文件名称:Rootkit-V0.1
- 所属分类:
- 钩子与API截获
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 481kb
- 下载次数:
- 0次
- 提 供 者:
- aos****
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
某ROOTKIT 的源码,运用了各种SSDT HOOK以及INLINE HOOK,可躲过大部分工具检测-A ROOTKIT source, using the SSDT HOOK HOOK INLINE, can escape most of the tools to detect
(系统自动生成,下载前可以参看下载内容)
下载文件列表
Rootkit-V0.1\CCRootkit\BIN\RootkitLoader.exe
............\.........\buildchk_wxp_x86.log
............\.........\CCROOTKIT-README.txt
............\.........\i386\Rootkit.pdb
............\.........\....\Rootkit.sys
............\.........\Rootkit.bbs
............\.........\Rootkit.dsw
............\.........\Rootkit.ncb
............\.........\Rootkit.opt
............\.........\.......Dll\RootkitDll.cpp
............\.........\..........\RootkitDll.dsp
............\.........\..........\RootkitDll.plg
............\.........\.......Loader\FindProcess.cpp
............\.........\.............\FindProcess.h
............\.........\.............\FindWindow.cpp
............\.........\.............\FindWindow.h
............\.........\.............\LoadDriver.cpp
............\.........\.............\LoadDriver.h
............\.........\.............\ReleaseFile.cpp
............\.........\.............\ReleaseFile.h
............\.........\.............\RemoteInject.cpp
............\.........\.............\RemoteInject.h
............\.........\.............\ReSSDT.cpp
............\.........\.............\ReSSDT.h
............\.........\.............\Rootkit.dll
............\.........\.............\Rootkit.rc
............\.........\.............\Rootkit.sys
............\.........\.............\RootkitLoader.cpp
............\.........\.............\RootkitLoader.dsp
............\.........\.............\RootkitLoader.dsw
............\.........\.............\RootkitLoader.ncb
............\.........\.............\RootkitLoader.opt
............\.........\.............\RootkitLoader.plg
............\.........\.......Sys\buildchk_wxp_x86.log
............\.........\..........\buildfre_wxp_x86.log
............\.........\..........\CCRootkit.c
............\.........\..........\CCRootkit.h
............\.........\..........\HideDriver.c
............\.........\..........\HideDriver.h
............\.........\..........\HideRegKey.c
............\.........\..........\HideRegKey.h
............\.........\..........\HookShadowSSDT.c
............\.........\..........\HookShadowSSDT.h
............\.........\..........\HookSSDT.c
............\.........\..........\HookSSDT.h
............\.........\..........\HookSysCall.h
............\.........\..........\IrpFile.c
............\.........\..........\IrpFile.h
............\.........\..........\KillProcess.c
............\.........\..........\KillProcess.h
............\.........\..........\MAKEFILE
............\.........\..........\NotifyRoutine.c
............\.........\..........\NotifyRoutine.h
............\.........\..........\objchk_wxp_x86\i386\ccrootkit.obj
............\.........\..........\..............\....\dkomhidedriver.obj
............\.........\..........\..............\....\hidedriver.obj
............\.........\..........\..............\....\hideregkey.obj
............\.........\..........\..............\....\hookshadowssdt.obj
............\.........\..........\..............\....\hookssdt.obj
............\.........\..........\..............\....\hooksyscall.obj
............\.........\..........\..............\....\irpfile.obj
............\.........\..........\..............\....\killprocess.obj
............\.........\..........\..............\....\loadimagenotify.obj
............\.........\..........\..............\....\notifyroutine.obj
............\.........\..........\..............\....\restoressdt.obj
............\.........\..........\..............\....\rootkit.obj
............\.........\..........\..............\....\rootkitdriver.obj
............\.........\..........\..............\....\systhread.obj
............\.........\..........\..............\....\SysThread.pdb
............\.........\..........\..............\....\SysThread.sys
............\.........\..........\..............\_objects.mac
............\.........\..........\...fre_wxp_x86\i386\hideregkey.obj
............\.........\..........\..............\....\hooksyscall.obj
............\.........\..........\..............\....\irpfile.obj
............\.........\..........\..............\....\killprocess.obj
............\.........\........
