Recently a team of scientists posted an article about dealing with the Storm – Botnet. posted some parts of the source-code “stormfucker” in the mailing-list “Full Dislosure”.
Here is the alpha code for Stormfucker. Patched a few things to not make
it work out of the box.


If you want to work with this code, you need to undecrypt the source. Here is a version of

1) save the source in a file
2) start python:
$ python
Python 2.5.1 (r251:54863, May 18 2007, 16:56:43)
[GCC 3.4.4 (cygming special, gdc 0.12, using dmd 0.125)] on cygwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from base64 import *
>>> a=file("stf.txt",'r')
>>> c=b64decode(b)
>>> a=file("stf.out",'w')
>>> a.write(c)
>>> a.close()

Now we have a stf.out - file, which is bzip2 compressed. (check with "file")
$ bzip2 -d stf.out
bzip2: Can't guess original name for stf.out -- using stf.out.out

Now we have tar-file.. lets have a look:

$ tar tvf stf.out.out
drwxr-xr-x tw/tw 0 2008-01-01 00:00 stormfucker/
-rw-r--r-- tw/tw 610 2008-01-01 00:00 stormfucker/routing.h
-rw-r--r-- tw/tw 75 2008-01-01 00:00 stormfucker/install.h

Extract with tar xvf and have phun..:)


Leave a Reply

You must be logged in to post a comment.