News:

Happy New Year! Yes, the current one, not a previous one; this is a new post, we swear!

Main Menu

New Windows Rootkit

Started by iago, July 13, 2006, 12:51:40 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages 1 2 All
User actions

iago

#15
July 20, 2006, 09:25:18 AM
Quote from: AntiVirus on July 20, 2006, 03:02:58 AM
Okay, I am a newb.. But how do you get these "hidden" files out of the hidden folder if you can't see them?

??? :-[
You access them differently, I think it's by putting a colon after the filename.  Something like "innocentfile.txt:virus.exe".  I explained it more in Hiding Files in NTFS, which happened to be the 22nd thread on the forum (and it's in the wrong category now! :-o!)

AntiVirus

#16
July 20, 2006, 01:45:42 PM
Mmk.. I'll look around and try it out a bit.  Thanks.
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.

"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Newby

#17
July 27, 2006, 03:40:18 PM
There IS documentation for NTFS ADS! lol. One freakin' page. Wow.
- Newby
http://www.x86labs.org

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 PM
Quote from: CrAz3D on June 30, 2008, 10:38:22 AM
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 
Print
Go Up Pages 1 2 All
User actions