Jump to content

Search the Community

Showing results for tags 'rootkit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 2 results

  1. Salut, stie cineva cum se poate scoate suckit rootkit de pe ubuntu 11.10 ? L-am scanat cu chkroot si mi-a dat un sniffer pe placa de wifi si un rootkit. Am dat un search pe forum si scria ca e un rezultat fals pozitiv, este o problema in codul de chkrootkit dar nu cred. Ma intereseaza o distributie curata de linux. Multumesc anticipat
  2. The source code for a Linux rootkit that leverages the infected device’s graphics processor unit (GPU) for enhanced stealthiness and efficiency has been published on GitHub. Dubbed Jellyfish, the proof-of-concept malware leverages the LD_PRELOAD technique from the Jynx Linux rootkit and OpenCL, a low-level API developed by Khronos for heterogeneous computing. According to the developers of Jellyfish, who call themselves Team Jellyfish, one of the main advantages of GPU-based malware is that it’s more likely to evade detection due to the lack of malware analysis tools for such threats. Another advantage is that this type of malware can “snoop” on the CPU host memory via direct memory access (DMA). Additionally, the GPU is fast and the malicious code remains in its memory even after the device is shut down, the developers said. The experimental Jellyfish malware is currently designed to run on computers with AMD and NVIDIA graphics cards, but Intel products are also supported through the AMD APP Software Development Kit (SDK). OpenCL drivers must be installed on the system for the rootkit to work. Another PoC malware developed by Team Jellyfish is a keylogger called Demon. The developers say Demon has been built using information from a paper published in 2013 by researchers at Columbia University. The paper describes a stealthy keylogger that runs directly on a graphics processor. “We are not associated with the creators of this paper. We only PoC’d what was described in it, plus a little more,” the developers of Demon noted. While for the Jellyfish rootkit the developers use the LD_PRELOAD variable to hide malicious components, in the case of Demon they say they are using code injection. Team Jellyfish claims that their creations are designed for educational purposes, and that their goal is to “make everyone aware that GPU-based malware is real.” They noted that Jellyfish and Demon are currently only in beta version and they still have a lot of bugs. Malware that uses the GPU is not unheard of. Over the past years, researchers have spotted several threats that leverage an infected device’s GPU to mine Bitcoins. However, Jellyfish and Demon are more interesting because they use the GPU for more than just its processing power. It remains to be seen if the code published by Team Jellyfish will be used by malicious actors in their operations. source: PoC Linux Rootkit Uses GPU to Evade Detection
×
×
  • Create New...