REGISTER
desert eagle
main menu

home

forums
    Show me new threads!

bookmarks

view blogs

vault

you must be level 2 to upload files to your vault

downloads

you must be logged on, and level 1, to access downloads

Rootkit Collection

File Contributer Link
Hacker Def... hfn/a
HE4Hook adminn/a
BASIC CLAS... hoglundn/a
Vanquish xshadown/a
NT Rootkit hoglundn/a
FU fuzen_opn/a
WinlogonHi... JeFFOsZn/a
klister joannan/a
Patchfinde... joannan/a
MyNetwork hoglundn/a
MTDWin hoglundn/a
NTFSHider hoglundn/a
VideoCardK... hoglundn/a
VICE fuzen_opn/a
Klog Clandestin...n/a
NtIllusion Kdmn/a
AFX Rootki... TheRealAph...n/a
SInAR vulndevn/a
Shadow Wal... Clandestin...n/a
BootRootki... dereksoede...n/a
CHAZ - Nim... neocrackrn/a
Clandestin... merlvingia...n/a
FUTo petersilbe...n/a
Windows Me... alcapone66...n/a
RAIDE petersilbe...n/a
BOOT KIT vipinkumarn/a
BluePill Joanna and...n/a
DEFRAG blume1975n/a
Keyboard H... chpien/a
CheatEngin... DarkByten/a

search the site

New BOOT KIT Released : message board

post a message

Show all posts in this forum

view options: unpacked threads | | old style view

how many threads to display:

search board (text+titles):

Posted by MohammadHosein (Normal user) [ip info hidden] - Nov 26 2006, 20:51 (UTC+0)
USB ?
any hint to get it working on usb bootable targets ?

this thread posts:
  • USB ?
    (by MohammadHosein (Normal user) Nov 26 2006, 20:51 (UTC+0) )

    any hint to get it working on usb bootable targets ?

    • Re: USB ?
      (by vipinkumar (Project Leader) Nov 27 2006, 00:52 (UTC+0) )


      Most of the USB devices boot in USB-HDD mode.When bios starts booting, it marks first hdd at 80, next at 81 and so on.The current bootkit only tries to boot off 80 HDD,so,if the target only has a USB HDD, it should work fine.

      Minor code changes will be necessary if you want the code to boot from USB-HDD,floppy drive and hard-drives instead of CD or PXE .This is because in these case BIOS loads 512 bytes and starts executing them.However, the boot kit crosses this limit,so the boot kit should be modified to load it's remaining part and then continue execution.

      In case of CD-ROM & PXE, almost all the code gets loaded(certain limits do exist), but it gets the job done in case of bootkit easily.

      • Re: USB ?
        (by MohammadHosein (Normal user) Nov 27 2006, 06:45 (UTC+0) )

        thanks for the answer
        and again , is there any paper or presentation explaining your bootkit in details ? i liked eeye's paper's regarding to bootroot and it would be a great idea if you publish some paper on bootkit's internals

        • Re: USB ?
          (by vipinkumar (Project Leader) Nov 27 2006, 07:10 (UTC+0) )

          definitely,
          A small research paper has been written, which describes boot kit in details.The paper also works up a few kernel mode shell codes, and documents a new technique to find the non-exported functions easily.The paper would be disclosed in a few days when it gets completed

          Warm regards.

          • Re: USB ?
            (by MohammadHosein (Normal user) Nov 27 2006, 08:24 (UTC+0) )

            that's great :)
            looking forward to this in-dept paper , soon i should develop a usb powered clone of this technique and i've been in contact with eeye fellas they told me bootroot2 which is the most complete and feature rich implementation of this idea wont be publicly available due to ethical issues , so i would be glad to use your code as a start , and i will share the result with the community



When in doubt, use brute force. - Ken Thompson