Description: 一个基于MBR的bootkit,主要功能是实现NDIS的后门技术,接受固定格式的数据包而实现主机红屏。-The eEye BootRootKit NDIS backdoor is a demonstration of boot-time Windows kernel subversion technology. The assembly source code (ebrk.asm) was written for use with MASM 6.11. It comes in pre-packaged executable form as a floppy disk image (ebrk.img) and as a CD-ROM ISO-9660 image (ebrk.iso).
Note that the ISO is bare-bones and does not contain a file system, only a boot sector. If you burn it to disc, it will for the most part appear to be a blank CD.
We ve also included the source for a very simple demonstration packet (demrsod2.asm), and a compiled binary file (demrsod2.bin) to be used with netcat ("nc-u"). Platform: |
Size: 80896 |
Author:沙乐天 |
Hits:
Search - Rootkits: Subverting the Windows Kernel source cod