A surprising number of projects here are in some way influenced by the webcomic xkcd, but usually not as directly as this. Comic 350, “Network” is the tale of a very odd stickman who keeps multiple VMs running an unprotected, old version of Windows. Between the VMs, they have virtually every virus and are, effectively, a computer virus aquarium.
Now it’s a real thing, and best of all, it’s open to the Internet for normal humans to view, complete with screencaps of all seven nodes updated every 30 seconds, the ability to view all processes on each node, and anyone on the Internet can upload any file to a node. All the files uploaded to the nodes are executed, so you get to see in real-time what the effects of “1TB_of_porn_this_took_a_while_to_upload.exe” are on node 3.
The idea of a virus aquarium is cool, but this actually gets much, much more interesting when the project metas itself. Every 24 hours, a virus scanner runs on each node. As of right now, all the nodes are clean making this not a virus aquarium, but a script kiddie aquarium. On at least one node, TeamViewer is running but your guess is as good as mine as to how anyone will get that working.
Edit: Thank you to the person who loaded Hackaday on one of the nodes.
It’s just like high school all over again. Except the daily wiping.
Anyone got the spaces source code available? Or a saved I love you email?
http://c0vertl.tripod.com/dntext.htm ILOVEYOU virus
Man, I got teamviewer running on one machine, but then someone hijacked the install before I could get it running. Damnit. Also, amusingly someone uploaded a ninite installer loaded with antivirus to one machine, and another tried to install ubuntu. Oh, and it now has bonzai buddy running. So there’s that.
Surely (assuming you can just upload a file to any of the nodes) you could run a .bat or macro to start teamviewer and get the ID and password from the regular screenshot?
Good luck getting the ID/Password before someone else connects. I’m guessing teamviewer doesn’t like multiple connections.
generate one of the tv exes that automatically joins to an account
one batch file is all I probably would need :-P
just had to Google teamviewer. why not upload a preconfigured vlc server or use one of the script kiddie tools to preconfigure a payload likes of sub7. one upload and its done.
vnc?
sub7… oh the memories
Anyone has tried with the reverse shell of metasploit? ;)
The VM’s are all probably behind a nat inside the baremetal system. and also probably behind a filtering firewall to stop them from being destructive on the wan.
So you have to get a connection out from the machine through the nat
According to the page, there is no firewall:
“The nodes all run windows XP 32bit at this moment, no virus scanner*, no firewalls, no security meashures at all. They are all in a network and have internet access.”
That doesn’t mean the host machine or such doesn’t have some firewall or antivirus to keep things from getting out of the aquarium.
The individual machines may not have a firewall, but they all might be behind a network firewall to filter traffic to/from the inet so they dont spread more crap onto the net…
Lol, it would really get meta when someone breaks out of the VM.
Uhm, someone openen HaD on one of these machines, so they can access other hosts on the internet? This seems incredibly irresponsible…
Just put a up a fully patched OpenBSD box with and open FTP server and see what shows up.
Why do I have an uncomfortable suspicion that something that If/When
we get a true “artificial intelligence”, that something like this will be the genesis of it.
Do you mean like the “Love Machine” Ai from Summer Wars?
I’ll have to see if my friend who owns quite a collection of videos
(and a used video shop) has a copy of that.
I have to admit that I’ve never really cared for the visual styling of “Japanime”
So I’ve probably missed some stuff that I would like the story line of
, assuming that it wraps up in a few episodes or a movie (long ones are fine though)
I’m a bit too ADD for most series types shows, even with download & binge watching.
Probably a bit related to my tendency to post a comment then forget to look back for replies.
I wonder what the Chernobyl virus would do to the virtual Intel 440BX bios? This could be a leaky aquarium. I always called it a “sandbox” actually.
You can run ESXi as a VM in ESXi, then the VM’s as “grandchildren” of the bare metal system. Do it twice and set the two to fight each other.
Reminds me of the twitch pokemon thing my kid is obsessed with…
RIGHT! everyone click on a link that leads to a sight cultivating viruses, good luck with that!
And just what do you think is going to happen? The site is Rx only. Even if it weren’t, you’d have to be incredibly stupid to open anything you download from it.
the site and the virus nodes are tottaly indipendent
Yet.
Pretty sure I still have the Melissa virus on a floppy somewhere.
Challenge Accepted!
Its all fun and games until they break out of the hypervisor.
My post above suggests running the Hypervisor in a Hypervisor.
Seems to be dead. as of 9pm UK time.
Ukraine?
kpgs: The United Kingdom, oddly enough.
The website was posted here, on reddit, on 4chan… now the page says “We have huge load problems at the moment with up to 12000 con min.”
I wonder why.
Their viruses went viral?
:-)
We had some apache issues and are currently fixing it. Its up again but might go down for a few minutes in the next hour :) The aim is to keep this up 24/7
Think you could share the code and setup spec’s for the vms?
We are migrating some stuff to SSD at the moment
I’d love to run my own self-contained version of this on our helpdesk monitors’ walls. Would look pretty awesome for our visitors and I wonder if I could make it look like XKCD’s comic on a display.
Thats something we also want to do as soon as we get things sorted out, we got up to 12000 connections / 3 miljon page requests a minute today and thats a bit much for one server thats hosted at home :)
I already have plans to check for files migrating through the network.
12000 con min and 3 mil pageviews over the day of course :)
I recommend you to try lighttpd. It can serve content significantly faster than apache.
I will second that. Lighttpd is an incredible easy to set-up and use webserver. Nginx is also awesome. Unless you use one of the many Apache modules, I would recommend just switching ASAP. – And Nginx probably have something to replace the ones you used previously (Lighttpd is a little more behind in this matter.)
dammit, i was working on something like that already….
i wanted to get it working on new years eve
Looks like a remote game machine atm, dosbox+Larry and Internet Checkers running :D
Kudos!
Switching to Linux/Mac is putting all those lovely windows virus in danger of mass extinction. Systems like this might be the only way to preserve them for future generations…
The page is back up again, all new design, new backend and in short time challanges as well