Ask about worm spreading via Virtual Machines

Status
Not open for further replies.
Maxxx58

Maxxx58

Level 13
Thread author
Verified
Dec 20, 2014
619
Hi everyone,
Wish all of you have a nice day!
I want to ask some question about my lab at school. Please help me. Very appreciate!

My teacher ask me to spread worm via virtual machines. Firstly, I use tool to create worm. After create it, I can use email or USB to infect it to victim computer (1st virtual machine). The victim will double click on that worm and this computer will be infected.

And that worm will be spreading to another victim computer (2nd virtual machine) via network.

I attached a picture, please see it to easier understand (sorry for my bad English)
he97r88.png

I have some question wanna ask:
  1. What's tool I can use to make worm (I searched and found the tool called "Internet Worm Maker Thing", do you know another tool that makes stronger and more feature worm?)
  2. What's type of Network Adapter I can use Host-only, NAT or Bridge?. If I use Host-only, VMs can ping each others, but I don't know if worm can spread when I use Host-only mode? I just want to research this lab on VMs, not want to infect my real computer.
  3. How worm on 1st virtual machine can spread and infect 2nd virtual machine via LAN if I use virtual machines to research this lab? Do I need to disable Windows Firewall or other system security features?
I really need your help to make done this lab. Any comment will be very appreciated!
Thank you very much, all of you!
 
  • Like
Reactions: Deleted member 2913, harlan4096, CySecy825 and 1 other person
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
1) Well some are so called tiny script to act only as worms however in order to create it, you need an understanding like assembly language since it will go through network by analyzing the current network properties.

Try this one but the code is at C++ Worm Codeing

2) NAT will never be an option since its already isolated on the protocol so no chance that the worm may jump.

Possible can be Bridge connection since they can share same protocol/LAN network to another so that will depend on the worm structure how it should compare the present connection.

3) As much as possible disable any security product will make the operation work considering that the script/code made on that worm may be detectable.
 
  • Like
Reactions: Maxxx58 and Deleted member 2913
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
Replies
0
Views
1,211
Security News
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • +Reputation
    • Like
Security News Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack
Replies
1
Views
944
Security News
ForgottenSeer 103564
F
Cleo
    • Like
Hot Take Twingate
Replies
1
Views
191
VPN and DNS
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top