Explore Your World: Hiding Secret Data in Bad Block Partition in Ubuntu

When the hard disk was damaged in the sector so that block is not used to store data on your system , but we can use the filesystem blocks that have (allegedly) bad. If the block is not really damaged, any data that we put there will never be touched, because the filesystem thinks it's rubbish. If the block is not really damaged, the data we put there will never be touched, because the system thinks the same garbage files. That, is exactly what we will do.

Partition must be small to contain confidential data and not to a partition larger than 100MB Agr did not arouse suspicion. Some operating systems mark blocks as bad blocks used, which means if we put inside a 100MB partition with bad blocks, the "parent" filesystem will always have at least 100MB in use. Some operating systems marks bad blocks as used blocks, which means that if we put a 100MB partition on the block bad, "parent" filesystem will always have at least 100MB in use. This could arouse Suspicion when there are not any files on it. This can lead to suspicion when there is no files in it.

I will use 256MB flash for illustrative purposes

Here's what sfdisk has to say about it: This is what sfdisk to say about this:

$ sfdisk -l /dev/sde

Disk /dev/sde: 1009 cylinders, 9 heads, 56 sectors/track
Units = cylinders of 258048 bytes, blocks of 1024 bytes, counting from 0

evice Boot Start     End   #cyls    #blocks   Id System
/dev/sde1          0       -       0          0    0 Empty
/dev/sde2          0       -       0          0    0 Empty
/dev/sde3          0       -       0          0    0 Empty
/dev/sde4          0       -       0          0    0 Empty

We could see the flash is composed of cylinder 1009. we can make about 20MB, which is approximately 82 cylinders on this disk (see the second row sfdisk-l). Because we can not create a partition at the beginning of the disk, let us put in 214 cylinders: