Skip to Main Content
Rootkits: Subverting the Windows Kernel
book

Rootkits: Subverting the Windows Kernel

by Greg Hoglund, James Butler
July 2005
Intermediate to advanced content levelIntermediate to advanced
352 pages
7h 18m
English
Addison-Wesley Professional
Content preview from Rootkits: Subverting the Windows Kernel

Chapter 5. Runtime Patching

 

All I need to find you, Louis, is follow the corpses of rats.

 
 --INTERVIEW WITH THE VAMPIRE, ANNE RICE

Call hooks and other methods of modifying software logic are powerful for sure, but they’re old techniques, they’re well published, and they’re easily detected by anti-rootkit technology. Runtime patching offers a more-obscure way to achieve the same results. Runtime patching is not new, but in the published material relating to rootkits it typically has not been showcased.

Most material relating to code patches goes back to the days of software cracking and piracy. But applied in rootkits, runtime patching is one of the most advanced techniques possible. Armed with this technique, you should be able to build undetectable ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Rootkits and Bootkits

Rootkits and Bootkits

Alex Matrosov, Eugene Rodionov, Sergey Bratus
The Antivirus Hacker's Handbook

The Antivirus Hacker's Handbook

Joxean Koret, Elias Bachaalany

Publisher Resources

ISBN: 0321294319Purchase book