Jump to content
Nytro

NTFS On-Disk Structure

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

NTFS On-Disk Structure

Visual Basic NTFS Programmer’s Guide

© 2004 Alex Ionescu

1. BASIC CONCEPTS........................................................................................................................... 5
1.1 INTRODUCTION............................................................................................................................... 5
1.2 NTFS TERMINOLOGY .................................................................................................................... 5
1.3 GENERAL TERMINOLOGY.............................................................................................................. 6
1.4 NTFS VERSIONS............................................................................................................................ 7
2. THE BOOT RECORD........................................................................................................................ 7
2.1 DEFINITION..................................................................................................................................... 7
2.2 STRUCTURE..................................................................................................................................... 7
3. METAFILES ...................................................................................................................................... 10
3.1 INTRODUCTION............................................................................................................................. 10
3.1.1 Description .......................................................................................................................... 10
3.1.2 Listing (NTFS 3.0+) .......................................................................................................... 10
3.2 $MFT.............................................................................................................................................. 11
3.2.1 Description .......................................................................................................................... 11
3.2.2 Structure .............................................................................................................................. 11
3.3 $MFTMIRR ................................................................................................................................... 12
3.3.1 Description .......................................................................................................................... 12
3.3.2 Structure .............................................................................................................................. 13
3.4 $LOGFILE...................................................................................................................................... 13
3.4.1 Description .......................................................................................................................... 13
3.4.2 Structure .............................................................................................................................. 14
3.5 $VOLUME....................................................................................................................................... 14
3.5.1 Description .......................................................................................................................... 14
3.5.2 Structure .............................................................................................................................. 14
3.6 $ATTRDEF..................................................................................................................................... 15
3.6.1 Description .......................................................................................................................... 15
3.6.2 Structure .............................................................................................................................. 15
3.7 . (DOT) ............................................................................................................................................ 16
3.7.1 Description .......................................................................................................................... 16
3.7.2 Structure .............................................................................................................................. 17
3.8 $BITMAP ........................................................................................................................................ 17
3.8.1 Description .......................................................................................................................... 17
3.8.2 Structure .............................................................................................................................. 17
3.9 $BOOT............................................................................................................................................. 18
3.9.1 Description .......................................................................................................................... 18
3.9.2 Structure............................................................................................................................... 18
3.10 $BADCLUS.................................................................................................................................... 18
3.10.1 Description....................................................................................................................... 18
3.10.2 Structure........................................................................................................................... 18
3.11 $SECURE...................................................................................................................................... 19
3.11.1 Description....................................................................................................................... 19
3.11.2 Structure........................................................................................................................... 20
3.12 $UPCASE ..................................................................................................................................... 21
3.12.1 Description....................................................................................................................... 21
3.12.2 Structure........................................................................................................................... 22
3.13 $EXTEND...................................................................................................................................... 22
3.13.1 Description....................................................................................................................... 22
3.15 $OBJID........................................................................................................................................ 22
3.15.1 Description....................................................................................................................... 22
3.15.2 Structure........................................................................................................................... 23
3.16 $QUOTA........................................................................................................................................ 23
3.16.1 Description....................................................................................................................... 23
3.16.2 Structure........................................................................................................................... 24
3.17.1 Description....................................................................................................................... 26
3.17.2 Structure........................................................................................................................... 26
3. 18 $USNJRNL.................................................................................................................................. 27
3.18.1 Description....................................................................................................................... 27
3.18.2 Structure........................................................................................................................... 27
4. ATTRIBUTES.................................................................................................................................... 29
4.1 INTRODUCTION............................................................................................................................. 29
4.1.1 Definition ............................................................................................................................. 29
4.1.2 Listing (NTFS 3.0+) .......................................................................................................... 29
4.2 TYPES OF ATTRIBUTES ................................................................................................................ 31
4.2.1 Attribute Definition ......................................................................................................... 31
4.2.2 Attribute Structure........................................................................................................... 31
4.2.3 Nonresident Attribute Definition ............................................................................... 32
4.2.4 Nonresident Attribute Structure ................................................................................ 32
4.2.5 Resident Attribute Definition.................................................................................................... 33
4.2.6 Resident Attribute Structure........................................................................................ 33
4.2.7 Named and Unnamed Attributes................................................................................ 34
4.3 $STANDARD_INFORMATION............................................................................................. 34
4.3.1 Description .......................................................................................................................... 34
4.3.2 Structure .............................................................................................................................. 35
4.4 $ATTRIBUTE_LIST.................................................................................................................. 36
4.4.1 Description .......................................................................................................................... 36
4.4.2 Structure .............................................................................................................................. 36
4.5 $FILE_NAME .............................................................................................................................. 37
4.5.1 Description .......................................................................................................................... 37
4.6 $OBJECT_ID.............................................................................................................................. 38
4.6.1 Description .......................................................................................................................... 38
4.6.2 Structure .............................................................................................................................. 38
4.7 $SECURITY_DESCRIPTOR.................................................................................................. 39
4.7.1 Description .......................................................................................................................... 39
4.7.2 Structure .............................................................................................................................. 39
4.8 $VOLUME_NAME...................................................................................................................... 41
4.8.1 Description .......................................................................................................................... 41
4.9 $VOLUME_INFORMATION.................................................................................................. 41
4.9.1 Description .......................................................................................................................... 41
4.9.2 Structure .............................................................................................................................. 41
4.10 $DATA......................................................................................................................................... 42
4.10.1 Description....................................................................................................................... 42
4.10.2 Structure........................................................................................................................... 43
4.11 $INDEX_ROOT......................................................................................................................... 43
4.11.1 Description....................................................................................................................... 43
4.11.2 Structure........................................................................................................................... 44
4.12 $INDEX_ALLOCATION ........................................................................................................ 45
4.12.1 Description....................................................................................................................... 45
4.12.2 Structure........................................................................................................................... 46
4.13 $BITMAP................................................................................................................................... 47
4.13.1 Description....................................................................................................................... 47
4.13.2 Structure........................................................................................................................... 47
4.14 $REPARSE_POINT................................................................................................................. 47
4.14.1 Description....................................................................................................................... 47
4.14.2 Structure........................................................................................................................... 48
4.15 $EA_INFORMATION............................................................................................................. 49
4.15.1 Description....................................................................................................................... 49
4.15.2 Structure........................................................................................................................... 50
4.16 $EA............................................................................................................................................... 50
4.16.1 Description....................................................................................................................... 50
4.16.2 Structure........................................................................................................................... 50
4.17 $LOGGED_UTILITY_STREAM.......................................................................................... 51
4.17.1 Description....................................................................................................................... 51
4.17.2 Structure........................................................................................................................... 51
5.0 ADVANCED CONCEPTS ............................................................................................................ 52
5.1 VCNS AND LCNS .......................................................................................................................... 52
5.2 DATA RUNS ................................................................................................................................... 52
5.2.1 Definition ............................................................................................................................. 52
5.2.2 Structure .............................................................................................................................. 53
5.3 SECURITY CONCEPTS................................................................................................................... 58
5.3.1 SIDs ....................................................................................................................................... 58
5.3.2 ACLs ...................................................................................................................................... 61
5.3.3 ACEs ...................................................................................................................................... 61
5.4 INDEXES ......................................................................................................................................... 61
5.5 SPARSE FILES............................................................................................................................... 61
5.6 ENCRYPTION................................................................................................................................. 61
5.7 COMPRESSION ............................................................................................................................... 61
5.8 USNS .............................................................................................................................................. 61

Download:

http://www.alex-ionescu.com/NTFS.pdf

Sursa: Publications « Alex Ionescu’s Blog

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...