By: vipinkumar
It has several features
1) It's very small.The basic framework is just about 100 lines of assembly code.It supports 2000,XP,2003
2) It patches the kernel at runtime(no files are patched on disk).
3) BOOT KIT is PXE-compatible.
4)It can even lead to first ever PXE virus
5)It also enables you to load other root kits if you have physical access(Normally root kits can only be loaded by the administrator)
The bootkit has been tested with a number of kernel mode shell codes such as Loading Native Applications and drivers from the shell code
creating a kernel ,which periodically raises every CMD.EXE to system privileges.
The Source code will contain 4 levels of BOOT KITs(showcasing different payloads)
1) Basic framework ( Kernel patching has to be done later on)
2) Privilege escalation framework(demonstrates creating new system threads and how to escalate privileges easily)
3) Loading drivers and native applications from kernel mode without touching registry
4) PXE compatible code(Basic PXE franework).
Basic version source has already been uploaded.
Download it
We would be happy for any queries related to project.
Authors:-
Nitin Kumar
Vipin Kumar
BOOT KIT is a project related to custom boot sector code subverting Windows NT Security Model.The sample is available in the vault that keeps on escalating cmd.exe to system privileges every 30 secs.
It has several features
1) It's very small.The basic framework is just about 100 lines of assembly code.It supports 2000,XP,2003
2) It patches the kernel at runtime(no files are patched on disk).
3) BOOT KIT is PXE-compatible.
4)It can even lead to first ever PXE virus
5)It also enables you to load other root kits if you have physical access(Normally root kits can only be loaded by the administrator)
The bootkit has been tested with a number of kernel mode shell codes such as Loading Native Applications and drivers from the shell code
creating a kernel ,which periodically raises every CMD.EXE to system privileges.
The Source code will contain 4 levels of BOOT KITs(showcasing different payloads)
1) Basic framework ( Kernel patching has to be done later on)
2) Privilege escalation framework(demonstrates creating new system threads and how to escalate privileges easily)
3) Loading drivers and native applications from kernel mode without touching registry
4) PXE compatible code(Basic PXE franework).
Basic version source has already been uploaded.
Download it
We would be happy for any queries related to project.
Authors:-
Nitin Kumar
Vipin Kumar
扫一扫
1574
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
