Door gmlk
De main body kon alleen op VAX machines met 4[url=http://en.wikipedia.org/wiki/Berkeley_Software_Distribution]BSD[/url]/[url=http://
en.wikipedia.org/wiki/SunOS]SUN[/url] 3 (deze twee zijn compatible) draaien.
Niet echt... Volg je eigen links maar eens....
Sun3 draait op motorola 68020 processoren en VAX draait 4BSD op eigen processoren.. Verschillende architecturen dus en zeker niet compatible (althans niet binary.. VAX is middle-endian en de 68020 is big-endian om maar wat te noemen).
En verder:
The core of the virus is a pair of binary modules, one for the VAX architecture and the other for the Sun architecture.
Note that the piece of code is VAX code, and the stack frame is a VAX frame, in the wrong order for the Sun. Thus, although the Sun finger daemon has the same bug as the VAX one, this piece of code cannot exploit it.
A short program, named l1.c, is the common grappling hook that all of the attack routines use to pull over the rest of the virus. It is robustly written, and fairly portable. It ran on a number of machines which were neither VAX or Sun, loading them down as well, but only making them peripheral victims of the virus.
http://web.mit.edu/eichin/www/virus/program.html