I wrote a virus once, just to see if I could. Found out recently my dad did as well when he was my age. I knew he modded the hell out of hardware in the mid 80s, and ran one of the most frequented BBS on the north east coast, but I had no idea he was a skilled programmer as well.
You can make it spread by using RPC DCOM vuln's and Spamming using Open Relay Servers. Infect or Attach the program to Files. USB spreading by copying itself into USB sticks & P2P networks.
Make sure it does not do harmful acts.
A Year back I made a Rootkit-Worm just to learn and basically it spread via P2P such as Limewire and such and I made it to connect to a IRC channel and was amazed to see 100 people got infected in 5 hours shows how fast these things spread. Finally I made it uninstall itself from system. I know it is nothing compared to Conficker and such but still fast I mean a Hacker will try spread it as quickly as possible so Authors tend to automate all the Spreading.
Conficker has much more Exploits which helped spread it but the thing is there is almost no rootkit nor a Bypass Mechanism in place as hooking ntdll.KiSystemFastCall would allow some type of AV bypass. Also NO rootkit is wierd as the authors of the actual worm would have almost few decades experience in the Development Field so it would be easy as hell for them to create a Ring0 or Ring3 Rootkit but they chose not to. I would understand as it is a DLL but yet still they could have hidden it far better by hooking function such as NtOpenProcess , NtTerminateProcess , NtQuerySystemInformation , GetTcpTable , ZwOpenProcess[RING0 Only] , ZwTerminateProcess[RING0 only] , ZwQuerySystemInformation[RING0 only] etc. to hide & protect its Files , Network Activity , Process , Registry.
The wierd thing is they did not do it I mean why not, so it must have been a sort of the prototype of a different Worm so it is strange to see other lables on it such as commenting and such I found strange things there. I analyzed it and It is the most elgent written code I have ever seen and it has a Mysterious Back Ground whearas Stuxnet was straight forward in what it wanted to do , cause Malfunctions in PLC's Programmer Logc Controllers which would further cause errors in the Industrial Components.
Stuxnet is more straight forward with a single goal whereas finding Conficker's goal is more mysterious.
o.O im still making bunny breeding programs,
maybe ten years after I finish uni if my brain isn't proving to be the brain of your average 40 year old I will know about these things too,
I sincerley hope you all pretending you know what you are talking about, I will feel better if you admit it anyway
Uh Stuxnet was meant to destroy the centrifuges being controlled by very specific SCADA controllers. Which it did.
Meaning the Iran Nuclear Program? Yes it destroyed the centrifuges but I doubt that was the sole intent of the worm. Again all speculation here on my part just like anything on this subject since we don't really have much facts, but I believe its sole purpose was infect and spy on the Iran Nuclear Program which was using Siemens SCADA controllers and take action if it was needed. But more just to gain more information on how far along they were.
Stuxnet is possibly the most advanced worm I have ever seen considering the authors who created the Worm must have either Extreme amounts of Knowledge about Industrial Systems and also actual API or the Programming method to interact with the PLC & there is no way someone has that much details and knowledge about a single controller so there must be some type of Government funding at short term and Governments Agents who helped them & explained how interaction happens with programmers logic controllers. Or other way is if the authors have a large group consisting of few tens each with they're own knowledge and expertise on the Target.
I saw that there are 8 different programming styles as some of the indentations are different & the actual usage of functions such as: memcpy() is different but all I can say is that all they're programming styles are good.
Whereas Conficker has only one programming style. but yet it seems more elegant that Stuxnet. Of course they're both powerful worms.
Well, You are a brilliant programmer. You are doing good job. Thanks for the compliment.
LOL :D. I saw many words and such referring to Hebrew bible and also some variable names which are Hebrew bible and some american words.
So I think US and a Hebrew follower tested and developed it. or maybe Israel as they have a anger or grudge over Iran, so ruining they're Nuclear Program would be a brilliant idea to take revenge on them.