This is a bit of an old exploit but i tried searching for it on AO couldnt find anything about it. I have tried it myself on one of my machines that has WinXP SP2 and its still a problem. After the 256 characters it says "Cant access this Folder Path to long". On the security focus site it has the proof of concept file, but its a little mangled you'll have to fix it up a bit, ill post it a bit later,the proof of concept file basicly makes a few dir's well alot auctly and puts an EICAR test file in the very last one which is not detected even when a ran a test on the folder using avg.

Copied From Security Focus There exists a condition in Microsoft Windows operating systems using NTFS that may allow for files to be hidden.

Though the NTFS filesystem allows for a 32000 character path, Microsoft Windows operating systems (NT4, 2000 and XP) enforce a 256 character limit. Any attempt to create, traverse or otherwise operate on a path longer than 256 chatacters will fail.

By using drives mapped to directories created with 'SUBST', it is possible to create directory paths longer than 256 characters. This can be accomplished by creating directories on the 'SUBST' drive. The directories on the drive will be subdirectories in the tree to which the drive is mapped. Creating these directories may result in the total absolute path exceeding the 256 character limit.

If the absolute path of a directory created on a 'SUBST' mapped drive exceeds 256 characters, any files within will be inaccessible through traversing the full path. The files may still be accessed through the paths on the mapped drive. If the drive is deleted, the files may be completely inaccessible unless a drive is re-mapped to the same position in the directory tree.

This vulnerability poses a serious risk to programs which scan the filesystem, such as antivirus software. When attempting to traverse the long path, Norton Antivirus and Kaspersky Antivirus fail to scan files in the long directory trees due to the Windows path restrictions. Furthermore, if a virus executes, they do not scan the disk image because it is inaccessible. Exploitation of this vulnerability may allow for viruses to remain undetected on filesystems. Attackers may also be able to hide files using this vulnerability, as Explorer and any other utility cannot traverse the paths where they are stored.


EDIT ive just found something else out, you cant delete the file from explorer gui, says its too long, need to use cmd with the line "rmdir /s <dir>" but it may not work ive had some trouble EDIT

I wont upload it as there may be some people who will use it for bad