Home
Any actions taken based on the provided code, binaries and guidance herein are undertaken at the sole discretion and responsibility of the individual who performs them.
All of this applies to the latest release of Wraith.
Wraith itself leaves no traces and is completely safe to run, however, I'll go the extra mile and tackle the only ""detection"" I've found, which is deletion-related.
If Wraith's directory is called "wraith", it will delete the whole directory.
Otherwise, it will just delete the AppImage
This leads to the directory's changing and modification dates being updated with the self-destruct date (I haven't found a way of deleting the file that bypasses this).
To mask this, I've thought about two really easy and theoretically 100% success rate solutions.
If the server you play on requires you to download anything at all before getting screen-shared, follow solution number 1.
Otherwise, follow solution number 2.
-
Delete Wraith before screen-share
Assuming you will have to download something in order for the screen-share to take place and Wraith is located at your default downloads folder, you can just self-destruct Wraith and be fine.
1) You get frozen and told to download something.
2) You self-destruct Wraith. Your download folder's modification date is the current date.
3) You download their program. Your download folder's modification date is the current date, again.
4) Done. -
Download and run Wraith from /tmp
If somehow the server you play on screen-shares without additional software, then you should download and run Wraith on the /tmp (temporary files) folder, since files here get created and erased quite frequently. You are completely safe if you choose to do this, since it would be completely unreasonable to sanction someone for their folder specially made to host ephemeral files being recently modified.
The only downside to this is that /tmp contents get deleted automatically every time you boot your computer.