Professional.Rootkits.Subverting.the.Windows.Kernel [Electronic resources]

Greg. Hoglund

نسخه متنی -صفحه : 111/ 25
نمايش فراداده

Important Kernel Components

In order to understand how rootkits can be used to subvert an OS kernel, it helps to know which functions the kernel handles. Chapter 3, The Hardware Connection.) This is possible because the two processes are mapped differently. Exploiting the way this works in the kernel can be very useful for hiding data from debuggers or active forensics software.

Now that we have an idea of the functions of the kernel, we will discuss how a rootkit might be designed to modify the kernel.