文件名称:CCRootkit-V0.1
- 所属分类:
- 驱动编程
- 资源属性:
- [Windows] [Visual C] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 503kb
- 下载次数:
- 0次
- 提 供 者:
- 按**
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
一般网上找到的都是需要Ring3传输需要补丁的地址过去...
002就是直接用最标准的方法进行SSDT定位以及修复的
支持多核系统,当然还有003(加入shadow ssdt hook),004(加入inline hook)
基本上是现在最稳定的恢复方式了,大家可以用KMDLoader测试.加载就脱钩.不需要通讯
-Generally find on the Internet are required Ring3 address transmission needs a patch in the past ... 002 is the direct use of most standard approach to SSDT locate and repair support for multi-core systems, of course, 003 (add shadow ssdt hook), 004 (adding inline hook) is basically the recovery is now the most stable way, and we can use KMDLoader test. loaded on decoupling. does not require communication
002就是直接用最标准的方法进行SSDT定位以及修复的
支持多核系统,当然还有003(加入shadow ssdt hook),004(加入inline hook)
基本上是现在最稳定的恢复方式了,大家可以用KMDLoader测试.加载就脱钩.不需要通讯
-Generally find on the Internet are required Ring3 address transmission needs a patch in the past ... 002 is the direct use of most standard approach to SSDT locate and repair support for multi-core systems, of course, 003 (add shadow ssdt hook), 004 (adding inline hook) is basically the recovery is now the most stable way, and we can use KMDLoader test. loaded on decoupling. does not require communication
相关搜索: ccrootkit
ccrootkit
rar
CCRootkit
ssdt
ssdt
hook
SSDT
Shadow
CCRootk
Shadow
SSDT
hook
SSDT
HOOK
ccrootkit
rar
CCRootkit
ssdt
ssdt
hook
SSDT
Shadow
CCRootk
Shadow
SSDT
hook
SSDT
HOOK
(系统自动生成,下载前可以参看下载内容)
下载文件列表
CCRootkit\RootkitSys\KillProcess.c
.........\..........\KillProcess.h
.........\..........\HideRegKey.h
.........\..........\NotifyRoutine.h
.........\..........\SysThread.h
.........\..........\HideRegKey.c
.........\..........\NotifyRoutine.c
.........\..........\HideDriver.c
.........\..........\buildchk_wxp_x86.log
.........\..........\MAKEFILE
.........\..........\HookSysCall.h
.........\..........\objchk_wxp_x86\_objects.mac
.........\..........\..............\i386\SysThread.sys
.........\..........\..............\....\SysThread.pdb
.........\..........\..............\....\rootkit.obj
.........\..........\..............\....\hookshadowssdt.obj
.........\..........\..............\....\restoressdt.obj
.........\..........\..............\....\hookssdt.obj
.........\..........\..............\....\irpfile.obj
.........\..........\..............\....\hooksyscall.obj
.........\..........\..............\....\loadimagenotify.obj
.........\..........\..............\....\hidedriver.obj
.........\..........\..............\....\killprocess.obj
.........\..........\..............\....\systhread.obj
.........\..........\..............\....\hideregkey.obj
.........\..........\..............\....\notifyroutine.obj
.........\..........\..............\....\ccrootkit.obj
.........\..........\..............\....\rootkitdriver.obj
.........\..........\..............\....\dkomhidedriver.obj
.........\..........\HideDriver.h
.........\..........\SOURCES
.........\..........\SysThread.c
.........\..........\buildfre_wxp_x86.log
.........\..........\objfre_wxp_x86\i386\loadimagenotify.obj
.........\..........\..............\....\irpfile.obj
.........\..........\..............\....\killprocess.obj
.........\..........\..............\....\hooksyscall.obj
.........\..........\..............\....\systhread.obj
.........\..........\..............\....\hideregkey.obj
.........\..........\..............\....\notifyroutine.obj
.........\..........\..............\....\rootkitdriver.obj
.........\..........\..............\_objects.mac
.........\..........\IrpFile.h
.........\..........\CCRootkit.h
.........\..........\IrpFile.c
.........\..........\HookShadowSSDT.c
.........\..........\HookShadowSSDT.h
.........\..........\HookSSDT.h
.........\..........\HookSSDT.c
.........\..........\RestoreSSDT.h
.........\..........\RestoreSSDT.c
.........\..........\CCRootkit.c
.........\.......Dll\RootkitDll.plg
.........\..........\RootkitDll.dsp
.........\..........\RootkitDll.cpp
.........\.......Loader\Rootkit.dll
.........\.............\ReleaseFile.cpp
.........\.............\ReSSDT.cpp
.........\.............\RootkitLoader.ncb
.........\.............\ReSSDT.h
.........\.............\FindWindow.h
.........\.............\LoadDriver.h
.........\.............\ReleaseFile.h
.........\.............\RemoteInject.h
.........\.............\RootkitLoader.plg
.........\.............\FindWindow.cpp
.........\.............\FindProcess.h
.........\.............\RootkitLoader.dsp
.........\.............\Rootkit.rc
.........\.............\RemoteInject.cpp
.........\.............\RootkitLoader.dsw
