Contact Us
Article
Hacker Tools New Update | Download Directory |
| Windows | Linux | Mac OS X | Mobile | Assessment | Defense | Documents | Miscellaneous |
Hacker Tools » Download -> Documents-> Security » An Analysis of the Rustock.B Rootkit

This Directory TOP
joomlascan.py.txt
zfo3.txt
phpdj-rfi.txt
Cracking Password With Only Physical Access
sql-inject.pdf
sql-command.pdf
mxbb233-rfi.txt
Rootkits_final.zip
phpnukeplat-rfi.txt
Core02.pdf
ar38010.pdf
immunizing_the_internet.pdf
Phishing_DMosley.pdf
Spyware_and_The_Next_Level
ISMS_VKumar.pdf
phpjobscheduler-rfi.txt
YCS-2005-389.pdf
Chapter2.pdf
SEC314_Riley.pdf
Zfone_SSotillo.pdf
Mac OS X 10.4 Security Checklist
sslstrip-hijack.pdf
weaponizing-wireless.pdf
Advanced_Network_Exploitation_2009.pdf
H2HC-CFP-2006.txt
skype.txt
ms08_067_netapi.rb.txt
Frequency_HGantt.pdf
Security Analysis of Web Services - thesis
intelligent-debugging.pdf
cybercraft.pdf
Computer & Mind.pdf
Search

An Analysis of the Rustock.B Rootkit

File Size: KB
Developer: http://www.reconstructer.org
Description:     The rootkit used several proprietary obfuscation/packing methods to hide the native driver code from prying eyes. I have divided the paper into two main parts. The first part, which is divided in three stages, describes how to extract the native rootkit driver code without the use of kernel debuggers or other ring0 tools. The second part basically does the same, but much faster and with lesser efforts using the SoftICE kernel debugger. Each part shows various possibilities for solving the different problems facing the researcher when analyzing Rustock. All the code and IDB files are included in the package!
Download:   An Analysis of the Rustock.B Rootkit

 

Sponsor Links
Sponsor Links

Share/Bookmark
Copyright ©2009 Hacker Tools all rights reserved