Using wget to download dangerous files

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
Post Reply
miclis
Level 1
Level 1
Posts: 19
Joined: Thu Nov 03, 2016 3:36 pm

Using wget to download dangerous files

Post by miclis »

Hello,

I need a method by which I would be able to securely download potentially malicious files from the Internet into my hard drive. Very often, that would be a pdf or docx file and I need a method to download it without opening or executing it.
I thought, that wget might be a good solution. I'd just type something like "wget abc.com/suspicious.pdf" to download a suspicious file sample. However, I wonder, whether this method is 100% secure. Could you tell me if this method if safe and/or suggest me other methods to securely download malicious files into a computer? For both, Linux and Windows platforms.

Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Using wget to download dangerous files

Post by Cosmo. »

The 100 % secure method: Do not download suspicious files.

User avatar
kc1di
Level 16
Level 16
Posts: 6135
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Using wget to download dangerous files

Post by kc1di »

it really does not matter what you use it's not the download that is the problem it's when you veiw the file. You can set most down loaders to not open files automatically.
Best advise don't put such files on your HD. download to a virtual partition or folder. or to a firejail environment. https://firejail.wordpress.com
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608

User avatar
Pepi
Level 5
Level 5
Posts: 990
Joined: Wed Nov 18, 2009 7:47 pm

Re: Using wget to download dangerous files

Post by Pepi »

I totally agree with Cosmos BUT if your doing what I think due to your job, this is what I use to do. I would setup a USB drive with only your access. Then I would download the file(s) to it and then upload them to an online virus scanner. https://www.virustotal.com/#/home/upload

Safe :?: Maybe not ... but I never had any problems doing this in my IT career

miclis
Level 1
Level 1
Posts: 19
Joined: Thu Nov 03, 2016 3:36 pm

Re: Using wget to download dangerous files

Post by miclis »

Thank you for your responses.

I know, that the best idea is to stay clear of any malware, however, in my job, sometimes I have to deal with suspicious files and to perform basic analysis. I know and use VirusTotal and other well-known tools like that, but VT is good to verify whether the file is malicious or not. It won't help me checking what the malware does or to which host it tries to connect. I have got some tools to analyze pdf or docx files (peepdf, Didier Stevens scripts etc.) but before I analyze it I have to securely download it on my machine.
Do not worry, I'm not going to execute malicious files on my system directly, all I want to do is a static analysis.

User avatar
thx-1138
Level 8
Level 8
Posts: 2111
Joined: Fri Mar 10, 2017 12:15 pm
Location: Athens, Greece

Re: Using wget to download dangerous files

Post by thx-1138 »

miclis wrote:...I wonder, whether this method is 100% secure. Could you tell me if this method if safe and/or suggest me other methods to securely download malicious files into a computer? For both, Linux and Windows platforms.
This =>
Cosmo. wrote:The 100 % secure method: Do not download suspicious files.
It can be ridiculously easy that the site serves you different files depending on the application, http headers and url referrals used to access it. And although harder to achieve, it can still also be that they have private exploits in their arsenal to compromise the app of your choice that you used to access their servers (that includes wget / curl as well, after all, they're very widely used apps). There are automated kits for such tasks sold in the underground market for a few hundred $ since many years now, so such cases aren't really that much uncommon. So, 100% secure doesn't exist - for such, use a dedicated spare system (as AV companies supposedly still do).

Petermint
Level 6
Level 6
Posts: 1072
Joined: Tue Feb 16, 2016 3:12 am

Re: Using wget to download dangerous files

Post by Petermint »

When you download the file and treat it safely, someone else might click on it to view it. :oops:

User avatar
Pepi
Level 5
Level 5
Posts: 990
Joined: Wed Nov 18, 2009 7:47 pm

Re: Using wget to download dangerous files

Post by Pepi »

Petermint wrote:When you download the file and treat it safely, someone else might click on it to view it. :oops:

I've had people at work send out an email to our whole work force with an attachment telling them it look suspicious :roll:

User avatar
MtnDewManiac
Level 6
Level 6
Posts: 1478
Joined: Fri Feb 22, 2013 5:18 pm
Location: United States

Re: Using wget to download dangerous files

Post by MtnDewManiac »

If it's for your job, just buy a barebones (or "very" used) computer and claim it on your taxes, since it is a business expense. Unless you are working for someone else, of course, in which case have them purchase it.

Don't use the computer for anything other than the task you're discussing in this thread. Then... who cares what the file does, lol?

The best sandbox, IMHO, is a completely separate (and independent) computer.

Regards,
MDM
Mint 18 Xfce 4.12.

If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.

Post Reply

Return to “Other topics”