BO MT D LIU TRN MY TNH *Xin vui lng c s qua my cu ny: Ti liu ny c vit ra ch nhm mc ch giao lu hc hi kin thc, khng

g c g l m bo 100% cho cc bn c, v th mnh cng khng chu trch nhim v cc trc trc mt mt, hng hc d liu ca cc bn, tham kho th vn ch l tham kho thi nh. Mnh vit ti liu ny cng ch vi mc ch giao lu, gii tr cho vui thi, v th nu t ng thi thong c hi xung x qu th mong cc bn b qu cho ! Ngi vit: thosanxamac@gmail.com H Ni, 30/09/2009. I.M u: Bt k ai trong s chng ta m dng n vi tnh th u khng th trnh khi vn bo v thng tin ring t, c gi ch t l nh vy ! Bi ngi bnh thng th thi thong cng phi bo v nhng thng tin c nhn nh phim nh, ti liu, nhc nho g , cn mt s ngi khc th mc bo v thng tin cn yu cu cao hn nh cc thng tin v ti khon th tn dng, cc ti liu quan trng dng trong cng vic, hoc thm ch gi hi phng i cht l nhng ti liu dng tuyt mt nh trong my b phim ni v Cc tnh bo trung ng M (CIA) ca my nh lm phim Hollywood ! Ni chung l mun bo v thng tin th khng th no trnh khi vn ang ni hin nay, l m ha v gii m. Mun bo v cho thng tin cng an ton th cng phi u t nhiu c v cng sc ln tin bc. Chng ta nn t xc nh trc mc quan trng ca thng tin cn bo v quan trng n mc no vi bn thn v c tin ti, s nghip ca chng ta. Ring bn thn mnh th chng c t d liu no gi l quan trng c, mnh cng ging nh i a s mi ngi ch c my ci ti khon email, cht cht , game gng or web wng v.v... Cn trn my th cng ch c my bi nhc thnh thong nghe cho bun, vi b phim hay hay, vi tm nh sinh ng (h h !), cho nn c v tnh b thng Hacker no n l m chui vo my cp trm d liu th cng chng c vn g, ch hi bc mnh ci l ng truyn th chm sn , phim nh trn my th li nng , n lm th th mnh lm sao ln mng xem phim online c na ? !!! II .S lc v H iu Hnh m a s mi ngi hay dng: i a s chng ta hin nay vn dng Windows XP (SP2/SP3) l nhiu, v vy mi iu khi ni sau ny th u p dng trn Windows XP nh ! Ch no khng thuc ca thng Windows th mnh s ni r l ca thng no. By gi chng ta cng bt u nh. 1.Nhng vn cn bn: 1a. Vn File/Folder trn HH WindowsXP: Nhng d liu m chng ta cha trn my tnh u phi tn ti di nhng dng File v Folder (thc ra nhn mt gc no chng ta cng c th coi Folder nh l File vy, n nh mt File nn m bn trong n cha nhng File v cc File nn khc, ch c mt iu c bit l ta khng cn gii nn m vn m c lun m thi ! Cc bn hy nh mt cht v iu ny nh, sau chng ta s gp nhng iu rt th v v iu ny y). Quy nh t tn v File/Folder trong XP cng c ci ng phi bn, ni chung l nhng k t a-z, A-Z,0-9,v mt vi k t c bit nh $,{,},#,@,~,!,% cng vn c, di ti a 256 k t, ngoi ra c th t tn bng Ting Vit c du y cng c nh th mc ca ti, File ca ti.doc. Nhng nu ch nh th ny th cng chng c g ng ni , iu ng ni y l Windows khng lm n g c vi nhng Folder c thm 2 hoc 3 ci du chm chm (.) ng sau (nhng Folder ny khng th to trc tip thng qua My Computer c, ch c th to bng dng lnh, v sau ny khi xa cng khng xa trc tip c, m phi xa bng lnh) . C lm thc t cho d hiu.

u tin vo C to th mc VIDU, cc bn c th to bng cch vo My Computer to hay bng dng lnh nh di y u c.

Hoc vo Start/Run, trong hp Run g cmd.exe (hoc cmd khng cng c !). Sau hp thoi Command Prompt hin ln, chng ta hy g tip(g xong mi dng th nhn Enter): cd\ md vidu

Sau chng ta chuyn vo trong th mc vidu, g tip vi lnh sau: cd vidu md vidu3cham...\ (nh l phi c 3 du nh !) By gi g tip lnh DIR /a kim tra xem th no. Nu k cc bn s thy ban u chng ta g l 3 du chm, nhng gi kt qu hin ra ch cn 2 du chm m thi ! Ban u: vidu3cham... (c 3 du chm ng sau) To ra: vidu3cham.. (ch cn 2 du chm ng sau)

By gi chng ta vo My Computer kim tra xem th no.

