Showing posts with label hidden file. Show all posts
Showing posts with label hidden file. Show all posts

Wednesday, November 2, 2022

Simple way to hide files in Windows

Test Environment

1.     Windows 11 Pro 21H2

 

Here will discuss 3 topics:

1.     Create a hidden text file

2.     Create an embedded hidden executable file

3.      Run the hidden executable file

 

Create a hidden text file

Below command create a normal text file

C:\temp>echo This is Normal Text. > normal.txt

 

C:\temp>type normal.txt

This is Normal Text.

 

 Below command create hidden text using stream

C:\temp>echo This is hidden text. > normal.txt:hidden.txt

 

C:\temp>type normal.txt

This is Normal Text.

 

Type command cannot show the hidden text

C:\temp>type normal.txt:hidden.txt

The filename, directory name, or volume label syntax is incorrect.

 

Dir command won’t show the hidden file

C:\temp>dir

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:14 PM    <DIR>          .

10/18/2022  02:14 PM                23 normal.txt

               1 File(s)             23 bytes

               1 Dir(s)  56,873,701,376 bytes free

 

Use “dir /R” to show the hidden file

/R          Display alternate data streams of the file.

C:\temp>dir /R

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:14 PM    <DIR>          .

10/18/2022  02:14 PM                23 normal.txt

                                                      23 normal.txt:hidden.txt:$DATA

               1 File(s)             23 bytes

               1 Dir(s)  56,873,701,376 bytes free

 


 

Use notepad to show the hidden text

C:\temp>notepad normal.txt:hidden.txt


 

 

Delete the normal.txt will delete the hidden file

C:\temp>dir /R

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:14 PM    <DIR>          .

10/18/2022  02:14 PM                23 normal.txt

                                    23 normal.txt:hidden.txt:$DATA

               1 File(s)             23 bytes

               1 Dir(s)  56,873,533,440 bytes free

 

C:\temp>del normal.txt

 

C:\temp>dir /R

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:17 PM    <DIR>          .

               0 File(s)              0 bytes

               1 Dir(s)  56,873,533,440 bytes free

 


 

Hide Calculator

Create a normal text fle

C:\temp>echo This is Normal Text. > normal.txt

 

Find the location of the Calculator app

C:\temp>where calc.exe

C:\Windows\System32\calc.exe

 Hide the Calculator App into the normal text file

C:\temp>type C:\Windows\System32\calc.exe > normal.txt:calc.exe

 

“dir” comman won’t show the embedded file

C:\temp>dir

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:21 PM    <DIR>          .

10/18/2022  02:23 PM                23 normal.txt

               1 File(s)             23 bytes

               1 Dir(s)  56,876,064,768 bytes free

 

Use “dir /R” to show the file

C:\temp>dir /R

 Volume in drive C has no label.

 Volume Serial Number is 64AD-2FC5

 

 Directory of C:\temp

 

10/18/2022  02:21 PM    <DIR>          .

10/18/2022  02:23 PM                23 normal.txt

                                                     27,648 normal.txt:calc.exe:$DATA

               1 File(s)             23 bytes

               1 Dir(s)  56,877,633,536 bytes free



Run the embedded Calculator App

For old windows like XP, win 7, use “start” command.

C:\temp>start normal.txt:calc.exe

In Windows 10 and 11, using “start” command will pop up the “Look for app” window

 

The correct command to run the embedded file is “forfiles”

C:\temp>forfiles /P c:\Windows\System32 /m notepad.exe /c "c:\temp\normal.txt:calc.exe"