[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139:00514] Re: LKM rootkit $B$N8!CN(B$BJ}K!(B

To: port139@xxxxxxxxxxxxx
Subject: [port139:00514] Re: LKM rootkit $B$N8!CN(B$BJ}K!(B
From: nekurai@xxxxx
Date: Mon, 13 Aug 2001 02:17:28 GMT

$B$I$b!":,0E0f$G$9(B ^^)
(B
(BFrom: Hideaki Ihara
(BDate: 2001/08/13$B!!(B10:17:51
(BSubject: [port139:00511] Re: LKM rootkit $B$N8!CNJ}K!(B
(B
(B>$B0lHLE*$K!)$h$/!I%U%C%/$9$k!I$H$$$&8@$$J}$,$5$l$k$H;W$$$^$9$,!"$3$l$O(B
(B>$BFbItE*$J=hM}$H$7$F$O$I$&F0$$$F$$$k$N$G$7$g$&$+!)(B
(B
$B0lHLE*$K$O!V0z$C3]$1$k;v$,=PMh$k>l=j!W$r!V0z$C3]$1$k!W$H$$$&(B
$BF0:n$@$H;W$$$^$9!#(B ($B$=$N$^$^$d$s!&!&!&!c26(B)
(B
(B* $B0z$C3]$1$k$3$H$,=PMh$k>l=j(B
(B  * $B%=%U%H%&%(%"3d$j9~$_$r;H$&%?%$%W(B
(B      $B2?$b9M$($:$K3d$j9~$_(B address $B$r0z$C3]$1$k(B
(B        MS-DOS  ... int 21h
(B        linux   ... int 80h
(B        FreeBSD ... int 80h
(B        Be      ... int 25h <- $B$&$m$*$\$((B ^^;
(B      $B$3$l$r$&$^$/;H$C$FJL$N(B OS $B$N%P%$%J%j$rF0$+$9$b$N$H$7$F(B
(B      BOW (Bsd On Windows) $B$H$+(B LINE (Line Is Not an Emulator)
(B      $B$_$?$$$N$,$"$k(B($B$"$C$?(B?)$B!#(B($B%H%i%C%W$9$l$P8e$O<+M3$@$7(B)
(B  * dll $B$K@)8f$r0\$9%?%$%W(B
(B     $B%*%s%a%b%j$G(B DLL $B$NF~$j8}$r=q$-49$($?$j!"(BDLL $B<+BN$r:9$7BX$($?$j!#(B
(B     $B%G%P%C%,!<$G(B load $B;~E@$G%(%s%H%j!<$r:9$7BX$($k$N$b$"$C$?$h$&$J!#(B
(B        Windows95 $B7O(B ... $BHf3SE*$d$j$d$9$+$C$?$h$&$J(B($BBg@N$N5-21(B)$B!#(B
(B                         Win/V $B$NK\$K:Y$+$/J}K!$,=q$$$F$"$C$?5$$b!#(B
(B        WindowsNT $B7O(B ... $B%A%HLLE]$@$1$I!"(Bregmon $B$N$h$&$K$7$C$+$j(B
(B                         $B$d$C$F$$$kNc$b$"$k!#(B
(B
$B86M}E*$K$O$J$s$+$N%U%i%0$rN)$F$F$=$l$r4F;k$H$$$&$N$b2DG=$@$1$I!"(B
$BIaDL$OC1$K%8%c%s%W%F!<%V%k$H$+$rCV$-49$($k$N$,4pK\$G$O$J$$$+$H!#(B
(B
(B                                        $B#B#y(B  $B:,0E0f(B
(B------- $B:,0E0f(B == $B]/0f(B -------- (E-mail : nekurai@xxxxx) -------
$B$A$J$_$K(B SDK $B$N@$3&$N(B hook $B$O0lHLE*$K(B message $B$KBP$9$k(B hook $B$G$9(B
(B----------------------------------------------------------------

Follow-Ups:
- [port139:00515] Re: LKM rootkit $B$N8!CNJ}K!(B
  - From: Hideaki Ihara

References:
- [port139:00510] LKM rootkit $B$N8!CNJ}K!(B
  - From: Hideaki Ihara
- [port139:00511] Re: LKM rootkit $B$N8!CNJ}K!(B
  - From: Hideaki Ihara

Prev by Date: [port139:00513] Re: LKM rootkit $B$N8!CNJ}K!(B
Next by Date: [port139:00515] Re: LKM rootkit $B$N8!CNJ}K!(B
Previous by thread: [port139:00519] Re: LKM rootkit $B$N8!CN(B$BJ}K!(B
Next by thread: [port139:00515] Re: LKM rootkit $B$N8!CNJ}K!(B
Index(es):
- Date
- Thread

[port139:00514] Re: LKM rootkit $B$N8!CN(B$BJ}K!(B

[port139:00514] Re: LKM rootkit $B$N8!CN(B$BJ}K!(B