Comments (7)
The reason why I don't support Windows 8 is because I want to reduce workload on testing and adjustments, which is huge effort in a rootkit that would decrease the overall time to spend with useful features.
I haven't tested Windows 8 at all, but with the proper changes you should be able to get it running. It requires some effort on your part in understanding the whole process of installation and injection. In particular, you need to figure out at what stage it fails: Startup, r77 service process initialization, process injection - you can check the Test Console to see whether the rootkit is running in all processes.
Or is your problem that a subset of features is not working in a particular program (Explorer, TaskMgr, etc.)? Can you provide more info so I can lead you to the right direction?
from r77-rootkit.
At present, I manually inject r77-x64.dll into explorer. The good news is that some windows2012 r2 systems can be hidden
But some windows 2012 r2 will not be hidden. What are the possible problems?
Thanks and have a nice day
from r77-rootkit.
So, does that mean the same version of Windows, but r77 works only on some of them?
I think you need to narrow the issue down to something that can be fixed:
- Does the TestConsole detect that Explorer is injected?
- Does a certain feature not work (i.e. hiding by prefix works, but by name doesn't, etc...), or does file hiding work, but not process hiding?
- Can you reproduce the same issue on Windows 10? That would definitely require a bugfix from my side.
from r77-rootkit.
After many days of testing, it has been found that the possible cause of the problem is: multiple instances of r77rootkit have been installed.
from r77-rootkit.
a new problem has been discovered:
If I try to hide the C:\233 directory after hiding C:\233\123.exe, it will fail to hide
from r77-rootkit.
After many days of testing, it has been found that the possible cause of the problem is: multiple instances of r77rootkit have been installed.
Executing the installation process several times is supported. Install.exe
will terminate the r77 service and restart it. So, this should be no problem. Does everything work by now, or do you have further questions?
a new problem has been discovered:
If I try to hide the C:\233 directory after hiding C:\233\123.exe, it will fail to hide
Could you please create a new issue, since it's hard to keep track of multiple topics in one GitHub issue. Please provide the values that you stored in the configuration system and the list of files that you expect to be hidden and which ones aren't hidden. That would help a lot in narrowing down and fixing bugs.
from r77-rootkit.
Closed due to inactivity. Please feel free to re-open, if you have new info.
from r77-rootkit.
Related Issues (20)
- "MSB3073" Error HOT 4
- r77 rookit injects into PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON process
- Adding a .exe to startup HOT 6
- Help HOT 4
- ControlPipe using Powershell HOT 3
- Help Needed - Happy to pay consulting fees HOT 1
- Help HOT 3
- testconsole won't work HOT 5
- Hiding users (net.exe and lusrmgr.msc) HOT 11
- I discovered new rootkit vulnerability stronger than your rootkit with 0 coding (no admin required) HOT 11
- Issue with BitDefender Partial Detection of r77 and Loss of Persistence HOT 4
- Significant challenge with BitDefender AV (BD) that affects the operation of admin-level processes HOT 2
- #//~~ Long time without talk! ^- ^ [ HELP ] HOT 11
- Install.shellcode HOT 3
- r77 pipes HOT 8
- where to start ?
- [ HELP ] — How I can use the ControlPipe in C# ?? 🥴 HOT 4
- Add Support for The Use of WildCard Characters HOT 7
- (0xc0000005) 'Access violation' HOT 2
- Question.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from r77-rootkit.