It was a pain in the butt to find the bomb executable, so for anyone interested, here is the link for a Linux/x86-64 binary bomb: http://csapp.cs.cmu.edu/3e/bomb.tar
Well that's part of it, the real meat is in "phases.c", which would need to be generated by the instructors (and uniquely for each student). This way no two student's answers are both the same, and there's no public source code to reference to figure out what the bomb is "doing" to the input and what input it actually needs in order to "defuse" properly, without trial-and-error and debugging, or reading the ASM disassembly throughly if that's your style.