Full Disclosure mailing list archives

how to hide windows services and registry via drivers hook?

From: "fatb" <fatb () security zz ha cn>
Date: Thu, 14 Jul 2005 00:15:24 +0800

Hi all list member!

    Anybody know how to hide windows services and registry via drivers hook instead of api hook?

I check many windows rootkit,all of them use api hook but not drivers to hide something.

Many thx!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

how to hide windows services and registry via drivers hook? fatb (Jul 13)