main menu
vault
you must be level 2 to upload files to your vaultdownloads
you must be logged on, and level 1, to access downloadsRootkit Collection
| File | Contributer | Link |
| Hacker Def... | hf | n/a |
| HE4Hook | admin | n/a |
| BASIC CLAS... | hoglund | n/a |
| Vanquish | xshadow | n/a |
| NT Rootkit | hoglund | n/a |
| FU | fuzen_op | n/a |
| WinlogonHi... | JeFFOsZ | n/a |
| klister | joanna | n/a |
| Patchfinde... | joanna | n/a |
| MyNetwork | hoglund | n/a |
| MTDWin | hoglund | n/a |
| NTFSHider | hoglund | n/a |
| VideoCardK... | hoglund | n/a |
| VICE | fuzen_op | n/a |
| Klog | Clandestin... | n/a |
| NtIllusion | Kdm | n/a |
| AFX Rootki... | TheRealAph... | n/a |
| SInAR | vulndev | n/a |
| Shadow Wal... | Clandestin... | n/a |
| BootRootki... | dereksoede... | n/a |
| CHAZ - Nim... | neocrackr | n/a |
| Clandestin... | merlvingia... | n/a |
| FUTo | petersilbe... | n/a |
| Windows Me... | alcapone66... | n/a |
| RAIDE | petersilbe... | n/a |
| BOOT KIT | vipinkumar | n/a |
| BluePill | Joanna and... | n/a |
| DEFRAG | blume1975 | n/a |
| Keyboard H... | chpie | n/a |
| CheatEngin... | DarkByte | n/a |
www.rootkit.com : message board
| view options: unpacked threads | collapsed threads | old style view | |
 Posted by pain_abator
(Untrusted stranger) [ip info hidden] - Jul 15 2010, 02:47 (UTC+0)
| ||
| UNC PATH And NTQueryDirectoryFile | ||
| Hi I am writing a kernel rootkit for vista. It hook onto NTQUERYDirectoryFile to hide some files. It works well when the user perform a "dir" or broowse through window explorer. However, if i use a remote machine and dir through UNC Path (\\servername\c$) or Net USE, the file will be displayed. Anybody has any idea which kernel api is UNC Path directory listing using  Or how can i resolve this problem ?? | ||
|
Posted by 
Posted by