Upgrading Ubuntu 10.10 Kernel to 2.6.37.6


I was trying to run airbase-ng on my laptop’s Ubuntu 10.10 but I realize that it have problems.  (1.) The created Access Point could not be accessed and (2.) the channel that the Access Point is created runs on channel 255 which is out of range.  I had to start searching for a solution.  My early findings told me that it had something to do with the network driver.  My laptop runs on bcm4311 and I found out that it may have something to do with MadWifi so I thought I need an Atheros.  This morning I had tried firing up my laptop in BackTrack 4 and ran airbase-ng.  My iPod caught the Access Point immediately.  At this point, I knew that it must be something wrong with Ubuntu so I continued searching.

I had then found out from the internet that it could be my kernel version that is causing the problem and here I am, updating my Ubuntu from the default kernel 2.6.35-22-generic to 2.6.37.6Whether or not airbase-ng is going to work now I am still not sure, will be updating this.  It works.

Read the rest of this entry »

Purchased Rootkits | Subverting the Windows Kernel


A month ago I have bought Rootkits, Subverting the Windows Kernel by Greg Hoglund and James Butler and I find it superb.  If you are a rootkit developer or looking to be one, this is a must have book that you need to get a hold of.  It teaches you generally the stuffs you want to learn such as hiding processes, files and directories, registries and lots more.  Conquering the kernel level as well as beating up Antiviruses are one of the topics that are discussed on!  Recently I am busy with my final years so I hope I can find time to post some useful articles.

Are you a rootkit developer?


Are you a rootkit developer?  Can you fulfill my idea in the Ideas and Challenges page?  I am looking for some articles or any resources that can help me solve the following.

  • Hide a process
  • Hide a file
  • Hide a registry
  • Hide a port
  • Contact userland application, vice versa
  • Keystroke logging

If you by chance come across any articles or books related to this please do let me know!

Rootkits | Subverting the Windows Kernel


Are you a programmer that loves to design malicious application?  Do you find malicious applications that you have made are easily detected by anti-virus software (oh come on, Fully Un-detectable (FUD) isn’t going to last long)?  Do you know the difference of user and kernel space?  Ever wanted to be able to stay on the same level as the anti-virus as well as getting rid of it?

Take yourself into a whole new level by learning how to develop a rootkit! Read the rest of this entry »

Microsoft Detours


Detours is a library for instrumenting arbitrary Win32 functions on x86, x64, and IA64 machines. Detours intercepts Win32 functions by rewriting the in-memory code for target functions. The Detours package also contains utilities to attach arbitrary dynamic-link libraries (DLLs) and data segments (called payloads) to any Win32 binary. Read the rest of this entry »