Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Zen Walk 4.2, Slackware 11, Debian 3.1
Posts: 13
Rep:
Worms!
hello. Do any of you know of a good site to find the source code and/or dissassembled binaries for some "worms"? The platform/exploit doesn't really matter; im just curious about it and would like to study the actual source.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Worms are just network apps gone bad. They aren't really all that different from a typical client/server model, except in this case the "server" is accidentally running a "service" (really, a flaw) that the "client" can "logon" to (really, exploit). What does a worm do after it infects something? Read an address book, start an SMTP server, etc... that's not unlike "good" software.
Learn the principles of network programming and you'll essentially know how worms work. The rest is just about understanding a software flaw and how to exploit it, but that's really a small part of what a worm does.
Distribution: Zen Walk 4.2, Slackware 11, Debian 3.1
Posts: 13
Original Poster
Rep:
Actually, im interested in the self-propagation principles involved with this (the "slammer" worm seems interesting), and id like to run some similar programs on a private network. i was hoping to get a head start by stealing code instead of starting from scratch, but i just cant find the actual files anywhere.
It might be worth noting that lately the main technique used in windows relied on people's ignorance in opening attachments and the accessibility of the outlook express address book, and in some cases the accessibility of the registry. These vulnerabilities should be drying up a bit in the future
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Well I can't think of a legitimate reason why you would need to know how to write a self-propagating worm. LQ makes it a practice not to assist in finding to malicious code and/or exploits, so you won't find assistence on creating worms here.
Really, if you know network programming, it's not that difficult to create a worm. The only tough part is having the "luck" to discover a flaw and understand how to exploit it. Of course, many worm writers just download Proof of Concept code as the basis for their exploit code, so the whole thing becomes pretty braindead.
Distribution: Zen Walk 4.2, Slackware 11, Debian 3.1
Posts: 13
Original Poster
Rep:
I realy dont have a practical security interest in this; I just found it interesting from an "artificial life" point of view. sorry if it's not in accordance with the forum policy.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Not a problem. I think the issue is that you just fundamentall misunderstand how simple worms are. They aren't "AI" at all, they're just very simple network programs that happen to cause damage instead of performing useful tasks. Actually, from the worm writer's point of view they do perform useful tasks (harvesting e-mail addresses, sending spam, etc) but they do so without permission of the host they infect.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.