Chng ta thy rng trong th mc C:\vidu m chng ta to ra cng c th mc vidu3cham.. (cng ch c 2 du chm i km ng sau m thi !).By gi chng ta c th th thoi mi kch p, sa li tn, ct, xa , nn n xem th no ! - u tin l th kch p vo m n ra xem c c khng, chng ta s khng m n ra c,thng WinXP n phang cho ci thng bo li nh hnh di y:

- M khng c th ta xa th xem th no (c 2 kiu xa trn Explorer, mt l nm vo thng rc, 2 l xa lun bng cch nhn phm Shift + Delete ).Cho d chng ta c dng kiu no i chng na th cng khng xa n i c, gp phi thng bo li nh sau:

Vy chng ta th i li mt tn no bnh thng n khng b li na, v d nh mt tn mi l vidukhac chng hn ! Nhng rt tic , cng vn khng c !

Chng ta th Open, Delete, Rename ri m vn khng c , thi th th th th cho trt vy, chng ta s th nt vi Cut, Copy, v nn th n xem sao. Nhng ni chung chng ta u gp phi li nh my hnh di y:

*** Nhng thc s m ni th chng ta vn c th ghi d liu vo th mc dng ny v xa n i, nhng ch c iu l khng p dng cc thuc tnh cho n m thi !(v d mun n n chng hn v.v...)

- Ch l th mc dng ny c to vi dng nh sau(khng quan trng NTFS hay FAT32): MD .\thumuc...\ (phi c t nht 3 du chm tr ln, bt buc phi c du \ sau ) - Cn xa n i ta phi dng lnh sau : RD /S /Q .\thumuc...\ (phi g ng s du chm ban u m ta g !). Nh v d trn ban u th mc ta g l vidu3cham... , trn my n ch hin l vidu3cham.. th ta phi g chun nh sau: cd\ cd vidu RD /S /Q .\vidu3cham...\ (Cu lnh ng !v ng 3 du chm) RD /s /q .\vidu3cham..\ (Cu lnh sai !v ch c 2 du chm) * So snh vn ny th WinXP thua cc h iu hnh h Linux nhiu , th nghim dng Ubuntu 9.04 to my Folder c bit trn E (nh dng NTFS ) ca thng XP ! Thng XP khng th no xa c cho d bng lnh hay xa trn My Computer .

Tuy nhin iu ny cng va l iu d , li va l iu hay , chng ta c th li dng kiu li ny cho d liu vo trong (ch p dng vi cc a nh dng NTFS m thi !) m khng mt phn mm no c th qut c !

1b.Nhng ci hay khi dng nh dng NTFS ca XP: nh dng NTFS ca XP h tr nhiu kiu bo mt cng rt hay, nhng ni chung l c 3 ci hay chnh m thi : H tr m ha EFS H tr vic kha truy cp vo File/Folder H tr Streaming Data 1b1. H tr streaming data( hoc Stream data): Chng ta c th tm hiu streaming data l dng d liu hay lung d liu. Chnh v c thm Streaming data m pht sinh thm nhiu vn mi i vi cc phn mm. Chng ta c th gn Stream data ln mt File hay Folder bt k no trn h thng nh dng NTFS. *Stream data gn vo File : -i a s nhng iu ni y u phi thc hin thng qua mi trng dng lnh Command Prompt ca WinXP, v th cc bn bit cng nhiu v Command Prompt cng tt ! Vic xut Stream data rt n gin , ch cn dng du > hay >> trong cu lnh l c. Du > khc du >> ch nu d liu tn ti th s b xa i ghi d liu mi vo, cn khi dng >> n s ghi tip vo d liu c m khng xa n i. By gi chng ta cng quay li mi trng dng lnh , vo th mc C:\vidu .Gi s trong th mc vidu ca cc bn c cha nhng File sau:

Cc bn c th th dn quen vi mt s cu lnh n gin nh sau : C:\vidu>_ echo Day la password cua toi > filerong.txt:echo01.txt type vanban.doc > filerong.txt:vanban.doc type Yeu Lam Ly Hai.mp3 > filerong.txt:nhac.mp3 Dng lnh tng qut : TYPE file_can_giau.xyz > file_gia.abc:file_da_giau.xyz (bt buc phi c du : sau file_gia.abc , cn nhng thnh phn cn li cng khng quy nh gt gao lm , cho d nh , ta c th cho tn file_da_giau.xyz trng vi tn file_can_giau.xyz cng c !

