Lair of the Internet Worm

by Dark Overlord

These days worms and viruses seem the in thing to do.

Most hackers (and crackers) have a friend who has a friend who is a "super genius" and wrote one that did amazing things, did wonders, scrambled eggs, etc...  Any programmer worth half the ram in their system can write a worm and/or virus without much difficulty.  The information provided in most magazines and newspapers on the subject is utter crap.

The decompiled source code to the "Intermet Worm" is now available from 2600 Magazine.  The code is based on an effort of reverse engineering.  This source, when compiled, will generate the same executable that the "Great" Internet Worm was made out of.  I can't say where I got this code because s/he does not wish to have their name (handle) echoing around these circles.

The personality/attack strategy of this worm was to reach as many hosts as possible rather then attempting to access higher privileges on an infected host.

Please note that all of the attacks used by the Internet Worm have been fixed on almost all systems that use the Internet.  If there is sufficient interest I may do a detailed write-up on how the attacks used by the Internet Worm worked.  There are still many more holes in UNIX to be abused.  Thus it is possible that, with a weekend's worth of work, this worm could ride again.  (But I would not do that, would I?)

If you want a copy of the source code (with comments), send $10 to 2600 Worm, P.O. Box 752, Middle Island, NY 11953.