Get Stoned

Post by **DNR** » 21 Aug 2009, 11:20

http://www.stoned-vienna.com/
■Black Hat USA 2009 Presentation
Download the Stoned Bootkit Paper

■Paper
http://digitalnomad.suck-o.net/DNR/red/stoned_paper.pdf

■Open Source Framework
http://www.stoned-vienna.com/downloads/ ... mework.zip

■Infector file that was used in the Black Hat USA 2009 presentation
http://www.stoned-vienna.com/downloads/Infector.exe

yo kirk, this one is for you - works with USB sticks..

Post by **ayu** » 21 Aug 2009, 11:29

heh, I like how he presents it ^^

It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot applications and much much more.

Hmm, I wonder ....

Neighbours crappy wireless security + a customised version of this with a RAT ... (adds to ToDo list)

I need to read all this stuff later

Post by **DNR** » 21 Aug 2009, 11:37

ha sort of the 'Billie Mays" of hackerware

Post by **Lundis** » 21 Aug 2009, 12:18

sounds cool, but does it get 'pwned' if you run fixmbr? ^^

Post by **ayu** » 21 Aug 2009, 12:25

Lundis wrote:sounds cool, but does it get 'pwned' if you run fixmbr? ^^

Good question ...

Post by **DNR** » 21 Aug 2009, 12:58

The paper is a nice read 46 pgs, it explains the very nature of fixed spaces in MBR that will make it hard to hide it, and Stoned makes no attempt ti hide itself unless you call ordinary people trying to find their MBR 'security through obscurity'.

the MS technet site says:

The only time that the FDISK /MBR command is effective against a virus is if it is a boot-sector-only virus (such as the Stoned virus).

http://support.microsoft.com/kb/166454
http://support.microsoft.com/kb/69013

DNR