Make some progress on reversing Microsoft new CoW filesystem, ReFS
an idea by aaptel
Updated over 5 years ago. 3 hacker ♥️. Has no hacker: grab it!

Resilient File System (ReFS), codenamed "Protogon", is a Microsoft proprietary file system introduced with Windows Server 2012 with the intent of becoming the "next generation" file system after NTFS.

https://en.wikipedia.org/wiki/ReFS

There have been some work on it but I don't think there are fully working reader implementations, AFAIK.

So far I've setup a VM with a second 1GB disk in raw format. I can run commands on it from my linux host with winexe (eg format command and file operations). I can then analyse and diff the image between operation.

Joachim Metz has started documenting a lot of the internal data structures and has some code to analyse them.

  • https://github.com/libyal/libfsrefs
  • https://github.com/libyal/libfsrefs/blob/master/documentation/Resilient%20File%20System%20(ReFS).pdf

No Hackers yet

Join this project

Looking for hackers with the skills:

filesystem linux reversing

This project is part of:

Hack Week 15

Activity

  • over 7 years ago: dsterba liked this project.
  • over 7 years ago: pluskalm liked this project.
  • over 7 years ago: dwaas liked this project.
  • over 7 years ago: aaptel added keyword "filesystem" to this project.
  • over 7 years ago: aaptel added keyword "linux" to this project.
  • over 7 years ago: aaptel added keyword "reversing" to this project.
  • over 7 years ago: aaptel originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!