illmob.org

Vbootkit 2.0

April 25th, 2009 by Dev Team in News, Privilege Escalation

Like Kon-boot we talked about in our last post VBootkit 2.0 is an updated code from 2007 that hasnt hit the internet yet , but is pretty much the same idea, modify the bootmgr and you essentially can modify the security checks on the fly to let you do anything you wanted on the system as any user without knowing the password. Read more from there authors site ::HERE::

VBootkit 2.0 is a follow-up to earlier work that Kumar and Kumar have done on vulnerabilities contained in the Windows boot process. In 2007, Kumar and Kumar demonstrated an earlier version of VBootkit for Windows Vista at the Black Hat Europe conference.

The latest version of VBootkit includes the ability to remotely control the victim’s computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user’s password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected.

Leave a reply