Loading...

Opaserv Worm Revisited

50,946 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Uploaded on May 6, 2011

Well I got this "new" computer on eBay, running Windows 95 is a breeze with its 16mb of RAM, 100MHz processor and 1GB hard drive. So I thought, in order to get rid of the previous owner's data, why not run one of my favorite worms on it? So I did. And the results were glorious.

In case my description was not clear enough on how the worm is able to spread, here is another breakdown:

The worm, after infecting a system and dropping its files and registry keys, begins to spread. It searches local network shares and over the Internet for public networks to infect. It finds a network, and using a vulnerability unique to Windows 95, 98, and Me, "suggests" the first byte of the password to the receiving end. So for example, if the password was adam123, the worm would only have to suggest the letter "a" to the host in order to be granted access. Once access is achieved, the worm drops its files, marks itself to be run automatically on startup, and begins the process over again.

After certain conditions are met (or if the worm's registry keys are disturbed, as shown in this video), the worm activates its payload. It drops a few files to the root directory and reboots the computer. Upon booting, a message displaying a fake notice from the BSA is shown to the user. During this screen, the computer's hard drive is repartitioned in order to be completely useless.

Screenshot of Payload: http://i.imgur.com/kg5QE.jpg

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...