deneb97

how to download a rootkit

13 posts in this topic

hi boys!

i'm new of this fantastic forum and i want to know "how can i do a rootkit?"

deneb97 :biggrin:

Edited by deneb97
0

Share this post


Link to post
Share on other sites

hi boys!

i'm new of this fantastic forum and i want to know "how can i do a rootkit?"

deneb97 :biggrin:

http://www.stoned-vienna.com/

http://vx.netlux.org/

http://vx.netlux.org/search.php?cx=002577580816726040001%3Az9_irkorydo&cof=FORID%3A10&ie=UTF-8&q=+rootkit&sa=Search

oh yeah, also http://www.offensivecomputing.net/

or just search porn and click all the popups

1

Share this post


Link to post
Share on other sites

thank you very much!

but, I can create a rootkit with ms dos language?

i know ms-dos language

0

Share this post


Link to post
Share on other sites

sorry Afterm4th...in one of links who you are shared (maybe this http://vx.netlux.org/) many software are created in a strange format (Rootkit.Win32.Agent.anc) ... do you know a website who have a .exe software?

maybe these files can be opened? or not?

0

Share this post


Link to post
Share on other sites

sorry Afterm4th...in one of links who you are shared (maybe this http://vx.netlux.org/) many software are created in a strange format (Rootkit.Win32.Agent.anc) ... do you know a website who have a .exe software?

maybe these files can be opened? or not?

Yes it is possible to create a rootkit in "MSDos Language" but I dont know how effective it would be against todays antivirus technologies. Who knows, old code might slip right past the AV.

Those files that you see in "a strange format" are the source files of the rootkits. You will need a compiler to make them effective.

To be honest it doesnt sound like you know what you're doing. I urge extreme caution when playing with any sort of malware, especially rootkits.

If by some off chance you do think you know what you're doing you can try to get fresh unreleased 0day exploits and rootkits from a site like this

****DANGER DANGER LIVE VIRUS SITE****

freemovtube.info

****DANGER DANGER LIVE VIRUS SITE****

and there are many more listed here:

http://www.freepcsecurity.co.uk/ (this website is great to have for IPs to block in your host file)

Not only can you get rootkits from this domain name, but they WANT you to have their rootkits. So much infact that many of them will employ techniques that will download the files for you! And they'll Install by themselves!!

Again, I hope you know what you're doing. Malware research is very dangerous.

If you have any doubts at all, unplug your computer right now and go play checkers or something because the internet really isn't that friendly of a place.

Edited by Afterm4th
1

Share this post


Link to post
Share on other sites

thank you very much! :biggrin:

anyway i know what can doing the virus and the rootkits

-1

Share this post


Link to post
Share on other sites

or just search porn and click all the popups

:laugh::laugh::laugh:

I kinda feel this is a situation where it'd be important to point 'em to starter material...

1

Share this post


Link to post
Share on other sites

Are any of the above listed links safe for use/testing in a VM or should someone serious about malware analysis setup and dedicate a test box for this?

0

Share this post


Link to post
Share on other sites

Are any of the above listed links safe for use/testing in a VM or should someone serious about malware analysis setup and dedicate a test box for this?

If you want to be completely paranoid, unplug the hard disk and boot up to a LiveCD. If you want to get a closer look, make a persistent LiveUSB and when you're finished getting rooted, take a look at that from a forensic LiveCD. Zero risk here, best way it can done.

0

Share this post


Link to post
Share on other sites

Are any of the above listed links safe for use/testing in a VM or should someone serious about malware analysis setup and dedicate a test box for this?

If you want to be completely paranoid, unplug the hard disk and boot up to a LiveCD. If you want to get a closer look, make a persistent LiveUSB and when you're finished getting rooted, take a look at that from a forensic LiveCD. Zero risk here, best way it can done.

I'd say dedicated machine with VMs and sandboxie should do the trick.. I using vmware, process explorer, opned files view, and other tools +ida pro

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now