Rubilyn 0.0.1

Diskutiere Rubilyn 0.0.1 im Security News Forum im Bereich Security Talk; This is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination...

  1. #1 newsbot, 09.10.2012
    newsbot

    newsbot Foren Gott

    Dabei seit:
    26.11.2007
    Beiträge:
    9.920
    Zustimmungen:
    1
    This is a 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD subsystem in all OS-X Lion and below. It uses a combination of syscall hooking and DKOM to hide activity on a host. String resolution of symbols no longer works on Mountain Lion as symtab is destroyed during load, this code is portable on all Lion and below but requires re-working for hooking under Mountain Lion.

    Weiterlesen...
     
Thema:

Rubilyn 0.0.1