As I relapse occasionally and use Windows, but have been working on Linux primarily. I would like to make public one of my oversites with WINE and virii. Ending up with alot of headaches.
Purpose:
Break linux with windows virus. Complete with 100% cpu load.
Setup:
Linux Mint [hda1]
Windows XP [hdb1] with EXTIFS (EXT2 Installable Files system Driver)
Procedure:
Install Windows (preferably while connected to the internet)
Install Linux and boot loader.
Install Wine and Wine HQ
Boot Windows
Download EXTIFS from internet
Install EXTIFS to copy windows drivers stored on linux partition
Leave connected to internet. Wait for RPC calls to shutdown PC and other exploits.
Boot into Linux. Observing that Hotkeys is now eucking up 100% of CPU.
**Your milage will varry.
***For extra quick results start with WinXP SP1, and leave connected to internet while installing.
Wine with Virus
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
- grimdestripador
- Level 6
- Posts: 1051
- Joined: Fri Feb 16, 2007 2:26 am
Wine with Virus
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Wine with Virus
For super quick results start with WinXP without a service pack and connected to internet
I doubt you can finish the install, some of the RPC buggers probably breaks the system before you are finished
But that is a failure I realize when I read the original post again - this way you can't show what happens in Wine
But - the virus does not spread outside Wine - at worst it writes some txt files to your home....
I doubt you can finish the install, some of the RPC buggers probably breaks the system before you are finished
But that is a failure I realize when I read the original post again - this way you can't show what happens in Wine
But - the virus does not spread outside Wine - at worst it writes some txt files to your home....
- grimdestripador
- Level 6
- Posts: 1051
- Joined: Fri Feb 16, 2007 2:26 am
Re: Wine with Virus
(referring to root access)tri wrote:You may need to access Control Center -- Services, and untick the Hotkey management and other services such as Bluetooth that you don't actually use. And yes, Wine may carry Windows viruses but they will not have root access to your system. No worry about it.
That is where my headache (previously mentioned) comes from. I wasn't expecting the virus to chill out on my linux partition. And being that I mount my music files (and installer executables) on a read/write HD in Linux. Each times I reformatted windows I kept on getting a virus as soon as I started copying Drivers for Install.
Yet another reason to have read only access.
P.S. to Husse. Can't WINE read outside the home directoy. What about (user) mounted disks.
Re: Wine with Virus
Wine can probably read outside /home - but it can't write outside /home (unless you've changed permissions) and that stops a virus pretty efficiently
- grimdestripador
- Level 6
- Posts: 1051
- Joined: Fri Feb 16, 2007 2:26 am
Re: Wine with Virus
so um, this is bad?
(of course it is)
Code: Select all
sudo mount /dev/sda1 /media/usb -t vfat -o users,rw
(of course it is)
Re: Wine with Virus
Well, that disk could be vulnerable as you "make it like home"
But I don't really get it - sda1 a USB disk?
Do they appear that way - I have never tried - don't have access to a USB disk
But I don't really get it - sda1 a USB disk?
Do they appear that way - I have never tried - don't have access to a USB disk
- grimdestripador
- Level 6
- Posts: 1051
- Joined: Fri Feb 16, 2007 2:26 am
Re: Wine with Virus
Setup is a Dell Inspiron 1200, with 40 GB EIDE and 4 USB GB thumbdrive.Do they appear that way - I have never tried - don't have access to a USB disk
Observe that even my main harddrive is labaled (sda1 - SCSI Device A Partiton 1) rather than /dev/hda1 like normal.
----
and btw what is the Partition 1 has different physical/logical endings: phys=(488, 254, 63) logical=(489, 135, 30) part mean?
Code: Select all
eagle@tragdor ~ $ sudo fdisk -l
Disk /dev/sda: 40.0 GB, 40007761920 bytes
255 heads, 63 sectors/track, 4864 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x0720071f
Device Boot Start End Blocks Id System
/dev/sda1 * 1 4659 37423386 83 Linux
/dev/sda2 4660 4864 1646662+ 5 Extended
/dev/sda5 4660 4864 1646631 82 Linux swap / Solaris
Disk /dev/sdb: 4026 MB, 4026531840 bytes
255 heads, 63 sectors/track, 489 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x007e8538
Device Boot Start End Blocks Id System
/dev/sdb1 * 1 490 3932128+ c W95 FAT32 (LBA)
Partition 1 has different physical/logical endings:
phys=(488, 254, 63) logical=(489, 135, 30)
Re: Wine with Virus
Hmm - made the same mistake as many posting here - was not clear enough
I was thinking of that in you example the USB disk was sda - I would not expect it to be sda
All disks are treated like SATA (scssi) disks by the disk driver introduced in Daryna (earlier?), so hda is outdated
I was thinking of that in you example the USB disk was sda - I would not expect it to be sda
All disks are treated like SATA (scssi) disks by the disk driver introduced in Daryna (earlier?), so hda is outdated
This is like chinese to me.... they probably should not have the same ending as the logical is a transformation of the physicaldifferent physical/logical endings