Description: this video is a demo of forensics tool hashdeep and okteta.
hashdeep is a program to compute, match, and audit hashsets. With traditional matching, programs report if an input file matched one in a set of knows or if the input file did not match. It's hard to get a complete sense of the state of the input files compared to the set of knowns. It's possible to have matched files, missing files, files that have moved in the set, and to find new files not in the set. Hashdeep can report all of these conditions. It can even spot hash collisions, when an input file matches a known file in one hash algorithm but not in others. The results are displayed in an audit report.
source : http://md5deep.sourceforge.net/
okteta is simple hex editor or binary editor to edit file.
in this video first hash of a sample file is calculated with a forensics tool hashdeep. after that file is opened with editor okteta . some modification is done on the file and again its hash is calculated. we can see the difference between hash of file before modification and after modification.
Tags: Backtrack , okteta , hashdeep ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Cool Demo Using this trick we can make undetectable backdoor.
i will try it later thanks for the video ...
one special thing regarding Okteta is: data is shown in two form, numeric values of the bytes and characters assigned to the values.