xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
添加工具Xcon English Version
 工具分类 
 工具推荐 
X-Scan-v3.3-cn.rar
x_invscoutd_aix5l_4x.pl
ex_foxmail5.0_windows.c
x_hp-ux11i_nls_ct.c

hxdef100r.zip


提交时间:2005-08-16
提交用户:esse
工具分类:后门程序
运行平台:Windows
工具大小:203121 Bytes
文件MD5 :35177058b53f71f87fb501b999830776
工具来源:http://www.hxdef.org

======================[ Hacker defender - English readme ]======================

                                  NT Rootkit
                                  ----------

Authors:        Holy_Father <holy_father@phreaker.net>
                 Ratter/29A <ratter@atlas.cz>
Version:        1.0.0 revisited
Birthday:       15.08.2005
Home:           http://www.hxdef.org, http://hxdef.net.ru,
                 http://hxdef.czweb.org, http://rootkit.host.sk
Mirror:         http://hxdef.xtremescripter.de

Betatesters:    ch0pper <THEMASKDEMON@flashmail.com>
                 aT4r <at4r@hotmail.com>
                 phj34r <phj34r@vmatrics.net>
                 unixdied <0edfd3cfd9f513ec030d3c7cbdf54819@hush.ai>
                 rebrinak
                 GuYoMe
                 ierdna <ierdna@go.ro>
                 Afakasf <undefeatable@pobox.sk>

Readme:         Czech & English by holy_father
                 French by GuYoMe



=====[ 1. Contents ]============================================================

1. Contents
2. Introduction
        2.1 Idea
        2.2 Licence
3. Usage
4. Inifile
5. Backdoor
        5.1 Redirector
6. Technical issues
        6.1 Version
        6.2 Hooked API
        6.3 Known bugs
7. Faq
8. Files



=====[ 2. Introduction ]========================================================

        Hacker defender (hxdef) is rootkit for Windows NT 4.0, Windows 2000,
Windows XP and Windows Server 2003, it may also work on latest NT based
systems. Main code is written in Delphi. New functions are written
in assembler. Driver code is written in C. Support programs are coded mostly
in Delphi.

program uses adapted LDE32
LDE32, Length-Disassembler Engine, 32-bit, (x) 1999-2000 Z0MBiE
special edition for REVERT tool
version 1.05

program uses Superfast/Supertiny Compression/Encryption library
Superfast/Supertiny Compression/Encryption library.
(c) 1998 by Jacky Qwerty/29A.


=====[ 2.1 Idea ]===============================================================

        The main idea of this program is to rewrite few memory segments in all
running processes. Rewriting of some basic modules cause changes in processes
behaviour. Rewriting must not affect the stability of the system or running
processes.
        Program must be absolutely hidden for all others. Now the user is able
to hide files, processes, system services, system drivers, registry keys and
values, open ports, cheat with free disk space. Program also masks its changes
in memory and hiddes handles of hidden processes. Program installs hidden
backdoors, register as hidden system service and installs hidden system driver.
The technology of backdoor allowed to do the implantation of redirector.


=====[ 2.2 Licence ]============================================================

        This project is open source since version 1.0.0 but there exist also
commercial versions with advanced features.

        And of course authors are not responsible for what you're doing with
Hacker defender.

>> 下载 <<
Copyright © 1998-2005 XFOCUS Team. All Rights Reserved