[dundee] Rootkit's and MicroShame i mean soft...hmmmmmmm

Arron M Finnon afinnon at googlemail.com
Sun Nov 25 11:39:58 GMT 2007


Hi Andrew,

Yeah, been playing with Metasploit for a wee bit.  It's not so much
looking at possible exploits to load a payload like a rootkit, but more
into the rootkit.  Currently my thinking is that i would use something
like Mood-NT to infect 2.6 kernel.  I'm kinda of asking if people have
had any experience with wild rootkits (apparently rootkits out in the
wild are by nature hard to come by).  In addition what sort of
countermeasures people have employed to defend themselves against such
threats.

I've been very interest in LKM (Loadable Kernel Modules) Kit's,
Virtualised Kit's, and Kernel rootkits.

Catch you all

Arron 

On Sun, 2007-11-25 at 11:21 +0000, Andrew Clayton wrote:
> On Sat, 24 Nov 2007 23:04:38 +0000, Arron M Finnon wrote:
> 
> > Hi Guys,
> > 
> > My mini project for ethical hacking (if some of you didn't know i'm a
> > second year ethical hacker, or am i a web designer? (sorry thats a
> > in-joke for some of the EH on my year that are on the list)), but lets
> > pull this back into line, i'm doing rootkits on Linux OS's.  I'm
> > especially interested in kitting a 2.6 kernel.  So just a quick shout
> > out if anyones had some experience or some insight on this if you
> > could holla back.  If it's any good i may do a presentation on it, if
> > it's not that good i'll do a flash talk on it ;-)
> 
> I take it you know about Metasploit?




More information about the dundee mailing list