fu.exe

fu.exe

プロセスを隠す等

http://www.rootkit.com/vault/fuzen_op/FU_Rootkit.zip
http://www.rootkit.com/vault/fuzen_op/FU_README.txt
http://www.rootkit.com/board_project_fused.php?did=proj12

Usage: fu
[-pl]  #number   to list the first #number of processes
[-ph]  #PID      #PIDのプロセスを隠す
[-pld] to list the named drivers in DbgView
[-phd] DRIVER_NAME to hide the named driver
[-pas] #PID      to set the AUTH_ID to SYSTEM on process #PID
[-prl] 利用可能なprivilegesを列挙する
[-prs] #PID #privilege_name to set privileges on process #PID
[-pss] #PID #account_name to add #account_name SID to process #PID token

-pas PID NT AUTHORITY\SYSTEM権限に昇格
-ph PID プロセスを隠す