All I need to find you, Louis, is follow the corpses of rats.
|--INTERVIEW WITH THE VAMPIRE, ANNE RICE|
Call hooks and other methods of modifying software logic are powerful for sure, but they’re old techniques, they’re well published, and they’re easily detected by anti-rootkit technology. Runtime patching offers a more-obscure way to achieve the same results. Runtime patching is not new, but in the published material relating to rootkits it typically has not been showcased.
Most material relating to code patches goes back to the days of software cracking and piracy. But applied in rootkits, runtime patching is one of the most advanced techniques possible. Armed with this technique, you should be able to build undetectable ...