.........\.............\FindProcess.cpp
.........\.............\RootkitLoader.cpp
.........\.............\LoadDriver.cpp
.........\.............\Rootkit.sys
.........\.............\RootkitLoader.opt
.........\Rootkit.ncb
.........\Rootkit.dsw
.........\i386\Rootkit.pdb
.........\....\Rootkit.sys
.........\buildchk_wxp_x86.log
.........\CCROOTKIT-README.txt
.........\Rootkit.bbs
.........\BIN\RootkitLoader.exe
.........\Rootkit.opt
.........\.......Sys\objchk_wxp_x86\i386
.........\..........\...fre_wxp_x86\i386
.........\..........\objchk_wxp_x86
.........\..........\objfre_wxp_x86
.........\.......Dll\Release
.........\.......Loader\Release
.........\RootkitSys
.........\RootkitDll
.........\RootkitLoader
.........\i386
.........\BIN
.........\Release
CCRootkit
.........\..........\KillProcess.h
.........\..........\HideRegKey.h
.........\..........\NotifyRoutine.h
.........\..........\SysThread.h
.........\..........\HideRegKey.c
.........\..........\NotifyRoutine.c
.........\..........\HideDriver.c
.........\..........\buildchk_wxp_x86.log
.........\..........\MAKEFILE
.........\..........\HookSysCall.h
.........\..........\objchk_wxp_x86\_objects.mac
.........\..........\..............\i386\SysThread.sys
.........\..........\..............\....\SysThread.pdb
.........\..........\..............\....\rootkit.obj
.........\..........\..............\....\hookshadowssdt.obj
.........\..........\..............\....\restoressdt.obj
.........\..........\..............\....\hookssdt.obj
.........\..........\..............\....\irpfile.obj
.........\..........\..............\....\hooksyscall.obj
.........\..........\..............\....\loadimagenotify.obj
.........\..........\..............\....\hidedriver.obj
.........\..........\..............\....\killprocess.obj
.........\..........\..............\....\systhread.obj
.........\..........\..............\....\hideregkey.obj
.........\..........\..............\....\notifyroutine.obj
.........\..........\..............\....\ccrootkit.obj
.........\..........\..............\....\rootkitdriver.obj
.........\..........\..............\....\dkomhidedriver.obj
.........\..........\HideDriver.h
.........\..........\SOURCES
.........\..........\SysThread.c
.........\..........\buildfre_wxp_x86.log
.........\..........\objfre_wxp_x86\i386\loadimagenotify.obj
.........\..........\..............\....\irpfile.obj
.........\..........\..............\....\killprocess.obj
.........\..........\..............\....\hooksyscall.obj
.........\..........\..............\....\systhread.obj
.........\..........\..............\....\hideregkey.obj
.........\..........\..............\....\notifyroutine.obj
.........\..........\..............\....\rootkitdriver.obj
.........\..........\..............\_objects.mac
.........\..........\IrpFile.h
.........\..........\CCRootkit.h
.........\..........\IrpFile.c
.........\..........\HookShadowSSDT.c
.........\..........\HookShadowSSDT.h
.........\..........\HookSSDT.h
.........\..........\HookSSDT.c
.........\..........\RestoreSSDT.h
.........\..........\RestoreSSDT.c
.........\..........\CCRootkit.c
.........\.......Dll\RootkitDll.plg
.........\..........\RootkitDll.dsp
.........\..........\RootkitDll.cpp
.........\.......Loader\Rootkit.dll
.........\.............\ReleaseFile.cpp
.........\.............\ReSSDT.cpp
.........\.............\RootkitLoader.ncb
.........\.............\ReSSDT.h
.........\.............\FindWindow.h
.........\.............\LoadDriver.h
.........\.............\ReleaseFile.h
.........\.............\RemoteInject.h
.........\.............\RootkitLoader.plg
.........\.............\FindWindow.cpp
.........\.............\FindProcess.h
.........\.............\RootkitLoader.dsp
.........\.............\Rootkit.rc
.........\.............\RemoteInject.cpp
.........\.............\RootkitLoader.dsw
.........\.............\FindProcess.cpp
.........\.............\RootkitLoader.cpp
.........\.............\LoadDriver.cpp
.........\.............\Rootkit.sys
.........\.............\RootkitLoader.opt
.........\Rootkit.ncb
.........\Rootkit.dsw
.........\i386\Rootkit.pdb
.........\....\Rootkit.sys
.........\buildchk_wxp_x86.log
.........\CCROOTKIT-README.txt
.........\Rootkit.bbs
.........\BIN\RootkitLoader.exe
.........\Rootkit.opt
.........\.......Sys\objchk_wxp_x86\i386
.........\..........\...fre_wxp_x86\i386
.........\..........\objchk_wxp_x86
.........\..........\objfre_wxp_x86
.........\.......Dll\Release
.........\.......Loader\Release
.........\RootkitSys
.........\RootkitDll
.........\RootkitLoader
.........\i386
.........\BIN
.........\Release
CCRootkit