Assuming, an application can only be downloaded from warez release forums, how do you check the content of an archive without infecting yourself? All downloaded application are archived, and from what I uderstand a malicious executable can infect your system simply through windows explorer, like when explorer reads the file metadata and other things.
All of this assuming one does not have an antivirus installed, only say an on-demand virus scanner.
Can you elaborate on this?Originally Posted by Master Razor
I use a virtual machine with nonpersistent storage and no network access (unless the program in question needs it).
"I just remembered something that happened a long time ago."
I'm no expert but here goes:
Windows executable format (.exe) uses a header in which it stores several bits of information. From basic metadata like version, name, author, to minimal payload data like .manifests and others. Supposedly, one could alter that header and modify this data, that is automatically read by windows explorer as soon as you open its containg directory.
I assume you download the executables directly to it?
Or you download them to your PC and then transfer?
Reading and executing are two different things. This should never happen unless there was a serious vulnerability on how Explorer parses the data it displays (there isn't), and even then, Data Execution Prevention would take care of it.
Read/write shared folder used only for this purpose.
"I just remembered something that happened a long time ago."
I've seen some a example of this. You don't have to believe.Reading and executing are two different things. This should never happen unless there was a serious vulnerability on how Explorer parses the data it displays (there isn't), and even then, Data Execution Prevention would take care of it.
Care to share? If I'm wrong, I want to be one step closer to the truth
"I just remembered something that happened a long time ago."
Posting Permissions
Reply With Quote
Bookmarks