LastWriteTimeUtc); return(MD5StreamStatus.Updated); } } else { SaveMD5Stream(md5StreamInfo, fileHash, fileInfo.LastWriteTimeUtc); // We revert to the last write time before the ADS was written File.SetLastWriteTimeUtc(fileInfo.FullName, fileInfo.LastWriteTimeUtc); return(MD5StreamStatus.Created); } }
private static Guid _GetID(string uri) { const string TID = "lguid"; if (File.Exists(uri) || Directory.Exists(uri)) { if (FileSystem.AlternateDataStreamExists(uri, TID)) { Logger.D("{0} begin reader", uri); AlternateDataStreamInfo adfs = FileSystem.GetAlternateDataStream(uri, TID); FileStream fs = adfs.OpenRead(); StreamReader sr = new StreamReader(fs); string guid = sr.ReadToEnd(); Logger.D("{0} begin close", uri); sr.Close(); fs.Close(); sr.Dispose(); fs.Dispose(); Logger.D("{0} close reader", uri); return(Guid.Parse(guid)); } else { Guid id = Guid.NewGuid(); AlternateDataStreamInfo adfs = FileSystem.GetAlternateDataStream(uri, TID); FileStream fs = adfs.OpenWrite(); StreamWriter sw = new StreamWriter(fs); sw.WriteLine(id.ToString()); sw.Close(); fs.Close(); sw.Dispose(); fs.Dispose(); return(id); } } else { return(Guid.NewGuid()); } }
protected override void ProcessPath(PscxPathInfo pscxPath) { try { if (List) { IList <AlternateDataStreamInfo> streamInfos = FileSystem.ListAlternateDataStreams(pscxPath.ProviderPath); WriteObject(streamInfos, true); } else { foreach (string aName in Name) { if (!FileSystem.AlternateDataStreamExists(pscxPath.ProviderPath, aName)) { this.ErrorHandler.WriteAlternateDataStreamDoentExist(aName, pscxPath.ProviderPath); continue; } AlternateDataStreamInfo streamInfo = FileSystem.GetAlternateDataStream(pscxPath.ProviderPath, aName); WriteObject(streamInfo); } } } catch (SecurityException ex) { WriteError(new ErrorRecord(ex, "FileError", ErrorCategory.SecurityError, pscxPath.ProviderPath)); } catch (UnauthorizedAccessException ex) { WriteError(new ErrorRecord(ex, "FileError", ErrorCategory.SecurityError, pscxPath.ProviderPath)); } catch (PipelineStoppedException) { throw; } catch (Exception ex) { WriteError(new ErrorRecord(ex, "FileError", ErrorCategory.NotSpecified, pscxPath.ProviderPath)); } }
/// <summary> /// Called e.g. by explorer.exe. Missing is to call docbleach and then Office with the bleached document. /// </summary> /// <param name="Args"></param> private static void Bleach(string[] Args) { String OfficePath = ""; // Get office path if (Args[0].Equals("/w")) { OfficePath = File.ReadAllText(ParentDirectory + "\\word"); } else if (Args[0].Equals("/p")) { OfficePath = File.ReadAllText(ParentDirectory + "\\powerpnt"); } else if (Args[0].Equals("/e")) { OfficePath = File.ReadAllText(ParentDirectory + "\\excel"); } if (OfficePath.Length != 0) { int l = -1; String AllArgs = ""; // Find document path. for (int i = 1; i < Args.Length; ++i) { if (Args[i].Contains("\\")) { AllArgs += "\"" + Args[i] + "\" "; l = i; } else { AllArgs += Args[i] + " "; } } if (l == -1) { Logger.Error("Unable to find document: " + AllArgs); return; } bool doBleach = false; try { // Check ADS Zone String OnlyBleachInternetFiles = ConfigurationManager.AppSettings["OnlyBleachInternetFiles"]; if (bool.Parse(OnlyBleachInternetFiles)) { FileInfo F = new FileInfo(Args[l]); if (F.AlternateDataStreamExists("Zone.Identifier")) { AlternateDataStreamInfo DataStream = F.GetAlternateDataStream("Zone.Identifier", FileMode.Open); using (TextReader Reader = DataStream.OpenText()) { String ADS = Reader.ReadToEnd(); if (ADS.Contains("ZoneId=3") || ADS.Contains("ZoneId=4")) { doBleach = true; } } } else { Logger.Debug("No Zone.Identifier found"); } } } catch (Exception e) { Logger.Error("Unable to check ADS for " + Args[l], e); } if (doBleach) { new DocBleachWrapper().Bleach(Args[l], ParentDirectory); } else { Logger.Debug("Do not bleach: " + Args[l] + " not from internet"); } // Call Office with bleached file. try { Process.Start(OfficePath, AllArgs); } catch (Exception e) { Logger.Error("Unable to start office: " + OfficePath + " " + AllArgs, e); } } }
/// <summary> /// <span style="font-weight:bold;color:#a00;">(Extension Method)</span><br /> /// Returns a read-only list of alternate data streams for the specified file. /// </summary> /// <param name="file"> /// The <see cref="FileSystemInfo"/> to inspect. /// </param> /// <returns> /// A read-only list of <see cref="AlternateDataStreamInfo"/> objects /// representing the alternate data streams for the specified file, if any. /// If no streams are found, returns an empty list. /// </returns> /// <exception cref="ArgumentNullException"> /// <paramref name="file"/> is <see langword="null"/>. /// </exception> /// <exception cref="FileNotFoundException"> /// The specified <paramref name="file"/> does not exist. /// </exception> /// <exception cref="SecurityException"> /// The caller does not have the required permission. /// </exception> /// <exception cref="UnauthorizedAccessException"> /// The caller does not have the required permission. /// </exception> public static IList<AlternateDataStreamInfo> ListAlternateDataStreams(FileSystemInfo file) { if (null == file) throw new ArgumentNullException("file"); if (!file.Exists) throw new FileNotFoundException(null, file.FullName); string path = file.FullName; new FileIOPermission(FileIOPermissionAccess.Read, path).Demand(); List<AlternateDataStreamInfo> streamInfos = new List<AlternateDataStreamInfo>(); foreach (SafeNativeMethods.Win32StreamInfo rawStreamInfo in SafeNativeMethods.ListStreams(path)) { AlternateDataStreamInfo streamInfo = new AlternateDataStreamInfo(path, rawStreamInfo); streamInfos.Add(streamInfo); } return new ReadOnlyCollection<AlternateDataStreamInfo>(streamInfos); }
internal StreamInfo(AlternateDataStreamInfo stream) { _stream = stream; }
private bool GetStreamInfo() { StreamAlreadyExisted = File.FileInformation .AlternateDataStreamExists ("MeediOS.Item"); try { StreamInfo = File.FileInformation .GetAlternateDataStream ("MeediOS.Item", FileMode.OpenOrCreate); return true; } catch (Exception) { return false; } }
private static void writeZoneIdentifier(string fileName, int zoneId, string referrerUrl, bool quietMode, AlternateDataStreamInfo ads) { using (var stream = ads.OpenWrite()) using (var writer = new StreamWriter(stream)) { if (!quietMode) { Console.WriteLine("Writing Zone.Identifier value {0} to file {1}.", zoneId, fileName); } writer.WriteLine("[ZoneTransfer]"); writer.WriteLine("ZoneId={0}", zoneId); if (referrerUrl.Length > 0) { if (!quietMode) { Console.WriteLine("Writing ReferrerUrl value: {0}", referrerUrl); } writer.WriteLine("ReferrerUrl={0}", referrerUrl); } } }