Chng ta c th thy rng filerong.txt vn gi nguyn 0 bytes , th kch p vo filerong.txt chng ta cng khng thy c g trong c .Vy stream data tn ti nh th no ? Thc t th stream data vn nm trn File m thi, nu khng tin cc bn c th xa n vo thng rc, sau Restore li th stream data vn nguyn vn! Nhng Windows XP thit k ch c dung lng thc s ca File hay Folder m khng c dung lng d liu ca Stream data gn trong ! Cn kch thc dung lng stream data gn vo cng khng c gii hn g c, n cng nh mt file bnh thng m Windows XP h tr , mnh th xut mt file .GHO > 2GB vo ri , tuy xut hi lu t nhng cng khng vn g c. Vy m hoc trch xut li ni dung t stream data v ban u lm th no ? Ci ny yu cu cn phi c mt phn mm Hex Editor v d nh Tiny Hexer, Free Hex Editor Neo 4.85 v.v... vi ring cc d liu vn bn dng Text c th ch dng Notepad l , ch khi no phi trch xut li d liu dng nh phn nh cc file .mp3 ,.dat, .avi,.vob, .doc, .jpg, .rar, .zip , .iso, .gho, v.v... th mi phi dng cc phn mm Hex Editor (theo mnh tt nht nn dng Free Hex Neo 4.85 tr ln, n c u im l m c File c dung lng > 16GB, qu khng phi khng ? ), cn Tiny Hexer ch m c File <= 400 MB. Sau y l v d c, trch xut Stream data : C:\vidu>_ notepad filerong.txt:echo01.txt (Lnh Notepad ch dng vi cc File Text m thi !) Ch nhng lnh sau khng chy c: winword.exe filerong.txt:vanban.doc (Hoc start winword.exe filerong.txt:vanban.doc) wmplayer.exe filerong.txt:nhac.mp3 ( Hoc start wmplayer.exe filerong.txt:nhac.mp3) Vi ring nhng d liu nh phn nh ny, chng ta phi dng mt phn mm Hex Editor , v d y mnh dng Free Hex Neo 4.85 , file chy ca n l HexFrame.exe. Chng ta cn b sung thm ng dn ca Hex Neo , ng dn ca n l "C:\Program Files\HHD Software\Hex Editor Neo\HexFrame.exe" , chng ta copy oan ng dn C:\Program Files\HHD Software\Hex Editor Neo vo Path ca Windows nh sau : C:\vidu>_

path > path.bat notepad path.bat Sau chng ta paste on ng dn C:\Program Files\HHD Software\Hex Editor Neo vo trong file path.bat ri lu li. Sau chng ta g : Path.bat Sau khi xong lnh ny , Windows s np ng dn ca Hex Neo vo trong ng dn tm kim ca n. K t by gi tr i, chng ta c th gi HexFrame lc no cng c, cc bn c th g HexFrame.exe hoc HexFrame khng cng u c c ! By gi mun m li stream data vanban.doc chng ta lm nh sau : C:\vidu>_ hexFrame filerong.txt:vanban.doc N s hin ra nh th ny :

Sau chng ta bm vo File/ Save As... , chn ni lu, ch nh y c phn m rng ca File mun m li nh ! V d vanban2.doc chng hn ! Tng t vi File Mp3 chng ta ch cn g lnh: HexFrame filerong.txt:nhac.mp3 Ri sau vo menu File , chn Save As... nh trn l OK !

