September 07, 2005
BO2k Integrates FU rootkit
Posted by Myles Long at 08:26 PM CDT | Comments (9)
Sure, this isn't new, but it's still cool. I'm quoting hoglund who's quoting novice222 (thanks to Hardwire for the heads up on this, too...man, I'm all about name-dropping tonight):
"Back Orifice 2000, the world famous backdoor program for Windows systems, now includes a rootkit plugin based on the FU rootkit technology.
The crosspost is from bo2k.sourceforge.net (Novice222):
Monday, August 8 2005 - This will allow you to almost totally hide the bo2k server. It will hide both the bo2k process and file from windows, you just won't know its there. Its based on the FU rootkit written by fuzen_op (
www.rootkit.com) and works by dropping a small driver into the windows directory which directly manipulates the windows kernel. (Thanks to 'Chaos' for the driver help)
The plugin will also allow you to hide any other processes, files or directories that you wish either for that one remote session or permanently.
The plugin is available on the Development page:
http://bo2k.com/Development/
The tutorial has a section on Rootkit to explain the use. Any comments suggestions bugs etc should can be documented here or on the bo2k forum:
http://bo2k.sourceforge.net/forum/"
Reply With Quote