Uninformed: Informative Information for the Uninformed

Vol 8» 2007.Sep


Bibliography

1
AMD. AMD64 Architecture Programmer's Manual Volume 2: System Programming. Dec, 2005.

2
Anonymous Hacker. Xbox 360 Hypervisor Privilege Escalation Vulnerability. Bugtraq. Feb, 2007. http://www.securityfocus.com/archive/1/461489

3
Blanset, David et al. Dual operating system computer.
Oct, 1985. http://www.freepatentsonline.com/4747040.html

4
Brown, Ralf. Pentium Model-Specific Registers and What They Reveal.
Oct, 1995. http://www.rcollins.org/articles/p5msr/PentiumMSRs.html

5
Butler, James and Sherri Sparks. Windows Rootkits of 2005.
Nov, 2005. http://www.securityfocus.com/infocus/1850

6
Cerrudo, Cesar. Microsoft Windows Kernel GDI Local Privilege Escalation.
Oct, 2004. http://projects.info-pull.com/mokb/MOKB-06-11-2006.html

7
CIAC. E-34: One_half Virus (MS-DOS).
Sep, 1994. http://www.ciac.org/ciac/bulletins/e-34.shtml

8
Conover, Matt. Malware Profiling and Rootkit Detection on Windows.
2005. http://xcon.xfocus.org/xcon2005/archives/2005/Xcon2005_Shok.pdf

9
Duflot, Loc. Security Issues Related to Pentium System Management Mode.
CanSecWest, 2006. http://www.cansecwest.com/slides06/csw06-duflot.ppt

10
Ellch, John et al. Exploiting 802.11 Wireless Driver Vulnerabilities on Windows.
Jan, 2007. http://www.uninformed.org/?v=6&a=2&t=sumry

11
Firew0rker, the nobodies. Kernel-mode backdoors for Windows NT.
Phrack 62. Jan, 2005. http://www.phrack.org/issues.html?issue=62&id=6#article

12
fuzen_op. SysEnterHook.
Feb, 2005. http://www.rootkit.com/vault/fuzen_op/SysEnterHook.zip

13
Garfinkel, Tal. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools.
http://www.stanford.edu/~talg/papers/traps/traps-ndss03.pdf

14
Gassoway, Paul. Discovery of kernel rootkits with memory scan.
Oct, 2005. http://www.freepatentsonline.com/20070078915.html

15
Gulbrandsen, John. System Call Optimization with the SYSENTER Instruction.
Oct, 2004. http://www.codeguru.com/Cpp/W-P/system/devicedriverdevelopment/article.php/c8223/

16
Heasman, John. Implementing and Detecting an ACPI BIOS Rootkit.
BlackHat Federal, 2006. https://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Heasman.pdf

17
Heasman, John. Implementing and Detecting a PCI Rootkit.
Nov, 2006. http://www.ngssoftware.com/research/papers/Implementing_And_Detecting_A_PCI_Rootkit.pdf

18
Hoglund, Greg. Kernel Object Hooking Rootkits (KOH Rootkits).
Jun, 2006. http://www.rootkit.com/newsread.php?newsid=501

19
Hoglund, Greg. A *REAL* NT Rootkit, patching the NT Kernel.
Phrack 55. Sep, 1999. http://phrack.org/issues.html?issue=55&id=5

20
Hoglund, Greg and James Butler. Rootkits: Subverting the Windows Kernel. 2006. Addison-Wesley.

21
Hunt, Galen and Doug Brubacher. Detours: Binary Interception of Win32 Functions. Proceedings of the 3rd USENIX Windows NT Symposium, pp. 135-143. Seattle, WA, July 1999. USENIX.

22
Intel. 2.1.2 The Intel 286 Processor (1982).
Intel 64 and IA-32 Architectures Software Developer's Manual. Denver, Colorado: Intel, 34. http://www.intel.com/products/processor/manuals/index.htm.

23
Intel. IA-32 Intel Architecture Software Developer's Manual Volume 3: System Programming Guide.
Sep, 2005.

24
Jack, Barnaby. Remote Windows Kernel Exploitation: Step into the Ring 0.
Aug, 2005. http://www.blackhat.com/presentations/bh-usa-05/BH_US_05-Jack_White_Paper.pdf

25
Kasslin, Kimmo. Kernel Malware: The Attack from Within.
2006. http://www.f-secure.com/weblog/archives/kasslin_AVAR2006_KernelMalware_paper.pdf

26
Kdm. NTIllusion: A portable Win32 userland rootkit [incomplete].
Phrack 62. Jan, 2005. http://www.phrack.org/issues.html?issue=62&id=12&mode=txt

27
M. B. Jones. Interposition agents: Transparently interposing user code at the system interface.
In Symposium on Operating System Principles, pages 80-93, 1993. http://www.scs.stanford.edu/nyu/04fa/sched/readings/interposition-agents.pdf

28
Mythrandir. Protected mode programming and O/S development.
Phrack 52. Jan, 1998. http://www.phrack.org/issues.html?issue=52&id=17#article

29
PaX team. PAGEEXEC.
Mar, 2003. http://pax.grsecurity.net/docs/pageexec.txt

30
Plaguez. Weakening the Linux Kernel.
Phrack 52. Jan, 1998. http://www.phrack.org/issues.html?issue=52&id=18#article

31
Prasad Dabak, Milind Borate, and Sandeep Phadke. Hooking Software Interrupts.
Oct, 1999. http://www.windowsitlibrary.com/Content/356/09/1.html

32
Rutkowska, Joanna. System Virginity Verifier.
http://invisiblethings.org/tools/svv/svv-2.3-src.zip

33
Rutkowska, Joanna. Rookit Hunting vs. Compromise Detection.
BlackHat Europe, 2006. http://invisiblethings.org/papers/rutkowska_bheurope2006.ppt

34
Rutkowska, Joanna. Introducing Stealth Malware Taxonomy.
Nov, 2006. http://invisiblethings.org/papers/malware-taxonomy.pdf

35
Silvio. Shared Library Call Redirection Via ELF PLT Infection.
Phrack 56. Jan, 2000. http://www.phrack.org/issues.html?issue=56&id=7#article

36
skape and Skywing. Bypassing PatchGuard on Windows x64.
Uninformed Journal. Jan, 2006. http://www.uninformed.org/?v=3&a=3&t=sumry

37
Skywing. Subverting PatchGuard version 2.
Uninformed Journal. Jan, 2007. http://www.uninformed.org/?v=6&a=1&t=sumry

38
Skywing. Anti-Virus Software Gone Wrong.
Uninformed Journal. Jun, 2006. http://www.uninformed.org/?v=4&a=4&t=sumry

39
Skywing. Programming against the x64 exception handling support.
Feb, 2007. http://www.nynaeve.net/?p=113

40
Soeder, Derek. Windows Expand-down Data Segment Local Privilege Escalation.
Apr, 2004. http://research.eeye.com/html/advisories/published/AD20040413D.html

41
Sparks, Sherri and James Butler. Raising the Bar for Windows Rootkit Detection.
Phrack 63. Jan, 2005. http://www.phrack.org/issues.html?issue=63&id=8

42
Trusted Computing Group. Trusted Computing Group: Home.
https://www.trustedcomputinggroup.org/home

43
Trusted Computing Group. TPM Specification.
https://www.trustedcomputinggroup.org/specs/TPM/

44
Welinder, Morten. modify_ldt security holes.
Mar, 1996. http://lkml.org/lkml/1996/3/6/13

45
Wikipedia. Call gate.
http://en.wikipedia.org/wiki/Call_gate