main menu
vault
you must be level 2 to upload files to your vaultdownloads
you must be logged to access downloadsRootkit Collection
| File | Contributer | Link |
| Hacker Def... | hf | n/a |
| HE4Hook | admin | n/a |
| BASIC CLAS... | hoglund | n/a |
| Vanquish | xshadow | n/a |
| NT Rootkit | hoglund | n/a |
| FU | fuzen_op | n/a |
| WinlogonHi... | JeFFOsZ | n/a |
| klister | joanna | n/a |
| Patchfinde... | joanna | n/a |
| MyNetwork | hoglund | n/a |
| MTDWin | hoglund | n/a |
| NTFSHider | hoglund | n/a |
| VideoCardK... | hoglund | n/a |
| VICE | fuzen_op | n/a |
| Klog | Clandestin... | n/a |
| NtIllusion | Kdm | n/a |
| AFX Rootki... | TheRealAph... | n/a |
| SInAR | vulndev | n/a |
| Shadow Wal... | Clandestin... | n/a |
| BootRootki... | dereksoede... | n/a |
| CHAZ - Nim... | neocrackr | n/a |
| Clandestin... | merlvingia... | n/a |
| FUTo | petersilbe... | n/a |
| Windows Me... | alcapone66... | n/a |
| RAIDE | petersilbe... | n/a |
| BOOT KIT | vipinkumar | n/a |
| BluePill | Joanna and... | n/a |
| DEFRAG | blume1975 | n/a |
| Keyboard H... | chpie | n/a |
| CheatEngin... | DarkByte | n/a |
| short description | BOOT KIT is a project related to custom boot sector code subverting Windows NT Security Model.The sample presented here keeps on escalating cmd.exe to system privileges every 30 secs. |
| long description: | BOOT KIT is a project related to custom boot sector code subverting Windows NT Security Model.The sample presented currently keeps on escalating cmd.exe to system privileges every 30 secs. It has several features 1) It's very small.The basic framework is just about 100 lines of assembly code.It supports 2000,XP,2003 2) It patches the kernel at runtime(no files are patched on disk). 3) BOOT KIT is PXE-compatible. 4)It can even lead to first ever PXE virus 5)It also enables you to load other root kits if you have physical access(Normally root kits can only be loaded by the administrator The bootkit has been tested with a number of kernel mode shell codes such as Loading Native Applications and drivers from the shell code creating a kernel ,which periodically raises every CMD.EXE to system privileges. The Source code will contain 4 levels of BOOT KITs(showcasing different payloads) 1) Basic framework ( Kernel patching has to be done later on) 2) Privilege escalation framework(demonstrates creating new system threads and how to escalate privileges easily) 3) Loading drivers and native applications from kernel mode without touching registry 4) PXE compatible code(Basic franework). Source code will be uploaded in a day or two. Basic version source has been uploaded. Checkout the vault. Authors:- Nitin Kumar Vipin Kumar |
| project leader: | vipinkumar |
| homepage: | http://www.rootkit.com/project.php?id=34 |
| changelog: | |
| download: | link |
| view options: unpacked threads | collapsed threads | old style view | |
|
