Hiding Data in Registry
We can hide data of different format within Windows registry (strings, binary data), some registry entries are already available for storing hidden data , the best known location is HKEY_LOCAL_MACHINESystemCurrentControlSetControlTimeZoneInformation , this key records the difference between PC local time and UTC time zone in addition to other functions. This key contains two entries that could hold both string and binary data and could be left empty as they are not used by Windows. These entries are StandardName and DaylightName.
|Tutorial Key Facts
|Supported Operating System||Windows XP , Vista , 7
We can also create a new key under TimeZoneInformation key and create different values inside it to hide our data (of course we should use misleading names for our values to make discovering our hidden keys more difficult).
Figure 1: Adding new key under TimeZoneInformation key to hide different data formats
Permanent link to this article: http://www.darknessgate.com/security-tutorials/date-hiding/hiding-data-in-registry/