Purchased Rootkits | Subverting the Windows Kernel

A month ago I have bought Rootkits, Subverting the Windows Kernel by Greg Hoglund and James Butler and I find it superb.  If you are a rootkit developer or looking to be one, this is a must have book that you need to get a hold of.  It teaches you generally the stuffs you want to learn such as hiding processes, files and directories, registries and lots more.  Conquering the kernel level as well as beating up Antiviruses are one of the topics that are discussed on!  Recently I am busy with my final years so I hope I can find time to post some useful articles.

Builder & Stub | How to create your own builder and stub in C (using Resource)

If you are looking to build it using EOF, look here.

As i have already created a similar post which creates your own builder using the File I/O (Input/Output) operation, some have came across a problem where they need their stub application to be placed and ran in memory instead of normal execution.  In order to counter this problem, the solution that can come into mind is to use the resource data in the file.  Even if your file is ran in the memory, the resource data is also loaded with it.  Be aware that the terms used may confuse you so read the synonym section.  Take a look at the concept below. Read the rest of this entry »

Builder & Stub | How to create your own builder and stub in C (using EOF)

If you are looking to build it using Resource, look here.

This question is often seen in one of the forum that i hang around.  Although the programming language is different, the idea and concept is one.  I have already prepared a source code for this project but i will explain a little or less about how it works.  Understand that the term stub i am using refers to the application that is going to read a message that has been injected from an application called builder.  Be aware that the term injected also refers to implanted or appended.  In this article, i will be showing the concept on how a builder and stub works, what will you need before coding it and your preparations as well as pseudocode to ease understanding of the concept.  Apart from that you can download the project in case you are not sure what to do with the source code given due to certain complexity. Read the rest of this entry »

Rootkits | Subverting the Windows Kernel

Are you a programmer that loves to design malicious application?  Do you find malicious applications that you have made are easily detected by anti-virus software (oh come on, Fully Un-detectable (FUD) isn’t going to last long)?  Do you know the difference of user and kernel space?  Ever wanted to be able to stay on the same level as the anti-virus as well as getting rid of it?

Take yourself into a whole new level by learning how to develop a rootkit! Read the rest of this entry »