Author Topic: Rootkit and its worst attack (Read 799 times)

parad0x · « **on:** August 31, 2014, 04:10:09 pm »

My friend is coding a rootkit. He asked me if what I want to make his rootkit do but I have absolutely no idea on what to make it do so as to make this the worst rootkit attack. Any ideas on what I can make it do other than what most malwares do.

proxx · « **Reply #1 on:** August 31, 2014, 04:52:18 pm »

Destroy hardware ?

Stackprotector · « **Reply #2 on:** August 31, 2014, 08:00:31 pm »

"Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it

Phage · « **Reply #3 on:** August 31, 2014, 08:26:26 pm »

Quote from: Factionwars on August 31, 2014, 08:00:31 pm

"Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it

I thought the same

parad0x · « **Reply #4 on:** September 01, 2014, 01:02:11 pm »

Quote from: Factionwars on August 31, 2014, 08:00:31 pm

"Any ideas on what I can make it do "

Pretty sure your friend is not you? And i am also pretty damn sure if your friend knows how to write one he also knows what he wants to do with it

Faction bro, he is writing the rootkit because I asked him to write one and he knows that a rootkit can do almost anything like remotely controlling the pc, recording the keystrokes and stealing bank details, and other confidential data. Even a rat can do this with sone modification but I am kinda confused to make it do something different.
That's why I asked you guys. As for my friend, he has given lectures and presented many POCs in different hacker conferences around the world.
I just want to know what would be the best thing (evil most) a rootkit can do.

Stackprotector · « **Reply #5 on:** September 01, 2014, 01:44:49 pm »

Who is your friend ? Should not be a problem to disclose his used name in conferences

ande · « **Reply #6 on:** September 01, 2014, 06:35:11 pm »

Jokes, conspiracy theories and other bullshit aside.

A rootkit dosent really.. Uhm, attack? A rootkit is just like any other malware but without any form of restrictions. This is because a rootkit runs in kernel mode. Which means the rootkit is not limited by the OS in any way, it can see, read, manipulate and change anything it wants. This is what makes rootkits so hard to detect and remove. You can literally tell any malware detection program that there is no file here or give it a random or another file strem as it attempts to detect the rootkit or anything else for that matter. There are no limits.

I would say as far as rootkit features go, undetectable and or covert channels for remote communications are a rather interesting topic. Hardware firmware infections are cool as well.

chapp · « **Reply #7 on:** September 07, 2014, 11:57:56 am »

You don't want you rrootkit to be in Kernel only you want to go for the system management mode. Having nt system or root on a box is nice, but being able to execute code within the system manager is awesome.

If your friend presented at conferences why not ask some of his fellow peers there? I've talked with some really interesting people during my attendance at various conferences - lots of great ideas.

EvilZone

News:

Author Topic: Rootkit and its worst attack (Read 799 times)

parad0x

Rootkit and its worst attack

proxx

Re: Rootkit and its worst attack

Stackprotector

Re: Rootkit and its worst attack

Phage

Re: Rootkit and its worst attack

parad0x

Re: Rootkit and its worst attack

Stackprotector

Re: Rootkit and its worst attack

ande

Re: Rootkit and its worst attack

chapp

Re: Rootkit and its worst attack