Hello,
I need a method by which I would be able to securely download potentially malicious files from the Internet into my hard drive. Very often, that would be a pdf or docx file and I need a method to download it without opening or executing it.
I thought, that wget might be a good solution. I'd just type something like "wget abc.com/suspicious.pdf" to download a suspicious file sample. However, I wonder, whether this method is 100% secure. Could you tell me if this method if safe and/or suggest me other methods to securely download malicious files into a computer? For both, Linux and Windows platforms.
Using wget to download dangerous files
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Using wget to download dangerous files
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Using wget to download dangerous files
The 100 % secure method: Do not download suspicious files.
Re: Using wget to download dangerous files
it really does not matter what you use it's not the download that is the problem it's when you veiw the file. You can set most down loaders to not open files automatically.
Best advise don't put such files on your HD. download to a virtual partition or folder. or to a firejail environment. https://firejail.wordpress.com
Best advise don't put such files on your HD. download to a virtual partition or folder. or to a firejail environment. https://firejail.wordpress.com
Easy tips : https://easylinuxtipsproject.blogspot.com/ Pjotr's Great Linux projects page.
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Linux Mint Installation Guide: http://linuxmint-installation-guide.rea ... en/latest/
Registered Linux User #462608
Re: Using wget to download dangerous files
I totally agree with Cosmos BUT if your doing what I think due to your job, this is what I use to do. I would setup a USB drive with only your access. Then I would download the file(s) to it and then upload them to an online virus scanner. https://www.virustotal.com/#/home/upload
Safe Maybe not ... but I never had any problems doing this in my IT career
Safe Maybe not ... but I never had any problems doing this in my IT career
Re: Using wget to download dangerous files
Thank you for your responses.
I know, that the best idea is to stay clear of any malware, however, in my job, sometimes I have to deal with suspicious files and to perform basic analysis. I know and use VirusTotal and other well-known tools like that, but VT is good to verify whether the file is malicious or not. It won't help me checking what the malware does or to which host it tries to connect. I have got some tools to analyze pdf or docx files (peepdf, Didier Stevens scripts etc.) but before I analyze it I have to securely download it on my machine.
Do not worry, I'm not going to execute malicious files on my system directly, all I want to do is a static analysis.
I know, that the best idea is to stay clear of any malware, however, in my job, sometimes I have to deal with suspicious files and to perform basic analysis. I know and use VirusTotal and other well-known tools like that, but VT is good to verify whether the file is malicious or not. It won't help me checking what the malware does or to which host it tries to connect. I have got some tools to analyze pdf or docx files (peepdf, Didier Stevens scripts etc.) but before I analyze it I have to securely download it on my machine.
Do not worry, I'm not going to execute malicious files on my system directly, all I want to do is a static analysis.
Re: Using wget to download dangerous files
This =>miclis wrote:...I wonder, whether this method is 100% secure. Could you tell me if this method if safe and/or suggest me other methods to securely download malicious files into a computer? For both, Linux and Windows platforms.
It can be ridiculously easy that the site serves you different files depending on the application, http headers and url referrals used to access it. And although harder to achieve, it can still also be that they have private exploits in their arsenal to compromise the app of your choice that you used to access their servers (that includes wget / curl as well, after all, they're very widely used apps). There are automated kits for such tasks sold in the underground market for a few hundred $ since many years now, so such cases aren't really that much uncommon. So, 100% secure doesn't exist - for such, use a dedicated spare system (as AV companies supposedly still do).Cosmo. wrote:The 100 % secure method: Do not download suspicious files.
Re: Using wget to download dangerous files
When you download the file and treat it safely, someone else might click on it to view it.
Re: Using wget to download dangerous files
Petermint wrote:When you download the file and treat it safely, someone else might click on it to view it.
I've had people at work send out an email to our whole work force with an attachment telling them it look suspicious
-
- Level 6
- Posts: 1491
- Joined: Fri Feb 22, 2013 5:18 pm
- Location: United States
Re: Using wget to download dangerous files
If it's for your job, just buy a barebones (or "very" used) computer and claim it on your taxes, since it is a business expense. Unless you are working for someone else, of course, in which case have them purchase it.
Don't use the computer for anything other than the task you're discussing in this thread. Then... who cares what the file does, lol?
The best sandbox, IMHO, is a completely separate (and independent) computer.
Regards,
MDM
Don't use the computer for anything other than the task you're discussing in this thread. Then... who cares what the file does, lol?
The best sandbox, IMHO, is a completely separate (and independent) computer.
Regards,
MDM
Mint 18 Xfce 4.12.
If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.
If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.