Pages: [1]

Author Topic: How does a rootkit get into the MBR?  (Read 603 times)

0 Members and 1 Guest are viewing this topic.

Offline hppd

  • Knight
  • **
  • Posts: 163
  • Cookies: 7
    • View Profile
How does a rootkit get into the MBR?
« on: February 20, 2014, 06:08:31 pm »
So on one of my computers (the windows one) I have a rootkit. I don't know for sure but I think so.. I tried a lot of things nothing is able to remove it. So I was looking into rootkits and found out they can boot up before windows does by editing the MBR. But why the fuck can a virus touch this and how does it do it??

Edit: Fuck yeah! Got rid of it :P
« Last Edit: February 20, 2014, 10:15:00 pm by hppd »
Report to moderator   Logged

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: How does a rootkit get into the MBR?
« Reply #1 on: February 21, 2014, 03:53:14 pm »
Very simple yet very complex.
The MBR is nothing but a x first part of a partition, often first part of the HDD.
The bios gives the hardware control to the MBR which stages the rest of the boot.
This MBR is writeable just like like any other part of the HDD.
Thus the complex part, some malicious code can be inserted onto these sectors.
Writing a boot sector virus is some neat skill.
Report to moderator   Logged
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: How does a rootkit get into the MBR?
« Reply #2 on: February 21, 2014, 04:51:20 pm »
It takes skill to write a boot sector virus that loads before system does, not just fucks the partition table up... such stuff is really interesting :)
Report to moderator   Logged
Pages: [1]