Zitat:
ROFL. Usermode-Rootkits sind ja so oder so lächerlich. Schon von daher
Wo wir gerade bei Rootkits sind. 2 Artikel der letzten Phrack-Ausgabe waren sehr interessant:
A portable Userland Rootkit :
*snip*
Zitat:
The mechanisms presented in this paper are the result of long research and
experimentations. It shows up that ring 3 rootkit are an effective threat
for nowadays computer systems but may be defeated by a clever analysis of
the weakpoints they target. So this type of rootkit isn't perfect as data
may still be detected, even though they're from far more difficult to
notice. Keep in mind that the most important thing is not to cause
suspicion, and therefore not be detected. In a word, ring 3 rootkits are
perfect meantime to get administrative privilege on the local machine and
install a most adapted ring 0 rootkit that will be more suitable to reach
the maximum stealth.
und natürlich dein Liebling @ Olli
:
Kernel-Mode Backdoor
*snip*
[edit=alcaeus]Links entfernt. Begruendung siehe naechster Beitrag. Mfg, alcaeus[/edit]