Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[Source] Simple Rootkit

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
UnLmtD
Grandmaster Cheater
Reputation: 0

Joined: 13 Mar 2007
Posts: 894
Location: Canada
PostPosted: Wed Jul 11, 2007 3:49 pm    Post subject: [Source] Simple Rootkit Reply with quote
It's a simple rootkit, that hides running processes using the DKOM method.
It's my first try, so don't be hard on me Evil or Very Mad

The original ntifs.h file can be found here http://www.acc.umu.se/~bosse/ntifs.h

I had to modify mine, because I think it's interfering with ntddk.h (Commented 3 lines)

Thanks a lot to rootkit.com and codeproject.com

Also I have a question, in my case, I'm using WriteFile to communicate between the driver and the controller. But for example, fu rootkit uses DeviceIoControl. Which one should I use?

The Extension 'zip' was deactivated by an board admin, therefore this Attachment is not displayed.

_________________
Back to top
View user's profile Send private message
appalsap
Moderator
Reputation: 0

Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
PostPosted: Wed Jul 11, 2007 4:20 pm    Post subject: Reply with quote
hey is ground zero a reference to the towers? that's not nice Evil or Very Mad

e: I see a lot of errors in the code, you never close the snapshot for one
Back to top
View user's profile Send private message
UnLmtD
Grandmaster Cheater
Reputation: 0

Joined: 13 Mar 2007
Posts: 894
Location: Canada
PostPosted: Wed Jul 11, 2007 5:03 pm    Post subject: Reply with quote
appalsap wrote:
hey is ground zero a reference to the towers? that's not nice Evil or Very Mad


No it's not about the tower Razz It also means the target of a projectile or the point of a nuclear explosion. (I like nukes Embarassed )

And about the errors, I going to fix them ASAP. But can you tell me what should I use: WriteFile or go with DeviceIoControl? At the end it has the same result right?
_________________
Back to top
View user's profile Send private message
appalsap
Moderator
Reputation: 0

Joined: 27 Apr 2006
Posts: 6753
Location: Pakistan
PostPosted: Wed Jul 11, 2007 5:05 pm    Post subject: Reply with quote
DeviceIoControl
Back to top
View user's profile Send private message
compactwater
I post too much
Reputation: 8

Joined: 02 Aug 2006
Posts: 3923
PostPosted: Wed Jul 11, 2007 9:20 pm    Post subject: Reply with quote
Just pretend the process is crashed and it'll be unreadable. Laughing
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites