T


tagging, tracked files with ADS, 277

tamper detection, rootkit controller, 257258

TargetController, function, 268270

TargetController.cs file

code, 269–270

functions list, 268–269

rootkit remote controller implementation, 268–270

TargetController.mf, file, 268270

targetListView_SelectedIndexChanged, function, 260262

TCP/IP connection, verifying compliance with a, 258

TCP, UDP, and RAW IP port activity detection, IceSword, 313

TCPView, freeware, 305

TDI (Transport Driver Interface)

demonstrating the, 133–135

overview, 119–120

TDICompletionRoutine, function, 122130

techniques

for installing Mozilla Firefox, 249–251

rootkit prevention, 298–299

testing

concealment, 211–212

file-hiding, 212

I/O control, 114–117

installation, 254

the Lotus Notes client extension, 242

the Outlook client extension, 231–232

registry key, 212

a rootkit, 26

threading, functions list, 170

Timer operations

Rtl routine, 41

Zw routine, 41

TimerDPC, function, 122130

Tiny Personal Firewall, overview, 294

Token operations, Zw routine, 41

tools

Debugging, 2, 7

required for building a rootkit, 1–3

summary, 8

trace operations, functional groups for hooking, 40

trampoline, function, 4849

trampoline

hooking detection, 277

overview, 42

process diagrammed, 49

process and ZwMapViewOfSection, 49

transferData, function, 7896

transferDataPrefix, function, 7896

transferInstruction, function, 78, 7896

transferOp0F, function, 7896

transferOp66, function, 7896

transferOp67, function, 7896

transferOpF6, function, 7896

transferOpF7, function, 7896

transferOpFF, function, 7896

Transport Driver Interface (TDI)

demonstrating the, 133–135

overview, 119–120




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net