BOOT KIT: Custom boot sector based Windows 2000/XP/2003 Subversion

---

BOOT KIT is a project related to custom boot sector code subverting Windows NT Security Model.The sample presented currently keeps on escalating cmd.exe to system privileges every 30 secs.

It has several features:

1. It’s very small.The basic framework is just about 100 lines of assembly code.It supports 2000,XP,2003
2. It patches the kernel at runtime(no files are patched on disk).
3. BOOT KIT is PXE-compatible.
4. It can even lead to first ever PXE virus
5. It also enables you to load other root kits if you have physical access(Normally root kits can only be loaded by the administrator

The bootkit has been tested with a number of kernel mode shell codes such as Loading Native Applications and drivers from the shell code another shellcode ,which periodically raises every CMD.EXE to system privileges.

**The Source code will contain 4 levels of BOOT KITs(showcasing different payloads): **

1. Basic framework ( Kernel patching has to be done later on) ( available for download )
2. Privilege escalation framework(demonstrates creating new system threads and how to escalate privileges easily) (available for download)
3. Loading drivers and native applications from kernel mode without touching registry
4. PXE compatible code(Basic framework).

Bootkit Basic framework
Boot Kit Advance Version(support Privilege escalation)