一个基于MBR的bootkit，主要功能是实现NDIS的后门技术，接受固定格式的数据包而实现主机红屏。-The eEye BootRootKit NDIS backdoor is a demonstration of boot-time Windows kernel subversion technology.　The assembly source code (ebrk.asm) was written for use with MASM 6.11.　It comes in pre-packaged executable form as a floppy disk image (ebrk.img) and as a CD-ROM ISO-9660 image (ebrk.iso).



Note that the ISO is bare-bones and does not contain a file system, only a boot sector.　If you burn it to disc, it will for the most part appear to be a blank CD.



We ve also included the source for a very simple demonstration packet (demrsod2.asm), and a compiled binary file (demrsod2.bin) to be used with netcat ("nc-u").