*Stream data gn vo Folder: -Vic gn stream data vo Folder cng ging nh File , khng c g khc c, chng ta c th gn vo cc Folder nh C:\WINDOWS, C:\WINDOWS\SYSTEM32 ; v.v Tuy nhin khng phi Folder no cu h thng cng c th gn c, v d vi th mc C:\Program files\ .Sau y l vi lnh v d gn Stream data vo cc Folder bnh thng : C:\vidu> Echo Dua cau thong bao nay vao thu muc C:\WINDOWS ! > C:\WINDOWS:echo.txt type vanban.doc > C:\WINDOWS:vanban.doc type vanban.doc > C:\vidu:vanban.doc

*Bt u t lc ny l hi kh hiu , chng ta cn phn bit 2 ng dn sau : C:\vidu\vanban.doc(1) vi C:\vidu:vanban.doc(2) Ci th nht th rt bnh thng , chng ta c th m, xem bnh thng ging mi File trn my m bnh thng chng ta hay dng. Cn ci (2) th li khc , n khng nm trong th mc C:\vidu , m n dnh lun trn v ca th mc. M cc phn mm th khng bao gi m c trc tip Folder c ! V d nh trng hp trn, nu bn mun m File vanban.doc nm dnh trn th mc C:\WINDOWS , c l ban u chng ta bt Word ln trc Vo File/Open , vo C:\WINDOWS chng ? By gi cc bn c tm c ngy th cng chng c file vanban.doc no nm trong C:\WINDOWS u ! m , chng ta vn phi dng Hex Neo vi cu lnh nh sau: HexFrame C:\WINDOWS:vanban.doc Sau vo Menu File ca Hex Neo, chn Save As... , chn ni lu( v d My Document), t tn li nh vanban.doc chng hn, sau vo My Document , chn File vanban.doc kch p vo m ! Sau y l hnh nh khi m C:\WINDOWS:vanban.doc bng Hex Neo 4.85:

*C mt iu c bit l m cc Stream data dnh trn File hay Folder th chng ta phi nh ci tn m chng ta gn vo ! Tuy nhin cch ny khng an ton, bi Microsoft cng c mt cng c b sung tn l Streams.exe chuyn dng qut cc stream data gn trn File/ Folder. Cc bn c th download http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx (Streams.zip 46KB)

Sau khi down v , chng ta gii nn File Streams.zip ra , ta c file Streams.exe v Eula.txt , chng ta copy file Streams.exe vo th mc C:\WINDOWS\SYSTEM32 . Sau , ta vn vo Command Prompt, tm li cc Stream data chng ta gn vo C:\vidu hoc c folder con trong , chng ta ch vic nh lnh: C:>_ Streams -s C:\vidu Kt qu thu c nh hnh sau:

Chng ta thy rng lnh trn s lit k chi tit cho chng ta nhng Stream data m chng ta gn vo, dung lng bao nhiu. Nhng nh ny khng thi th lm g m phi ni lai rai sut t u n gi phi khng cc bn ? Mi th gi mi ch bt u thi, by gi chng ta c thm vn rt hay: cc bn s thy cui c 2 dng ch rt quan trng sau : Error opening C:\vidu\vidu3cham..: The system cannot find the file specified. iu ny cng chng t rng Streams.exe cng chu cht khng qut c folder vidu3cham.. Th th c mt cu hi t ra l ti sao chng ta khng ghi Stream data vo nhng Folder kiu nh vidu3cham.. nh ? Vy c ghi, c c nh i vi cc File/Folder trn kia khng ? Xin tha l ghi, c tt nh thng lun, m chng ta li cn c iu li l khi ghi vo Folder kiu ny th ngi bnh thng rt kh xa i, cn nu mun c c Stream data trn th phi bit tn ca Stream data m chng ta g ban u, chng ta c th coi ci tn ca stream data gn nh mt mt khu bo v d liu vy, tuy nhin cc bn ng vi dng cch ny ct giu d liu, v d liu a vo vn dng gc cha c m ha ! By gi chng ta s ghi th vi file vo trong vidu3cham.. xem sao :

C:\vidu>_ type vanban.doc > vidu3cham..:vanban2.doc (nh l vidu3cham.. ch ko phi vidu3cham... nh !) type baomat.rtf > vidu3cham..:baomat2.rtf type thetindung.txt > vidu3cham..:thetindung_info.txt

By gi chng ta th dng Streams.exe qut th li ln na xem n c qut c khng.

Nhn vo kt qu trn kia chng ta thy rng Streams.exe khng th pht hin c bt k stream data no c ! *Vy l c th ni l xong bc cn bn, chng ta s tin ti vn m ha gii m , quan trng hn l cch m ha m khng th gii m. *Mt vi mo p dng vo thc t, cc bn c th b qua phn ny v n cng khng tht s cn thit

cho lm, ch gi l nghch t cho vui m thi. -1)To mt Folder trn mn hnh m khng th xa: ci ny ni chung ch tru a ngi khc m thi. Chng ta c th to ra trn mn hnh Desktop nhng Folder i loi nh phimsex.com, xemsexonline.com m thn ch khng ti no xa ni nh sau: M Notepad, son mt file nghich_ty.bat nh sau: @echo off MD .\phimsex.com...\ >nul MD .\xemsexonline.com...\ >nul Sau chng ta lu file nghich_ty.bat ra ngoi mn hnh Desktop , sau ch vic kch p vo nghich_ty.bat l c. Kt qu thc hin c nh hnh sau:

Vy l 2 folder phimsex.com.. v xemsexonline.com.. khng th xa hay i tn c na !

