As we're nearing Rootkit Hunter release 1.3.6 there are some details left to fix. Right now I'm missing details (like ksyms and such) for three OSX rootkits. Does anyone here posess or is able to secure legitimate access to a (preferably lab-based or otherwise confined or virtualized) OSX machine they can safely compile, install and run malicious software on? If you do and want to help the Rootkit Hunter project please let me know
by sending me an email. Your help is appreciated.
Please note
this thread is not for requesting help with running RKH: please see the rkhunter-users mailing list. Improvements and suggestions are welcome here though and
sharing CVS test results is always welcome. Please either use the CVS tarball at
http://rkhunter.sourceforge.net/rkhunter-CVS.tar.gz (slightly behind CVS) or anonymous CVS: 'cvs -Q -z3 -d
server:anonymous@rkhunter.cvs.sourceforge.net:/cvsroot/rkhunter co -P rkhunter'.
TIA,
unSpawn
---