EvilZone

Community => General discussion => : parad0x August 31, 2014, 04:10:09 PM

: Rootkit and its worst attack
: parad0x August 31, 2014, 04:10:09 PM: My friend is coding a rootkit. He asked me if what I want to make his rootkit do but I have absolutely no idea on what to make it do so as to make this the worst rootkit attack. Any ideas on what I can make it do other than what most malwares do.
: Re: Rootkit and its worst attack
: proxx August 31, 2014, 04:52:18 PM: Destroy hardware ?
: Re: Rootkit and its worst attack
: Stackprotector August 31, 2014, 08:00:31 PM: "Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it :)
: Re: Rootkit and its worst attack
: Phage August 31, 2014, 08:26:26 PM: : Factionwars August 31, 2014, 08:00:31 PM
"Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it :)

I thought the same :)
: Re: Rootkit and its worst attack
: parad0x September 01, 2014, 01:02:11 PM: : Factionwars August 31, 2014, 08:00:31 PM
"Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it :)
Faction bro, he is writing the rootkit because I asked him to write one and he knows that a rootkit can do almost anything like remotely controlling the pc, recording the keystrokes and stealing bank details, and other confidential data. Even a rat can do this with sone modification but I am kinda confused to make it do something different.
That's why I asked you guys. As for my friend, he has given lectures and presented many POCs in different hacker conferences around the world.
I just want to know what would be the best thing (evil most) a rootkit can do.
: Re: Rootkit and its worst attack
: Stackprotector September 01, 2014, 01:44:49 PM: Who is your friend ? Should not be a problem to disclose his used name in conferences :D
: Re: Rootkit and its worst attack
: ande September 01, 2014, 06:35:11 PM: Jokes, conspiracy theories and other bullshit aside.

A rootkit dosent really.. Uhm, attack? A rootkit is just like any other malware but without any form of restrictions. This is because a rootkit runs in kernel mode. Which means the rootkit is not limited by the OS in any way, it can see, read, manipulate and change anything it wants. This is what makes rootkits so hard to detect and remove. You can literally tell any malware detection program that there is no file here or give it a random or another file strem as it attempts to detect the rootkit or anything else for that matter. There are no limits.

I would say as far as rootkit features go, undetectable and or covert channels for remote communications are a rather interesting topic. Hardware firmware infections are cool as well.
: Re: Rootkit and its worst attack
: chapp September 07, 2014, 11:57:56 AM: You don't want you rrootkit to be in Kernel only you want to go for the system management mode. Having nt system or root on a box is nice, but being able to execute code within the system manager is awesome.

If your friend presented at conferences why not ask some of his fellow peers there? I've talked with some really interesting people during my attendance at various conferences - lots of great ideas.