-2) To mt usb tng rng tuch nhng vn cha d liu bn trong (yu cu USB phi nh dng NTFS th mi lm c !). Chng ta to trong USB mt vi folder ty thch theo chng ta nh thosanxamac@gmail.com.. , ErrorSystem@microsoft.com.. , v.v... ri chng ta gn stream data vo trong , trc khi gn chng ta nn nn nhng d liu cn gn di dng mt file nn, v d myfile.rar c lu trong C v D:\MyGhost.gho chng hn, gi s lc ny USB ca cc bn l G , chng ta s dng nhng cu lnh sau : type C:\Myfile.rar > G:\thosanxamac@gmail.com..:myfile2.rar type D:\MyGhost.gho > G:\ErrorSystem@microsoft.com..:myghost2.gho iu c bit l khi nhn phi chut vo G, chn Properties vn thy dung lng dng l bao nhiu, trng bao nhiu, nhng khi vo G xem th c 2 th mc trn u c kch thc 0 Byte ! III.M ha v gii m: * M ha l dng mt quy lut hoc phng php (c th n gin hoc phc tp) no bin ni dung thng tin ban u sang mt dng khc thng tin ban u, v quy tc hay phng php phi m bo lm sao t thng tin sau truy ngc ra thng tin gc th rt kh (hoc khng th th cng tt). Ni chung hin nay m ha s dng cc thut ton m ha no ! Kt li th n vn l mt th c quy tc. *Gii m: cng l dng mt quy lut hoc phng php no a ni dung b m ha tr v ni dung gc (c th phc hi hon ton hay mt phn, ci ny cng cn ty vo phng php m ha ban u v s u t v cng sc, thi gian, tin bc v.v... cho qu trnh gii m).Kt li th n cng phi tun theo mt quy tc hay phng php no ! Vy chng ta c th t hi rng mt th b bin i chng theo mt quy tc no th c gii m c khng ? D nhin l v khng c quy tc m ha th ly kh u ra phng php gii m ! iu ny cng ging nh khi bn gi cho ngi bn mnh mt bc th m tiu th c dng nh t c gi km cho bn mt bi th b mt hay lm, nhng n b m ha ri, vy bn hy c gng gii m c n i nh !. V file bn gi km theo l abc.xyz chng hn, nhng ni dung ca n ch l nhng k t ngu nhin m thi. Hay ni d hiu hn l bn chng lm bi th no c, nhng li bc pht gi ba cho ngi bn mnh mt file cha ton nhng k t ngu nhin. Vy th ngi bn kia c th no c kh nng gii m ra ng bi th c khng ? M cng xin ni thm vi cc bn, hin nay ni gii m th phi l ni dung m ha gc ban u, cha b sa i g c ! Hin nay c nhng phng php m ha rt mnh, m i khi ch cn sa ng 1 k t ni dung m HEXA ca n, th cho d vi mt khu c cng chng cn tc dng g na ! Da vo tng trn mnh c mt cch bo v d liu c th ni l tuyt i an ton, tuy nhin hi phc tp ! Thc ra vi a s ngi dng bnh thng chng ta chng cn phng php ny lm g cho mt ! C th cc bn s hi ti sao khng gi nguyn bn m ha gc m sa lm g cho mt ? a s chng ta u thng dng phn mm m ha theo phong cch dng ci no c chc nng t pass c sn(nh Word, Winrar v.v...) hoc down v phn mm no ni ni cht, sau m n ln, chn tp tin, th mc cn bo v, ri t password , th l xong ! Nhng chc mi ngi u nghe v cc phn mm b kha cho tp tin .doc, .zip, .rar v.v... c t mt khu ch ? Vy ti sao nhng phn mm ny li b b kha vy ? N dng phng php m ha khng c an ton chng ? C l mt phn ! Hay mt khu ca bn khng an ton ? C l mi ngi chng ta khi m ha phn mm u qu ch trng n ci cha m kha (Password, Private Key) m li khng h ch n ci kha.

