Trang chủ > Hacker - Xâm Nhập > Hacking Windows 7 using Vbootkit 2.0

Hacking Windows 7 using Vbootkit 2.0

Tháng Mười Một 9, 2009 Để lại bình luận Go to comments

In HITBSecConf2009 Vipin Kumar (Founder nvLabs.in) demonstrated how easily Windows 7 can be attacked via boot sectors using Vbootkit 2.0.

He demonstrated
The use of Vbootkit in gaining access to a system without leaving traces.
Leveraging normal programs to escalate system privileges.
Running unsigned code in kernel.

Worst part of this kind of attack (Bootkits) is almost impossible to detect.
Good thing about this attack is that you need physical access to the machine at the start of the attack. Which minimise the risk level. Also if other have physical access to your computer, operating system cannot provide any security to your compute.

Download Vbootkit2.0

Compiling Vbootkit 2.0
======================

switch to build directory and run build.bat
This will give you an ISO image containing Vbootkit 2, which can be used to test out functionality

*A pre-build ISO already exists, so as users can directly test it out

To compile pingv client, you can use Visual Studio ( express edition works fine) and build the exe yourself.Just in case, prebuilt EXE’s are also there in the directory.

Testing Vbootkit 2.0
======================

Just boot the Windows 7 system, using the Vbootkit 2 CD and uncross your fingers ( so as you can type commands !!!)

Now, execute pingv.exe IP address command-code

The command codes are
Command Code      Action
0                 Get Signature immediate
1                 Get Signature Delayed
2                 Get Keylog data
3                 Escalate CMD.EXE privileges
4                 Reset Passwords/Set Passwords( toggles between states) ( This effect can be persistant )

Vbootkit does not try to stick to your system in any case.

All Credit to Viping Kumar @Nvlabs

For more information Check Nvlabs Homepage

Source : Techmantras

  1. Chưa có phản hồi.
  1. No trackbacks yet.

Gửi phản hồi

Mời bạn điền thông tin vào ô dưới đây hoặc kích vào một biểu tượng để đăng nhập:

WordPress.com Logo

Bạn đang bình luận bằng tài khoản WordPress.com Log Out / Thay đổi )

Twitter picture

Bạn đang bình luận bằng tài khoản Twitter Log Out / Thay đổi )

Facebook photo

Bạn đang bình luận bằng tài khoản Facebook Log Out / Thay đổi )

Google+ photo

Bạn đang bình luận bằng tài khoản Google+ Log Out / Thay đổi )

Connecting to %s

%d bloggers like this: