« previous next »
Pages: 1 [2]  All   Go Down

Author Topic: New Windows Rootkit  (Read 4755 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: New Windows Rootkit
« Reply #15 on: July 20, 2006, 09:25:18 am »
Quote from: AntiVirus on July 20, 2006, 03:02:58 am
Okay, I am a newb.. But how do you get these "hidden" files out of the hidden folder if you can't see them?

 ??? :-[
You access them differently, I think it's by putting a colon after the filename.  Something like "innocentfile.txt:virus.exe".  I explained it more in Hiding Files in NTFS, which happened to be the 22nd thread on the forum (and it's in the wrong category now! :-o!)
Logged

Offline AntiVirus

  • Legendary
  • x86
  • Hero Member
  • *****
  • Posts: 2521
  • Best
    • View Profile
Re: New Windows Rootkit
« Reply #16 on: July 20, 2006, 01:45:42 pm »
Mmk.. I'll look around and try it out a bit.  Thanks.
Logged
The once grove of splendor,
Aforetime crowned by lilac and lily,
Lay now forevermore slender;
And all winds that liven
Silhouette a lone existence;
A leafless oak grasping at eternity.

"They say that I must learn to kill before I can feel safe, but I rather kill myself then turn into their slave."
- The Rasmus

Offline Newby

  • x86
  • Hero Member
  • *****
  • Posts: 10877
  • Thrash!
    • View Profile
Re: New Windows Rootkit
« Reply #17 on: July 27, 2006, 03:40:18 pm »
There IS documentation for NTFS ADS! lol. One freakin' page. Wow.
Logged
- Newby
http://www.x86labs.org

Quote
[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 pm
Quote from: CrAz3D on June 30, 2008, 10:38:22 am
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 
Pages: 1 [2]  All   Go Up
« previous next »