From Collaborative RCE Knowledge Library

Jump to: navigation, search

Stuxnet's Rootkit (MRxNet) into C++

Item name: Stuxnet's Rootkit (MRxNet) into C++
Rating: 0.0 (0 votes)
Author: Amr Thabet                        
Home URL: http://www.amrthabet.co.cc
Last updated: January 28, 2011
Version (if appl.): 1.00
Direct D/L link: Locally archived copy
Description: This project is to convert mrxnet.sys into readable C++ source code very similar to the equivalent native code in mrxnet.sys sample .

Copyrights:
-----------
These Files (except mrxnet.sys) were created by Amr Thabet and coyrighted (c) by him

Files:
------
1.mrxnet.sys : The rootkit sample
2.mrxnet.idb : The IDA Pro database for Version 5.1
3.main.c : The main source code of mrxnet.sys rootkit sample (created by reversing manually of mrxnet.sys with only IDA Pro)
4.FastIo.c : The FastIoDispatch (you could ignore this part

The others are used for compiling the source code

Notes:
------
The source code is 95% similar to the real rootkit but that doesn't mean it should work exactly like mrxnet.sys as it still contain bugs and need to be fixed
Related URLs: No related URLs have been submitted for this item yet


Screenshot:
Screenshot of Stuxnet's Rootkit (MRxNet) into C++


RSS feed Feed containing all updates for this item.

You are welcome to add your own useful notes about this tool, for others to see!



If you find that any information for the item above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)


Views
Category Navigation Tree
   Tools