Eros Rootkit is a special kind of malware with it's own custom bootloader.

Eros Rootkit is a special kind of malware with it’s own custom bootloader.

NOTICE: THIS POST JUST FOR EDUCATION PURPOSE ONLY! YOU CAN LEARN HOW TO rootkit takes control of the system.

The Eros Rootkit is a special kind of malware with it’s own custom bootloader. The rootkit takes control of the system before forking and passing control to the operating system.

General Notes:
+ When compiling on linux dd is the most useful. See the compiling section.
+ With assembly you usually have to play around with the code to get it to work ; Be patient.

1 – Compiling ( Hardware method ):
+ Compile with nasm -f raw input.asm -o output.raw
+ Check what device is your target drive with lsblk. Usually it is the last one.
+ sudo dd if=output.raw of=/dev/sdc bs=512 count=1

The third step is the most important because we want the bootloader to be located at the first block on the device. BIOS looks at these blocks to determine if a device is bootable.b Later when the stage II bootloader is finished we will compile differently ; Skipping over the first 512 bytes so that the second part is easy to load from within the first.

eros rootkit

eros rootkit

2 – Compiling ( Software method ):
+ Make sure that you have qemu installed.
+ make qemu

Usage:

Source: https://github.com/RagingGrim