Vy c bao gi bn th ngh thay i kha i bt c ci cha no cng khng cn tc dng na cha ? Ni chung l kha th vn phi c mt quy tc, quy nh chung no th mi gi l kha c ng khng ? Vy , mun khng mt ci cha no c th tra c, tr khi n khng cn l mt ci kha na m thi ! Vy cc bn hy coi tp tin bn m ha l ci kha , cn password, private key l ci cha i ! V chng ta s cng sa cho ci kha gc ca chng ta chng cn l kha na, v hiu mi ci cha, k c ci cha ca chng ta, khi mun m chng ta s li sa li cho n thnh ci c ban u v cho ci cha c vo ! chun b cho nhng vic trn chng ta cn mt s th sau: -HH WinXP SP2(SP3), c t nht mt nh dng NTFS -Phn mm nn th mc, tt nht nn dng Winrar 3.70 tr ln ! -Phn mm chnh sa m HEXA, nn dng Free Hex Neo 4.85 tr ln ! -Phn mm m ha chun AES-256 bit, y mnh ngh dng DCC Explorer , mt phn mm m ha do ngi Vit Nam mnh vit, khng phi mnh bnh vc g nc nh mnh c u, chng qua thy n dng n gin, tin li th dng thi ! Mnh cng th s qua vi phn mm ny ri, th to vi file rng, tn file khc nhau, mt khu ging nhau, nhng ni dung m HEXA ca cc File lun khc nhau ! Hoc thm ch to mt file Text rng ban u l empty.txt , mt khu m ha l 123456, sau khi m ha c file empty.txt.~de ghi li m HEXA ca n, sau xa n i, li to li empty.txt, mt khu vn l 123456, c file empty.txt.~de ghi li m HEXA th m HEXA ca n cng khng ging ln trc ! DCC Explorer version 2.0.3 mnh dng c PublicKeyToken = 6595b64144ccf1df , down th bn mi nht DCC Explorer version 2.0.4.2 vn c PublicKeyToken = 6595b64144ccf1df .

My phn mm trn kia l tm n, nu kim thm KeePass Password Safe v2.05 (Free !) th cng tt ! Phn mm ny c chc nng qun l cc mt khu, cng c Random password v.v Tin hnh m ha m khng th gii m - t c yu cu nh trn, xin thng nht trc vi iu nh: +)Cc bc lm rt nh nhng phc tp y +)Mi mt khu khi dng m ha u l mt khu Random di 30 k t, bao gm c nhng k t c bit, cn vic nh nhng mt khu ny chng ta c th dng phn mm qun l mt khu hay ghi ra giy v.v... min sao t bn thy tng i an ton l c. Nhng tt nht nn ghi ra giy, v t na chng ta cng s c nhiu ci phi ghi ra giy ! -Tin hnh: 1.Chn mt a no ca bn c nh dng NTFS, v d E 2.To 1 th mc cha ton b d liu mun m ha( nh to th mc xong th copy d liu vo nh), v d E:\data 3.M ha s cua ln 1: chng ta s nn th mc e:\data thnh tp tin data.rar c t mt khu, v d mt khu mnh dng l kJN<d7?l$"ZIW@yV"?)zLL[cPl9%vS .Nu my cc bn ci Winrar, cc bn c l s thy ging nh th ny :

Chng ta vo th Advanced chng ta nn chn c 2 la chn NTFS Option, sau chn tip Set password , trong Set password ta chn thm Encrypt file names .

