Timestomp - Change NTFS Timestamp values
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Timestomp - Change NTFS Timestamp values

  1. #1
    Senior Member
    Join Date
    Mar 2005
    Posts
    175

    Timestomp - Change NTFS Timestamp values

    First ever tool that allows you to modify all four NTFS timestamp values: modified, accessed, created, and entry modified.

    Download - [http://metasploit.com/projects/antif.../timestomp.zip]

    Source - [ http://metasploit.com/projects/antiforensics/ ]
    \"And life is what we make it. Always has been, always will be.\"

  2. #2
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Wow, a good list of tools there

    Timestomp - First ever tool that allows you to modify all four NTFS timestamp values: modified, accessed, created, and entry modified.

    Slacker - First ever tool that allows you to hide files within the slack space of the NTFS file system.

    Transmogrify - First ever tool to defeat EnCase's file signaturing capabilities by allowing you to mask and unmask your files as any file type. (Coming Soon)

    Sam Juicer - A Meterpreter module that dumps the hashes from the SAM, but does it without ever hitting disk. (Coming Soon)
    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Just curious... but what LEGITIMATE use could this tool have?
    Besides "research" or trying to hide your actions or frame someone?
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    Originally posted here by phishphreek80
    Just curious... but what LEGITIMATE use could this tool have?
    Besides "research" or trying to hide your actions or frame someone?
    Education.
    You can use timestomp in a classroom trying to show how hard can be follow intruders footprints
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Just curious... but what LEGITIMATE use could this tool have?
    I was wondering the same thing.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  6. #6
    It would seem the existance of a tool like this would be enough to raise reasonable doubt in a trial.

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ttau: thats exactly what I was thinking... hense my "or frame someone".
    This tools existance could certainly raise reasonable doubt... espeically if it is easily found on the PC...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Originally posted here by phishphreek80
    Just curious... but what LEGITIMATE use could this tool have?
    Besides "research" or trying to hide your actions or frame someone?
    Mainly for user awareness, i think u haven't gone through one of the presentations present there. The presentation is quite interesting describing various techniques and then anti techniques
    Presentation:http://metasploit.com/projects/antif...If_You_Can.ppt
    Excuse me, is there an airport nearby large enough for a private jet to land?

  9. #9
    The glove doesn't fit, raised reasonable doubt, an obviously guilty killer walks free, there are no legitimate reasons for a program like this to exist, nothing becomes provable, what do you do when you can't trust the information sitting right in front of you? What are the defences to this? If there are any. The people that come up with these kind of things are obviously way above average intelligence, what a waste, go find a cure for cancer or something.

  10. #10
    Senior Member
    Join Date
    May 2004
    Posts
    274
    Originally posted here by ttau
    The glove doesn't fit, raised reasonable doubt, an obviously guilty killer walks free, there are no legitimate reasons for a program like this to exist, nothing becomes provable, what do you do when you can't trust the information sitting right in front of you? What are the defences to this? If there are any. The people that come up with these kind of things are obviously way above average intelligence, what a waste, go find a cure for cancer or something.
    you are 100% right but on the other hand if there are weakness in our defences and we are so much relying on that, hence it is giving us a false sense of security. There must be other ways to tackle such problems as 'Necessity is the mother of invention'. I totally agree with ur point as it is not a proper way to release out such information in a wild. But instead we blame them we have to make our defences strong.


    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •