![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Trip report: Burghausen
Mar. 9th, 2012 09:37 amYesterday I've been to a customer at Burghausen.
The picture is taken from Austrian bank of Inn river. We should drive there on some weekend just to explore.
It is very weird that customer asked me to share a rootkit style hack to windows XP I developed two years ago. The tool should be somewhat similar to fasterwin I developed 6 years ago but runs in kernel mode and tampers drivers and kernel tasks not user mode tasks.
If my rootkit works right for a customer running on Windows XP, I have no idea how to port it to Win 7. I have not spent any time on investigating yet, but I had impression that in windows 7 it is not possible to replace kernel functions with my own on the flight, the kernel code is signed or something...
P.s. Thanks![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
readmaxym for advice, looks like only 64 bit systems use windows patch protection, so I should not have problems with 32 bit.
The picture is taken from Austrian bank of Inn river. We should drive there on some weekend just to explore.
It is very weird that customer asked me to share a rootkit style hack to windows XP I developed two years ago. The tool should be somewhat similar to fasterwin I developed 6 years ago but runs in kernel mode and tampers drivers and kernel tasks not user mode tasks.
If my rootkit works right for a customer running on Windows XP, I have no idea how to port it to Win 7. I have not spent any time on investigating yet, but I had impression that in windows 7 it is not possible to replace kernel functions with my own on the flight, the kernel code is signed or something...
P.s. Thanks
readmaxym for advice, looks like only 64 bit systems use windows patch protection, so I should not have problems with 32 bit.
