Re: [Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
Process Guard and other similar application can do this for you. You're trying to keep some anti-cheat engine from scanning your cheats, correct? - Mark Baker wrote: >I am trying to find a rootkit to hide processes ad dll's from World of >Warcraft but can't find where to download AFX rootkit. Can you direct >me where to download the rootkit and instructions? > >Thanks! > >___ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ > > > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
"Mark Baker" wrote: > I am trying to find a rootkit to hide processes ad dll's from World of > Warcraft but can't find where to download AFX rootkit. Can you direct > me where to download the rootkit and instructions? The home page seems to be down. You can download AFX 2005 here: www.rootkit.com/vault/therealaphex/AFXRootkit2005.zip They also have a nice selection of alternatives. But why would u want to cheat at Warcraft? Must be Alliance. Cheers Colin ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
I am trying to find a rootkit to hide processes ad dll's from World of Warcraft but can't find where to download AFX rootkit. Can you direct me where to download the rootkit and instructions? Thanks! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
Hi , some samples with source code and tips at : http://www.rootkit.com/index.php and http://www.osronline.com/ for windows driver development Stephane. - Original Message - From: "fatb" <[EMAIL PROTECTED]> To: Sent: Sunday, July 10, 2005 2:08 PM Subject: [Full-disclosure] how to hide files,services and process in windows 2k/xp/2k3 box hi all guys I'm trying to write a rootkit to hide files,services and process in windows 2k/xp/2k3 box ,and it would not be detected by icesword,rkdetector and so on. Anybody could be kind enough to give me some tips or suggestions , thx alot! BTW: I heard that golden hxdef could be avoid from icesword,rkdetector and any other anti-rootkit software ,anybody knew something about the golden hxdef ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.8.11/45 - Release Date: 09/07/2005 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
Hi, for the tips... sorry but i don't know which suggestions to give you, but i advise you to study AFX rootkit, when I wrote my first rootkit this code helped me a lot because it can hide """ a) Processes b) Handles c) Modules d) Files & Folders e) Registry Keys & Values f) Services g) TCP/UDP Sockets h) Systray Icons """ There is an article that is well writen (about win32 rootkit): it's "Analysis of a win32 userland rootkit " by Kdm, it's really a good paper. Nzeka Gilbert aka khaalel PS: If you want, i own the code of hxdef but this rootkit is known by everybody so for invisibility, hwdef is not the right tool !!! but the code is great for learning how to code a win32 rootkit. On 7/10/05, fatb <[EMAIL PROTECTED]> wrote: > hi all guys > > I'm trying to write a rootkit to hide files,services and process > > in windows 2k/xp/2k3 box ,and it would not be detected by icesword,rkdetector > > and so on. > > Anybody could be kind enough to give me some tips or suggestions , thx > alot! > > > BTW: I heard that golden hxdef could be avoid from icesword,rkdetector > > and any other anti-rootkit software ,anybody knew something about the golden > hxdef ? > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] how to hide files, services and process in windows 2k/xp/2k3 box
hi all guys I'm trying to write a rootkit to hide files,services and process in windows 2k/xp/2k3 box ,and it would not be detected by icesword,rkdetector and so on. Anybody could be kind enough to give me some tips or suggestions , thx alot! BTW: I heard that golden hxdef could be avoid from icesword,rkdetector and any other anti-rootkit software ,anybody knew something about the golden hxdef ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