By gi coi nh xong bc 3. 4.Chn ba ly 2 file v vn no , ch 2 file ny phi khc nhau v ni dung, khc c kiu th cng tt, v d 1 file .mp3, 1 file .exe, v quan trng nht na l dung lng ca mi file t nht khong 2MB tr ln, cng to cng tt, nhng chng ta sau ny s phi nhng dng m ha ca n ln vo ti liu cn bo mt ca chng ta, v th nu to qu (v d > 10MB) th lm nng thm dung lng, qu trnh gii m sau ny s cng thm phc tp, v chng ta khi gii m cng phi chnh sa li m Hexa , 10MB m dng m HEXA th n phi chim thm n c mi my trang mn hnh y ! Ni chung vn ny l ty mi ngi quyt nh ! cng d thc hnh , ti chn 2 file trn Windows l : C:\WINDOWS\SYSTEM32\ntoskrnl.exe 2,098 KB C:\WINDOWS\SYSTEM32\ntkrnlpa.exe 1968 KB Cc bn phi copy 2 file trn vo mt th mc no , v d copy n vo E:\data By gi chng ta m DCC Explorer ln, dng ba mt mt khu Random no , chng ta khng cn phi nh mt khu dng m ha cho 2 file trn u , v d UoI:>Nr6D?fGW2sBY*]Qg"=l%@f?sj ri m ha cho n.M ha xong ng DCC Explorer li.N hi mun save hay khng, chn NO. Mc ch l ln sau m ha th c th dng mt khu khc m ha.V DCC Explorer c km thm chc nng nn, nn file sau khi m ha s nh i. Chng ta thu c 2 file nh sau: E:\data\ntoskrnl.exe.~de 1,198 KB E:\data\ntkrnlpa.exe.~de 1,079 Kb Tip theo chng ta m ha file E:\data.rar ca chng ta vi mt khu v d y l &xl+Gg`zx;73z.n4qHPy"N7FZ},<[W (nh ng qun ci mt khu ny nh !) V file gi y ta thu c l E:\data.rar.~de 2,314 KB

5.M ha xong, by gi chng ta tin hnh sa m HEXA cho data.rar.~de ca chng ta. Ci ny gm 2 bc chnh : -Sa lung tung mt vi ch bt k trong file data.rar.~de vi phng chm ch thay th, khng thm bt. -Trn ln m HEXA ca 3 file ntoskrnl.exe.~de, data.rar.~de ( sa trn), ntkrnlpa.exe.~de thnh 1 file duy nht data.hex theo m hnh sau:

Vy file cui cng ca chng ta s l data.hex (.hex ni ch HEXA, ch c th tm hiu m Hexa ca n tm ra ni dung tht s ca n m thi ! Nhng ni chung l khng tm ra c bi ni dung m Hexa bn trn chng tun theo mt quy lut hay quy tc no c !) *Tin hnh: -Sa m Hexa ca data.rar.~de: chng ta nn sa lung tung mt vi ch u file,gia File v cui file. Ch : phi ghi nh tht chnh xc nhng v tr v gi tr m Hexa sa i, v phi ghi li c nhng gi tr c na. Nu khng sau ny mun phc hi li th ch c Cha mi gip c!. Cc bn nn ghi theo bng sau: V tr (a ch offset) Gi tr gc Gi tr sa i 0_0 0_1 0_2 0_3 0_4 0_5 12B620 12B621 BD 69 22 93 E7 0_8 FB 39 F5 ED A9 CF 3B 9A 4F ED

12B622 12B623 2424A4 2424A5 2424A6 2424A7

79 44 55 79 55 AF

91 CA F5 8A B9 7B

*Ch v kiu m Hexa: m Hexa bao gm 16 k t 0-9, A-F. Cc bn c th t chn bt k k t no trong danh sch trn ghp li vi nhau, v d 00 0F 34 F9 78 BB A8 FF 55 u c, nhng nhng k t sau khng chp nhn, v d 0K , XX, 9X, 4U,... v n cha k t ngoi khong 0-9 v A-F . Sau y l vi hnh minh ha cho vic sa m HEXA ca data.rar.~de Sa m Hexa u File , t v tr 00 05(n c mu bo cho ta bit l gi tr ang sa)

Sa m Hexa v tr gia file t v tr 12B620 12B623

*Sa m Hexa v tr cui file t 2424A4 2424A7

Vy l chng ta sa xong m Hexa cho data.rar.~de, by gi chng ta ni 3 file ntoskrnl.exe.~de, data.rar.~de ( sa trn), ntkrnlpa.exe.~de thnh 1 file duy nht data.hex nh sau. +)u tin ta cut c 3 file trn ra ngoi E cho d thao tc +)Tip theo m Command Prompt ln. Vo Start/Run, trong Run g Cmd ri nhn Enter. +)G nhng lnh sau, nh g xong mi lnh th nhn Enter nh ! CD\ E: TYPE ntoskrnl.exe.~de > data.hex (ghi phn u file) TYPE data.rar.~de >> data.hex (ghi phn gia file) TYPE ntkrnlpa.exe.~de >> data.hex (ghi phn cui file) Ch lnh u tin dng du > hay >> u c, nhng 2 lnh sau bt buc phi dng du >> nh !

