Description: The eEye BootRootKit NDIS backdoor is a demonstration of boot-time Windows kernel subversion technology. The assembly source code (ebrk.asm) was written for use with MASM 6.11. It comes in pre-packaged executable form as a floppy disk image (ebrk.img) and as a CD-ROM ISO-9660 image (ebrk.iso).
Note that the ISO is bare-bones and does not contain a file system, only a boot sector. If you burn it to disc, it will for the most part appear to be a blank CD.
We ve also included the source for a very simple demonstration packet (demrsod2.asm), and a compiled binary file (demrsod2.bin) to be used with netcat ("nc-u").
- [RootkitTeach] - Rootkit technical details of the documen
- [hxdef100_src] - drive-level windows rootkit backdoor! de
- [FireWall] - Use ndis im layer drive to achieve a sim
- [NdisMonitor_v1-00_kernel] - NdisMonitor_v1-00_kernel: is an NDIS dri
- [irqs] - User-mode access APIC interrupt redirect
- [DNF] - DNF driver protection
- [Windowscore] - windows core programming source code, le
- [BOOTKIT] - bootkit 系统启动引导盘源码 最近鬼影病毒相关源码(说明不专业……)
File list (Check if you may need any files):
demrsod2.asm
demrsod2.bin
ebrk.asm
ebrk.img
ebrk.iso
eeyebootroot.ppt
readme.txt
Download