AntiBlasterWorm Project - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

AntiBlasterWorm Project

Description:

Our worm will not be a harmful one - it is ... Clone and awake new worm's copies. Update target machine's registry. What's left to do? ... – PowerPoint PPT presentation

Number of Views:70
Avg rating:3.0/5.0
Slides: 9
Provided by: Apol9
Category:

less

Transcript and Presenter's Notes

Title: AntiBlasterWorm Project


1
AntiBlasterWormProject
Project Supervisor Vortman Hai
Students
Ilya Kritsmer     Serge Nayshtut
Antiblaster is a network application that
spreads itself out on the Internet and performs
certain tasks on infected computers. Our worm
will not be a harmful one - it is going to find
out whether the computer is infected with well
known MS Blaster worm, install appropriate patch
if found, which would fix  Blaster vulnerability 
issues and run Symantec MS Blaster removal tool
and spread itself on to the next unpatched
target
2
AntiBlasterWorm Architecture
  • AntiBlaster consists of 2 main
    parts

Worm Application
Worm Wakes Up
  • Admin Tool

Worm IP Scanner
Worm Attacks
3
What is AdminTool and what it does?
  • The component of AntiBlasterWorm that stays on
    admins
  • machine and doesn't spread.
  • It is responsible for
  • Providing GUI for input parameters
  • Admin password
  • Target IP range
  • Files location
  • Timer
  • Creating configuration file for worm
  • Awakening of worm
  • Maintenance of the log file, where all worm
    instances reports
    will be written into.

4
Antiblaster Worm Wakes Up
Initiates new instance of the worm, while
performing the following tasks
Run thread of timer
Admin Machine
Clean Startup
Where am I?
Check patch installation
Report to admin machine
5
Antiblaster Worm Scans IP
  • Scans given IP range, collecting IPs
  • of possible targets

Get IP range from configuration file
Create Victims Array
Call Worm Attack
Print victims to log
Check port 135 and Windows version
6
Antiblaster Worm Attacks
  • Module initiates the attack
  • on the chosen target

Break into machine, get command prompt
Update targets registry with fixblast antiblast
Run fixblast antiblast
Run the patch and restart the machine
After last stage we return to Worm Wake Up
TFTP to target following files patch.exe,fixblast
.exe,antiblast.exe, antiblast.cfg,antiblast.reg,un
antiblast.reg
7
What has been done so far?
  • Projects detailed design
  • Break into target machine
  • Transfer files to target machine
  • Clone and awake new worm's copies
  • Update target machines registry

8
Whats left to do?
  • Implement IP Scanner
  • Implement Admin Tool module
  • Application testing
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "AntiBlasterWorm Project" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!