xkcd’s Virus Aquarium Made Real

A surprising number of projects here are in some way influenced by the webcomic xkcd, but usually not as directly as this. Comic 350, “Network” is the tale of a very odd stickman who keeps multiple VMs running an unprotected, old version of Windows. Between the VMs, they have virtually every virus and are, effectively, a computer virus aquarium.

Now it’s a real thing, and best of all, it’s open to the Internet for normal humans to view, complete with screencaps of all seven nodes updated every 30 seconds, the ability to view all processes on each node, and anyone on the Internet can upload any file to a node. All the files uploaded to the nodes are executed, so you get to see in real-time what the effects of “1TB_of_porn_this_took_a_while_to_upload.exe” are on node 3.

The idea of a virus aquarium is cool, but this actually gets much, much more interesting when the project metas itself. Every 24 hours, a virus scanner runs on each node. As of right now, all the nodes are clean making this not a virus aquarium, but a script kiddie aquarium. On at least one node, TeamViewer is running but your guess is as good as mine as to how anyone will get that working.

Edit: Thank you to the person who loaded Hackaday on one of the nodes.

honored

50 thoughts on “xkcd’s Virus Aquarium Made Real

  1. Man, I got teamviewer running on one machine, but then someone hijacked the install before I could get it running. Damnit. Also, amusingly someone uploaded a ninite installer loaded with antivirus to one machine, and another tried to install ubuntu. Oh, and it now has bonzai buddy running. So there’s that.

  2. Surely (assuming you can just upload a file to any of the nodes) you could run a .bat or macro to start teamviewer and get the ID and password from the regular screenshot?

    1. Good luck getting the ID/Password before someone else connects. I’m guessing teamviewer doesn’t like multiple connections.

  3. just had to Google teamviewer. why not upload a preconfigured vlc server or use one of the script kiddie tools to preconfigure a payload likes of sub7. one upload and its done.

    1. The VM’s are all probably behind a nat inside the baremetal system. and also probably behind a filtering firewall to stop them from being destructive on the wan.

      So you have to get a connection out from the machine through the nat

      1. According to the page, there is no firewall:

        “The nodes all run windows XP 32bit at this moment, no virus scanner*, no firewalls, no security meashures at all. They are all in a network and have internet access.”

        1. The individual machines may not have a firewall, but they all might be behind a network firewall to filter traffic to/from the inet so they dont spread more crap onto the net…

  4. Uhm, someone openen HaD on one of these machines, so they can access other hosts on the internet? This seems incredibly irresponsible…

  5. Why do I have an uncomfortable suspicion that something that If/When
    we get a true “artificial intelligence”, that something like this will be the genesis of it.

      1. I’ll have to see if my friend who owns quite a collection of videos
        (and a used video shop) has a copy of that.
        I have to admit that I’ve never really cared for the visual styling of “Japanime”
        So I’ve probably missed some stuff that I would like the story line of
        , assuming that it wraps up in a few episodes or a movie (long ones are fine though)
        I’m a bit too ADD for most series types shows, even with download & binge watching.
        Probably a bit related to my tendency to post a comment then forget to look back for replies.

  6. I wonder what the Chernobyl virus would do to the virtual Intel 440BX bios? This could be a leaky aquarium. I always called it a “sandbox” actually.

    You can run ESXi as a VM in ESXi, then the VM’s as “grandchildren” of the bare metal system. Do it twice and set the two to fight each other.

    Reminds me of the twitch pokemon thing my kid is obsessed with…

    1. And just what do you think is going to happen? The site is Rx only. Even if it weren’t, you’d have to be incredibly stupid to open anything you download from it.

    1. The website was posted here, on reddit, on 4chan… now the page says “We have huge load problems at the moment with up to 12000 con min.”

      I wonder why.

    1. I’d love to run my own self-contained version of this on our helpdesk monitors’ walls. Would look pretty awesome for our visitors and I wonder if I could make it look like XKCD’s comic on a display.

      1. Thats something we also want to do as soon as we get things sorted out, we got up to 12000 connections / 3 miljon page requests a minute today and thats a bit much for one server thats hosted at home :)
        I already have plans to check for files migrating through the network.

          1. I will second that. Lighttpd is an incredible easy to set-up and use webserver. Nginx is also awesome. Unless you use one of the many Apache modules, I would recommend just switching ASAP. – And Nginx probably have something to replace the ones you used previously (Lighttpd is a little more behind in this matter.)

  7. Kudos!

    Switching to Linux/Mac is putting all those lovely windows virus in danger of mass extinction. Systems like this might be the only way to preserve them for future generations…

  8. Heh, I saw the guy who made this post about it on 4chan a few days ago, he wanted to give it some light testing before releasing it to the masses, good times where had by all.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s