|
Dailydave
mailing list archives
Re: DR Linux 2.6 rootkit released
From: "Piotr Bania" <bania.piotr () gmail com>
Date: Fri, 5 Sep 2008 07:24:12 +0200
For sure I wasn't the first one using DRx for rootkit/backdoor coding, but
I
think my 2006 Black Hat presentation predates this Phrack article:
http://invisiblethings.org/papers/joanna%20rutkowska%20-%20subverting%20vista%20kernel.ppt
(slide #41)
:)
For sure you were not even close. PM.Wanderer or Orgasmotron virus used this
*debug registers* technique back in 1997 already.
- PM.Wanderer : http://old.antivir.ru/english/lib/wanderer.htm
- Orgasmotron (Vecna.Tron):
http://www.viruslist.com/en/viruses/encyclopedia?virusid=19117
- pb
--
--------------------------------------------------------------------
Piotr Bania - <bania.piotr () gmail com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
--------------------------------------------------------------------
- "The more I learn about men, the more I love dogs."
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
| 
Intro
