|
Best rootkit for win7?
I'm wondering BEST rootkit exists on win7.
Have any idea? :confused: |
Windows 7 64 does not allow every driver to get into kernel memory region due to a very strict digital signature check. If the driver has not been digitally signed, Windows won't allow it to be loaded.
So I guess you are rather asking about new modern way - a bootkit? ;) Probably #1 is TDL3 |
TDL x64 was found ITW for about a month ago.
|
Nice quote , sendersu :P
http://www.prevx.com/blog/154/TDL-rootkit-x-goes-in-the-wild.html |
_http://www.kernelmode.info/forum/viewtopic.php?f=16&t=19&start=660
|
Quote:
|
Don't mix w7 and x64, w7x86 allows to load unsigned drivers, so many driver trojans use it as well.
|
no mixing, no fun. besides... i patched that months ago.
-Fyyre Quote:
|
It's a dirty hack and can't be used in commercial (or malware lol) software because one day ms may publish a new version of system files and u will loose all ur customers (bots). The best way nowdays is to infect MBR or something not far from.
|
probably the best for windows was Hacker defender back in the day.:D
but if you incorporate the stoned boot kit and take elements from Hacker defender you can have an awesome Windows 7 64 bit rootkit http://www.stoned-vienna.com/ |
ch0pper: Have you seen sources for the TDL4 bootkit?
|
| All times are GMT +8. The time now is 13:30. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX