SlideShare une entreprise Scribd logo

Root kit

Hanjian Jan
Hanjian Jan

This document discusses how to build a rootkit, which is described as a super malware, polymorph, and stealth process. It recommends using assembly language as the master of security and C as a basic language. A rootkit can perform polymorphism, stealth processes, hiding access, keylogging, and install considerations. Kernel rootkits are discussed for Linux, Solaris, and Windows platforms.

Technologie
1  sur  6
Télécharger pour lire hors ligne
Rootkit ? How To Build it Hanafi Ali Jan, ST, C|EH Security Analyst #HaNJiaN
Rootkit Rootkit = Super Malware Rootkit = Super Polymorph Rootkit = Super Stealth Process Rootkit = Driver for ALL Platform
How To Build ?  • Asm = Master of “Security” • C = Semi Core & Basic Lenguage for it • C# = Controller for it
Rootkit Power  • Polimorph • Double Self • Stealth Process • Hidding Access • Keylogging • Installing Considerations • Ghost Tracker • E-mail Reporting • Filter Drivers • Users Hooks • Kernel Hooks • Control Processing
Kernel Rootkit in Platform Knark (Linux) Adore (Linux) Plasmoid’s Solaris Loadable (Solaris) Windows NT kernel-level RootKit (Windows)

Recommandé

Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Perforce
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat Security Conference
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat Security Conference
 
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCsw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCanSecWest
 
Drone Hijacking
Drone HijackingDrone Hijacking
Drone HijackingIbrahim Mosaad
 
kci-linuxcon
kci-linuxconkci-linuxcon
kci-linuxconTyler Baker
 
KVM/ARM Nested Virtualization Support and Performance - SFO17-410
KVM/ARM Nested Virtualization Support and Performance - SFO17-410KVM/ARM Nested Virtualization Support and Performance - SFO17-410
KVM/ARM Nested Virtualization Support and Performance - SFO17-410Linaro
 
Building Trojan Hardware at Home
Building Trojan Hardware at HomeBuilding Trojan Hardware at Home
Building Trojan Hardware at HomeE Hacking
 

Recommandé

Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Designing a Highly Available Environment Using Methods of Modern IT Infrastru...
Designing a Highly Available Environment Using Methods of Modern IT Infrastru...Perforce
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat Security Conference
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat Security Conference
 
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCsw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updatedCanSecWest
 
Drone Hijacking
Drone HijackingDrone Hijacking
Drone HijackingIbrahim Mosaad
 
kci-linuxcon
kci-linuxconkci-linuxcon
kci-linuxconTyler Baker
 
KVM/ARM Nested Virtualization Support and Performance - SFO17-410
KVM/ARM Nested Virtualization Support and Performance - SFO17-410KVM/ARM Nested Virtualization Support and Performance - SFO17-410
KVM/ARM Nested Virtualization Support and Performance - SFO17-410Linaro
 
Building Trojan Hardware at Home
Building Trojan Hardware at HomeBuilding Trojan Hardware at Home
Building Trojan Hardware at HomeE Hacking
 
Jersey's resume
Jersey's resumeJersey's resume
Jersey's resumeJersey99
 
China job interview tv show
China job interview tv showChina job interview tv show
China job interview tv showmadeleinefeng
 
Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]nas-psu
 
Ethical hacker
Ethical hackerEthical hacker
Ethical hackerHanjian Jan
 
Design for good
Design for goodDesign for good
Design for goodvalmccown
 
Png 492 pec final-presentation
Png 492 pec final-presentationPng 492 pec final-presentation
Png 492 pec final-presentationnas-psu
 
Smart board project
Smart board projectSmart board project
Smart board projectJackie Pickard
 
Php obfuscator
Php obfuscatorPhp obfuscator
Php obfuscatorHanjian Jan
 
General computer security
General computer securityGeneral computer security
General computer securityHanjian Jan
 
2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조Seoyeon Kim
 
PNG 491
PNG 491PNG 491
PNG 491nas-psu
 
Reverse engineering
Reverse engineeringReverse engineering
Reverse engineeringHanjian Jan
 
Naspng491
Naspng491Naspng491
Naspng491nas-psu
 
소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표Seoyeon Kim
 
Presentation1
Presentation1Presentation1
Presentation1Stephanie Piao
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Contenu connexe

En vedette

Jersey's resume
Jersey's resumeJersey's resume
Jersey's resumeJersey99
 
China job interview tv show
China job interview tv showChina job interview tv show
China job interview tv showmadeleinefeng
 
Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]nas-psu
 
Design for good
Design for goodDesign for good
Design for goodvalmccown
 
Png 492 pec final-presentation
Png 492 pec final-presentationPng 492 pec final-presentation
Png 492 pec final-presentationnas-psu
 
General computer security
General computer securityGeneral computer security
General computer securityHanjian Jan
 
2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조Seoyeon Kim
 
Reverse engineering
Reverse engineeringReverse engineering
Reverse engineeringHanjian Jan
 
Naspng491
Naspng491Naspng491
Naspng491nas-psu
 
소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표Seoyeon Kim
 

En vedette (15)

Jersey's resume
Jersey's resumeJersey's resume
Jersey's resume
 
China job interview tv show
China job interview tv showChina job interview tv show
China job interview tv show
 
Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]Png 492 pec final-presentation[1][1]
Png 492 pec final-presentation[1][1]
 
Ethical hacker
Ethical hackerEthical hacker
Ethical hacker
 
Design for good
Design for goodDesign for good
Design for good
 
Png 492 pec final-presentation
Png 492 pec final-presentationPng 492 pec final-presentation
Png 492 pec final-presentation
 
Smart board project
Smart board projectSmart board project
Smart board project
 
Php obfuscator
Php obfuscatorPhp obfuscator
Php obfuscator
 
General computer security
General computer securityGeneral computer security
General computer security
 
2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조2012 소셜미디어PR론 5조
2012 소셜미디어PR론 5조
 
PNG 491
PNG 491PNG 491
PNG 491
 
Reverse engineering
Reverse engineeringReverse engineering
Reverse engineering
 
Naspng491
Naspng491Naspng491
Naspng491
 
소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표소셜미디어Pr론 5조 이슈발표
소셜미디어Pr론 5조 이슈발표
 
Presentation1
Presentation1Presentation1
Presentation1
 

Dernier

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Dernier (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Root kit

  • 1. Rootkit ? How To Build it Hanafi Ali Jan, ST, C|EH Security Analyst #HaNJiaN
  • 2.
  • 3. Rootkit Rootkit = Super Malware Rootkit = Super Polymorph Rootkit = Super Stealth Process Rootkit = Driver for ALL Platform
  • 4. How To Build ?  • Asm = Master of “Security” • C = Semi Core & Basic Lenguage for it • C# = Controller for it
  • 5. Rootkit Power  • Polimorph • Double Self • Stealth Process • Hidding Access • Keylogging • Installing Considerations • Ghost Tracker • E-mail Reporting • Filter Drivers • Users Hooks • Kernel Hooks • Control Processing
  • 6. Kernel Rootkit in Platform Knark (Linux) Adore (Linux) Plasmoid’s Solaris Loadable (Solaris) Windows NT kernel-level RootKit (Windows)