Rovnix bootkit感染的是VBR引导代码。本人吸取了Gapz bootkit的技术简单的改装了下,只感染VBR4个字节就可以实现启动!
http://www.welivesecurity.com/2012/07/13/rovnix-bootkit-framework-updated/
http://www.welivesecurity.com/2012/12/27/win32gapz-new-bootkit-technique/
2021-11-10 16:24:41
1.1MB
1