Main Page | See live article | Alphabetical index

WinNuke

WinNuke is a term for a method of crackers, particularly script kiddies, once used to attack other people on the internet.

A WinNuke exploits a security glitch in Windows 95 or Windows NT networking system. The process is also known as an OOB (out of bounds attack). The cracker connects the WinNuke to port 139 of a said computer, and sends garbage to the computer, forcing it to disconnect the PC from the internet or hang the PC with a BSoD, or Blue Screen of Death. It is rare for a nuke to cause a catastrophe on a computer, but it can destroy unsaved work that was lost due to the BSoD. All a cracker needs to know is someone's IP address before he/she can WinNuke their said target.

WinNuke was popular with script kiddies due to its ease of use. It is easy for Unix users to compile, and there was a Windows 95 version that actually circulated, complete with a "nuke" button with sound effects.

Victims often met their attackers on IRC, ICQ, and other chatting systems. The attacker tricked the victim into giving out his/her IP, before proceeding with the WinNuke.

A person under the screename "_eci" published his Microsoft C source code on the exploit on June 7, 1997. With the source code being widely used and distributed, Microsoft had put up security patches fixing the bug.

Several other variants on the WinNuke exist, and have been proliferated by people thought to be unsavory.

External links