............\.........\buildchk_wxp_x86.log
............\.........\CCROOTKIT-README.txt
............\.........\i386\Rootkit.pdb
............\.........\....\Rootkit.sys
............\.........\Rootkit.bbs
............\.........\Rootkit.dsw
............\.........\Rootkit.ncb
............\.........\Rootkit.opt
............\.........\.......Dll\RootkitDll.cpp
............\.........\..........\RootkitDll.dsp
............\.........\..........\RootkitDll.plg
............\.........\.......Loader\FindProcess.cpp
............\.........\.............\FindProcess.h
............\.........\.............\FindWindow.cpp
............\.........\.............\FindWindow.h
............\.........\.............\LoadDriver.cpp
............\.........\.............\LoadDriver.h
............\.........\.............\ReleaseFile.cpp
............\.........\.............\ReleaseFile.h
............\.........\.............\RemoteInject.cpp
............\.........\.............\RemoteInject.h
............\.........\.............\ReSSDT.cpp
............\.........\.............\ReSSDT.h
............\.........\.............\Rootkit.dll
............\.........\.............\Rootkit.rc
............\.........\.............\Rootkit.sys
............\.........\.............\RootkitLoader.cpp
............\.........\.............\RootkitLoader.dsp
............\.........\.............\RootkitLoader.dsw
............\.........\.............\RootkitLoader.ncb
............\.........\.............\RootkitLoader.opt
............\.........\.............\RootkitLoader.plg
............\.........\.......Sys\buildchk_wxp_x86.log
............\.........\..........\buildfre_wxp_x86.log
............\.........\..........\CCRootkit.c
............\.........\..........\CCRootkit.h
............\.........\..........\HideDriver.c
............\.........\..........\HideDriver.h
............\.........\..........\HideRegKey.c
............\.........\..........\HideRegKey.h
............\.........\..........\HookShadowSSDT.c
............\.........\..........\HookShadowSSDT.h
............\.........\..........\HookSSDT.c
............\.........\..........\HookSSDT.h
............\.........\..........\HookSysCall.h
............\.........\..........\IrpFile.c
............\.........\..........\IrpFile.h
............\.........\..........\KillProcess.c
............\.........\..........\KillProcess.h
............\.........\..........\MAKEFILE
............\.........\..........\NotifyRoutine.c
............\.........\..........\NotifyRoutine.h
............\.........\..........\objchk_wxp_x86\i386\ccrootkit.obj
............\.........\..........\..............\....\dkomhidedriver.obj
............\.........\..........\..............\....\hidedriver.obj
............\.........\..........\..............\....\hideregkey.obj
............\.........\..........\..............\....\hookshadowssdt.obj
............\.........\..........\..............\....\hookssdt.obj
............\.........\..........\..............\....\hooksyscall.obj
............\.........\..........\..............\....\irpfile.obj
............\.........\..........\..............\....\killprocess.obj
............\.........\..........\..............\....\loadimagenotify.obj
............\.........\..........\..............\....\notifyroutine.obj
............\.........\..........\..............\....\restoressdt.obj
............\.........\..........\..............\....\rootkit.obj
............\.........\..........\..............\....\rootkitdriver.obj
............\.........\..........\..............\....\systhread.obj
............\.........\..........\..............\....\SysThread.pdb
............\.........\..........\..............\....\SysThread.sys
............\.........\..........\..............\_objects.mac
............\.........\..........\...fre_wxp_x86\i386\hideregkey.obj
............\.........\..........\..............\....\hooksyscall.obj
............\.........\..........\..............\....\irpfile.obj
............\.........\..........\..............\....\killprocess.obj
............\.........\........