Rootkits

#4708 by bwfc1989
Mon Jan 24, 2011 5:40 pm

Just a quick question, looking at user mode rootkits, you have things such as DLL injection, windows hooks, remote code injection, IAT hooks and inline function patching, are these classed as user mode techniques?

any advice is much appreciated

Username

bwfc1989

Posts

Joined

Sat Jan 08, 2011 11:44 am

Re: Rootkits

#4709 by EP_X0FF
Mon Jan 24, 2011 5:45 pm

DLL injection
remote code injection
IAT hooks and inline function patching

This can be in both modes.
For example Dll injection can be done through APC.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Options
2 posts

Page 1 of 1
2 posts

Return to “Newbie Questions”

Display:

Sort by:

Jump to: