hi,
what is that morphine.exe ? does it hide trojans and rootkit ? does it help against norton internet security 2003/2004 ?

anybody knows a official unknown rootkit thats not detected by commercial desktop antivirus progs ?


cya

hi all
--------------------------------------------------------------------------------------
hacker defender Version: 0.8.4
--------------------------------------------------------------------------------------
Hacker defender (hxdef) is rootkit for Windows NT 4.0, Windows 2000
and Windows XP
---------------------------------------------------------------------------------------
this tool can hide files, processes, system services, system drivers, registry keys and values, open ports, cheat with free disk space. Program also masks its changes
in memory and hiddes handles of hidden processes. Program installs hidden
backdoors, register as hidden system service and installs hidden system driver.
The technology of backdoor allowed to do the implantation of redirector.
---------------------------------------------------------------------------------------
download size = 111kB
enjoy

I use AFX rootkit but I'll give this one a try.

Yes great Rootkit, Thx....

yes it's a great rootkit
thanks man

Yeah, great Rootkit but you must know some important things about it before using it :

-> the 'hide port' feature work but the services using these hidden ports won't restart after reboot.

-> the previous version, 073 was hidden in safe mode, but this one use a driver who don't start in safe mode, and the main prog is coded not to run if the driver can't be started .
So, with the hxdef084, when you boot in safe mode, nothing is hidden anymore.

-> The sys driver (new in this version) lights Norton antivirus 2004 or netshield, up as soon as you run the program. You can use morphine.exe on the main prog, but it's impossible for the driver.
Version 073 works perfectly with morphine protection, this one doesn't.

So i suggest you to use version 073 instead, until a morphine version who support .sys release and wait for these problems to be fixed.
For information and testing purpose i attached hackerdef073 & morphine v1.2, don't know if it was already posted... (works perfectly)
-Archive content: hxdef073.exe / hxdef073.ini / bdcli073.exe / rdrbs073.exe / readmeen.txt / morphine.exe / morphine.txt / morphine.dpr



ps: sorry for my poor english, i try to improve it but have lot of work to do again ;-) (i'm french)


Starsky32.

detect by my AV

But usefull at all

10x... GreaT JoB!!!

yes its detectable by Kaspersky AV

( yes the Russians are everywhere )


so its useless for me

A great rootkit any ideas where i can find more information about rootkits?

thanks for the info - morphine is a handy tool

Cheers mate

it can be usefull thx

to be not detect by the AV :

- stop the AV

- install hxdef

- run the AV


Oh ! it's not detect !

thx for it, i have started the 073-version, but i can't delete it
I typed: net stop NetDefender073, but then the following appears:

HXD Service 073 wird beendet........
HXD Service 073 konnte nicht beendet werden.

translating into english:

HXD Service 073 is terminating........
HXD Service 073 could not be terminated.

So, i have a problem

I tried to refresh the settings with copy of the 073-version in another directory but didnt work.

Is there any way to uninstall the 073-version? thx so much.

you must delete the service of hexdef and restart the system. the servicename
is in the .ini

But as I wrote, my Windows XP SP1 is unable to stop the service, and when I try it again, then the following appears:

Der Dienst kann in seinem gegenwärtigen Zustand nicht kontrolliert werden.

translating into english:

The service can't be controlled in this currently state.

Ok, girls, I managed to solve it.

I linked a bat-file to the startup-directory with the content to delete hxdef073.exe

Luckily, my bat-file was faster than the service

Guys,you should try this.