By gi chng ta c file data.hex cha d liu quan trng, chng ta c th yn tm gi qua mng hay dng lu tr m yn tm 100 % rng khng mt phn mm t ng no c th tm ra d liu gc ban u ! *Gii m: -Chng ta bt buc phi lm th cng bng tay thi. u tin dng Free Hex Neo m data.hex ra, chng ta ct ring on m ca data.rar.~de ra ring mt file mi, chng ta dng chc nng Find ca phn mm tm v tr cha nhng gi tr u ca n (dng Hexa) l F5 ED A9 CF 3B 9A , v v tr cui c gi tr l F5 8A B9 7B, sau ta ct ton b on sang mt file mi. Thao tc ct ny c th hi kh nu cc bn khng quen, nu phn mm c chc nng Select Range cho chn t a ch offset A a ch offset B th cng tt. Sau ta sa li ton b nhng gi tr Hexa m ta sa t trc, tr li gi tr gc cho n, sau ta t mt tn mi c dng ten_gi_cung_duoc.rar.~de , sau dng DCC Explorer m n ln, nhp mt khu gii m &xl+Gg`zx;73z.n4qHPy"N7FZ},<[W m ban u ta dng gii m thnh file ten_gi_cung_duoc.rar, sau ta li m tip Winrar ln, m file ten_gi_cung_duoc.rar, nhp li mt khu dng khi nn cho n l kJN<d7?l$"ZIW@yV"?)zLL[cPl9%vS Nu cc bn lm chnh xc th s thu c th mc data cha d liu ban u, nhng nu ch sai st mt cht thi th c th khng bao gi cc bn gii m li c u ! *Ph m:dnh cho nhng ngi c nh b kha data.hex -u tin xin chc chn mt iu l chng c mt mt khu no c th dng m lun data.hex ra c u (c k cc mt khu c dng m ha !), thao tc sa li m Hexa bt buc phi lm th cng,

v ch ngi sa ban u mi bit c on File m ha thc s nm u v cc gi tr Hexa gc l bao nhiu, nhng th ny n chng theo mt quy lut hay thut ton no c. Hn na y ch l v d m thi , nn file data.hex ch c dung lng vi MB , thc t ty nhu cu ca ngi cn bo v c khi file data.hex c dung lng hng chc hoc hng trm MB th ngay ci vic nhn ni dung m HEXA ca n cng khin ngi c nh b phi pht ngn ln ri ! *Cng c thm tnh bo mt nu c nhu cu lu tr trn my hoc cc thit b nh di ng (USB, th nh v.v...) -Chc cc bn vn cn nh ci th mc vidu3cham.. trn ch, tng cng thm tnh bo mt chng ta xut n vo mt folder kiu nh vidu3cham.. trn, iu ny s lm cho khng mt k no c th copy c d liu m ta m ha. V d y mnh to ra th mc E:\store_crypted.. sau lu data.hex vo nh sau: -Chy Command Prompt, sau nh nhng lnh nh hnh sau : CD\ E: MD store_crypted...\ TYPE data.hex > store_crypted..:ten_khac_data.hex

Mc ch t tn khc data.hex ngi khc khng th truy xut c nhng d liu m ha, do mun truy xut c phi bit c tn ca Stream data gn trn , m phn mm qut Stream data th li v tc dng ri ! IV.KT LUN: M ha theo cch trn kia l cc bn c c mt s bo v tuyt vi cho d liu ca mnh ri, nhng n cng c nhiu bt tin phi khng ? Nhng cng u c quan trng g, c th nghch thi c sao u ng khng ? ***Nhng cc bn cng nn lu l c nhiu l do khin cc bn b trm cp d liu, c nhng iu tng chng rt n gin nhng li chng ai , v d nh phi xa an ton cc d liu th ban u, xa an ton mi phn trng cn li trn cng v.v... tt nht cc bn nn dng phn mm Eraser version 5.86.1 tr ln lm (phn mm ny cng min ph !). Mnh cng to ra theo phng php trn mt file tn l thosanxamac.hex c nn (khng dng mt khu) thnh file thosanxamac.zip [17.1 MB]. Nu bn no ri ri down v gii m th xem trong c g nh !

Sau y l link download: http://www.box.net/shared/czq9vdxcs7 http://www.mediafire.com/?jmkmjjo1mtm Thi vit th ny thy mt lm ri, cn my phn Kha truy cp, EFS ca WinXP khi no ri li vit tip vy. Nu cc bn c g mun trao i, c gi th cho mnh nh thosanxamac@gmail.com ! Chc cc bn mi iu tt p ! Good bye !