Trojans That...

GovernmentSecurity.org > System Security > Trojan & Virus Errata

tibbar

Nov 3 2003, 09:11 AM

does anyone know of a trojan in the public domain, that hides itself inside the windows kernel?

I know someone through irc who is writing one, but he wont let anyone test it or see the code!

alternatively, does anyone have any papers on this topic?

FireAlwaysWorks

Nov 3 2003, 03:02 PM

I am pretty sure there isn't thought I wouldn't be supprized if people are working on it. It is hard to do this on a closed source kernel. I would sugest just writeing your own and make it pretty stelth, maybe drop a fake netstat. It could is just me but i don't really see the need for such a level of a hack when you can spend your time on somthing else. Such code in which you speek of will just spawn more skript kiddies which will inturn do more dammage.

peace

dissolutions

Nov 3 2003, 07:14 PM

Do you mean rootkits?

coder

Nov 3 2003, 07:23 PM

A very good read if yer interested in NT rootkits...
Real NT Rootkit: http://www.phrack.org/phrack/55/P55-05

http://www.rootkit.com/
invaluable resource for NT rootkits...

hermel

Nov 4 2003, 11:57 AM

THX for the link coder

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Trojans That... GovernmentSecurity.org > System Security > Trojan & Virus Errata tibbar Nov 3 2003, 09:11 AM does anyone know of a trojan in the public domain, that hides itself inside the windows kernel? I know someone through irc who is writing one, but he wont let anyone test it or see the code! alternatively, does anyone have any papers on this topic? FireAlwaysWorks Nov 3 2003, 03:02 PM I am pretty sure there isn't thought I wouldn't be supprized if people are working on it. It is hard to do this on a closed source kernel. I would sugest just writeing your own and make it pretty stelth, maybe drop a fake netstat. It could is just me but i don't really see the need for such a level of a hack when you can spend your time on somthing else. Such code in which you speek of will just spawn more skript kiddies which will inturn do more dammage. peace dissolutions Nov 3 2003, 07:14 PM Do you mean rootkits? coder Nov 3 2003, 07:23 PM A very good read if yer interested in NT rootkits... Real NT Rootkit: http://www.phrack.org/phrack/55/P55-05 http://www.rootkit.com/ invaluable resource for NT rootkits... hermel Nov 4 2003, 11:57 AM THX for the link coder This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.