Anti-forensic tools

[pauldotcom at grymoire.com (Grymoire)]

> dd if=lemonparty.jpg of=\\.\f: bs=512

first of all, there is no need to use if= and of= - that's provided as
a backwards compatability to JCL (HELLO! we're talking punched cards)
Use < and < instead.

i.e.

 dd <lemonparty.jpg >\\.\f: bs=512

And yes, when the end of file is reached, dd will halt.
It does not loop the data. 
Perhaps you can 

                1) seek blocks before writing

                2) Use a bigger file

For number 1, I think you can do something like (untested)

count=0
while [ $count -lt 500 ]
do 
 dd <lemonparty.jpg >\\.\f: seeek=$count bs=512
 count=`expr $count + 1`
done


For #2, you can use any of these sources of data:
                yes | dd bs=512 count=500 >\\.\f:
                no | dd bs=512 count=500 >\\.\f:
                dd bs=512 count=500 </dev/zero  >\\.\f:         
                dd bs=512 count=500 </dev/urandom  >\\.\f:              


Usually people use the last one.

And they repeat it if they want to make sure the data has been overwritten.


I suppose you could do
while true
do
                cat lemonparty.jpg
done | dd bs=512 count=500 >\\.\f:


Hope that helps 
(new member here - first post)

Grymoire