Jump to content
Aerosol

Weird-Machine Motivated Practical Page Table Shellcode & Finding Out What's Running..

By Aerosol, in Tutoriale in engleza

Recommended Posts

Aerosol Newbie

Aerosol

Posted
Posted

Defcon

Killing the Rootkit! And how to find

everything running on your system!!!

• Rootkit/APT technique for hiding processes

– Unlink kernel structures “DKOM”

• New 64bit detection technique ! DC22 exclusive -

– System/Platform independent technique

– Linux/BSD/Windows/ARM64/ADM64

• Works by analyzing physical memory & properties of

MMU Virtual Memory system

Read More: https://www.defcon.org/images/defcon-22/dc-22-presentations/Macaulay/DEFCON-22-Shane-Macaulay-Weird-Machine-Motivated-Practical-Page-Table-Shellcode-UPDATED.pdf

( nu l-am mai vazut pe forum, daca am gresit categoria rog un moderator sa il mute...

Articol de nota 10 :)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...