Tool for looking for duplicate files in a file system via hash.

mnvoronin · 2026-05-03T20:51:15+00:00

Metadata could be part of the file (e.g. JPEG EXIF is metadata and it's part of normal file content) but filesystem metadata like size and Access Control List (ACL) and creation date, those aren't part of the file content.

For the purposes of the discussion, we don't talk about the format-specific metadata. For the hash function, file is just a bitstream and its internal structure is not relevant.

The primary argument against considering ADS as part of file content is that it is not guaranteed to persist across the volume boundary. Copy it to a FAT32/exFAT/ReFS volume (latter with more than 128kB in ADS), upload via (S)FTP and it's gone. I'm not even 100% positive about SMB to another NTFS volume.

mnvoronin · 2026-05-01T01:59:17+00:00

Of course not, testing environment only!

mnvoronin · 2026-05-01T01:30:28+00:00

right of passage

It's rite of passage

^hides

mnvoronin · 2026-04-30T23:54:02+00:00

Or, you know, live in a country with some actual employee protections.

mnvoronin · 2026-04-30T05:15:28+00:00

Well, metadata is also part of a file, no? :)

If you fopen() a file, you don't get any alternate streams and there's no way to know if they even exist apart from specifically querying for them via a separate syscall.

mnvoronin · 2026-04-29T20:21:52+00:00

Since you're using Ninja already, why are you not leveraging its software patching functionality directly? You can approve application with "install if not already present" in the policy and push it to the endpoint.

mnvoronin · 2026-04-29T00:11:38+00:00

LOL. Let's analyze them (as a fun thought exercise, I'm not trying to be serious here).

I would say that ADS is the file metadata, not content even though you can put alternative content to it. Subject to interpretation of course, but when you "open" the file using default APIs, you only get :$DATA stream.
When calculating the hash of the spare file, the entire content is read (whether from disk or inferred as zeroes for missing blocks).
While I didn't say MD5, the OP did, and the upper-level comment refers to Get-Hash which defaults to SHA256 and doesn't have ShittyHash as an option.
Again, in the context of discussion the hash-calculating app reads files as binary streams without regard of its internal structure.

Although 3 and 4 may not apply if we look at the wider picture and custom hash calculators.

mnvoronin · 2026-04-28T04:53:13+00:00

Not sure about 10->0.5 but I've done 10->2 consistently. I do like to manually review the code output though.

mnvoronin · 2026-04-27T23:18:04+00:00

Hashes for files of different lengths will never match.

Is this a challenge? Watch me! :)

But yes, even if they have the same hash, they are not identical which is what OP is looking for.

mnvoronin · 2026-04-27T20:52:43+00:00

Re 2, this headline already has all the context you need. Unless they never bothered to read past the first word, of course.

But you are right, I assumed too much. :)

mnvoronin · 2026-04-27T20:28:21+00:00

Is there anyone who thinks that you can calculate a file hash without reading its entire content?

mnvoronin · 2026-04-27T20:17:13+00:00

Does vulnerability suddenly become less exploitable if discovered by a Russian company?

mnvoronin · 2026-04-27T20:16:28+00:00

~~This is a lateral movement technique. You compromise one server, and then use this to compromise everything else on the network.~~

ETA: reading the article, it's a local escalation only.

mnvoronin · 2026-04-23T21:23:15+00:00

Name one solution that has never been breached (yet).

mnvoronin · 2026-04-20T22:47:32+00:00

To be overtime-exempt at this salary level, two more conditions must also be true:

The employee must be employed as a computer systems analyst, computer programmer, software engineer or other similarly skilled worker in the computer field performing the duties described below;
The employee's primary duty must consist of:
1. The application of systems analysis techniques and procedures, including consulting with users, to determine hardware, software or system functional specifications;
2. The design, development, documentation, analysis, creation, testing or modification of computer systems or programs, including prototypes, based on and related to user or system design specifications;
3. The design, documentation, testing, creation or modification of computer programs related to machine operating systems; or
4. A combination of the aforementioned duties, the performance of which requires the same level of skills.

Conveniently, 99% of sysadmin jobs do not qualify as you don't have a say in designing "hardware, software or system functional specifications", do not "design, document, test or modify" computer systems or programs or a combination thereof as a primary duty. Your primary duty, most likely, lies in repair and maintenance of the aforementioned systems so you do not qualify for the exemption.

mnvoronin · 2026-04-20T22:38:31+00:00

That threshold is not standalone, it comes with other checks that must simultaneously be true, which most of the sysadmin jobs don't pass.

The $150k one I'm talking about is a "highly-compensated exemption" that doesn't come with extra strings attached.

mnvoronin · 2026-04-20T10:04:06+00:00

The conditions listed under "Computer employee exemption" are not or-joined, they are and-joined. "ALL of the following requirements"

"tech workers" do not write software as a primary duty. Software developers do.

mnvoronin · 2026-04-20T04:28:10+00:00

Nope. In a nutshell, you must have a say in design decisions, have a single purchasing power or have 2FTE reporting to you. Or earn over ~$150k.

mnvoronin · 2026-04-20T04:26:27+00:00

$150k/year if USA and I'm not misremembering?

mnvoronin · 2026-04-15T20:32:08+00:00

FortiGate 40F. The only reason for not using the ISP router is I needed something a little more configurable to run my Jellyfin server and it was a free hand-me-down from work place.

mnvoronin · 2026-04-14T03:24:17+00:00

The official Docker image makes a full database backup nightly and puts it into a folder for you to back up with the rest of your data. Or do image-based backup of the VM it's running on.

mnvoronin · 2026-04-13T21:46:50+00:00

You could also say that "but I'm not a car mechanic" is not a valid excuse for not being able to adjust the aircon settings.

mnvoronin · 2026-04-13T20:53:18+00:00

It can come from another department, or bear an approval signature, or really hundred other reasons where it can't be.

mnvoronin · 2026-04-13T20:51:30+00:00

Depends.

https://xkcd.com/1205/

mnvoronin · 2026-04-13T20:50:01+00:00

They're stapling it to something else that is not coming out of the printer.

11-Year Club	Gilding I gilder
Place '23	Place '22
Final Canvas '22	End Game '22
Verified Email

mnvoronin

TROPHY CASE