2008-06-30

A Little Fun with Rundll32.exe

Note: this content originally from http://mygreenpaste.blogspot.com. If you are reading it from some other site, please take the time to visit My Green Paste, Inc. Thank you.


Was having a little fun with rundll32.exe (command-lines will probably be a little messed up due to the length - they should be entered as one complete command). I first tried the commands on XP, but they produce similar results on Vista.


C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\ntoskrnl.exe



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\hal.dll



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\chkdsk.exe



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\autochk.exe



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\smss.exe



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException C:\windows\system32\winlogon.exe



C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException c:\windows\Soap Bubbles.bmp


2008-06-22

New Tool for Detecting Rootkits

Note: this content originally from http://mygreenpaste.blogspot.com. If you are reading it from some other site, please take the time to visit My Green Paste, Inc. Thank you.

Congratulations to AD for the public release of the beta of RootRepeal, a new rootkit detector!

See the tool's site on GooglePages for more info or to download:

http://rootrepeal.googlepages.com