Resilient File System (ReFS), codenamed "Protogon", is a Microsoft proprietary file system introduced with Windows Server 2012 with the intent of becoming the "next generation" file system after NTFS.

https://en.wikipedia.org/wiki/ReFS

There have been some work on it but I don't think there are fully working reader implementations, AFAIK.

So far I've setup a VM with a second 1GB disk in raw format. I can run commands on it from my linux host with winexe (eg format command and file operations). I can then analyse and diff the image between operation.

Joachim Metz has started documenting a lot of the internal data structures and has some code to analyse them.

  • https://github.com/libyal/libfsrefs
  • https://github.com/libyal/libfsrefs/blob/master/documentation/Resilient%20File%20System%20(ReFS).pdf

Looking for hackers with the skills:

filesystem linux reversing

This project is part of:

Hack Week 15

Activity

  • over 3 years ago: dsterba liked Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: pluskalm liked Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: dwaas liked Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: aaptel added keyword "filesystem" to Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: aaptel added keyword "linux" to Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: aaptel added keyword "reversing" to Make some progress on reversing Microsoft new CoW filesystem, ReFS
  • over 3 years ago: aaptel originated Make some progress on reversing Microsoft new CoW filesystem, ReFS

  • Comments

    Be the first to comment!

    Similar Projects

    HelenOS: <filesystem> of a down by jjindrak

    During the previous Hackweek [0], I have succes...


    Testing GNU/Linux distributions on Uyuni by juliogonzalezgil

    Join the rocket chat channel! [https://chat.su...