elva

FU

project:

FU
short description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.

long description:

The FU rootkit can hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!). (Look, Mom, no hands!) It does all this by Direct Kernel Object Manipulation (TM); no hooking! This project has been evolving other time. It was originally conceived as a proof-of-concept. FU is a play on words from the UNIX program "su" used to elevate privilege.

project leader:

fuzen_op

homepage:

changelog:

https://www.rootkit.com/vault/fuzen_op/FU_README.txt

download:

https://www.rootkit.com/vault/fuzen_op/FU_Rootkit.zip


or
http://www.cppblog.com/Files/elva/FU_Rootkit.rar

posted on 2007-05-24 14:10 叶子 阅读(319) 评论(0)  编辑 收藏 引用 所属分类: rootkit


只有注册用户登录后才能发表评论。
网站导航: 博客园   IT新闻   BlogJava   博问   Chat2DB   管理