Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Windows Viruses in WINE

  1. #11
    Join Date
    Dec 2011
    Location
    Manchester, UK
    Beans
    356
    Distro
    Ubuntu

    Re: Windows Viruses in WINE

    Wine basically creates a false C drive. That program will only be able to run in that C drive, so it probably won't be able to do much. The only feasible way would be if you ran wine as root, but even then, many viruses still wouldn't work. But on a side note, clamscan can scan for the majority of Windows viruses, why not just scan it first? The command is:
    Code:
     clamscan <location>
    which would scan the files in the location, like /dev/sdba1 for example, or /media/sdba3. Example:
    Code:
    <username>@<computername>: ~$ clamscan /dev/sdba1
    <snip>
    Scan Results
    __ ___
    Known viruses: 1152090
    Engine version: 0.97.3
    Scanned directories: 1
    Scanned files: 48
    Infected files: 0
    Total errors: 1
    Data scanned: 65.62 MB
    Data read: 1406.25 MB (ratio 0.05:1)
    Time: 24.739 sec (0 m 24 s)
    EDIT: There is also a graphical program that does this called Clamtk Virus Scanner, which is available in the repositories.
    Last edited by 0011235813; March 3rd, 2012 at 04:19 PM.

  2. #12
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,769
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Windows Viruses in WINE

    Actually its quite trivial to impact linux if you can gain code execution in wine.

    I've demoed this before and it essentially works because wine is not contained the way people seem to think it is, it is merely an interpreter to translate system calls into linux terms.

    Demo 1
    http://dangertux.wordpress.com/2011/...ne-and-ubuntu/

    And 2
    http://dangertux.wordpress.com/2011/...do-is-hurt-me/

  3. #13
    Join Date
    Dec 2007
    Location
    California
    Beans
    4,952
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Windows Viruses in WINE

    Quote Originally Posted by Dangertux View Post
    Actually its quite trivial to impact linux if you can gain code execution in wine.

    I've demoed this before and it essentially works because wine is not contained the way people seem to think it is, it is merely an interpreter to translate system calls into linux terms.

    Demo 1
    http://dangertux.wordpress.com/2011/...ne-and-ubuntu/

    And 2
    http://dangertux.wordpress.com/2011/...do-is-hurt-me/
    All I see is you demonstrating wine could run a trojan, which no one is questioning. I think it's rather obvious that could happen. I also don't understand what your trying to say about the home folder encryption.... when encryption is unlocked it's not protecting anything, it's only when the user is logged out that the encryption will be protecting files...

    I did like the bit about app armor (I really need to get around to messing with that)
    "You can't expect to hold supreme executive power just because some watery tart lobbed a sword at you"

    "Don't let your mind wander -- it's too little to be let out alone."

  4. #14
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,769
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Windows Viruses in WINE

    Quote Originally Posted by jerome1232 View Post
    All I see is you demonstrating wine could run a trojan, which no one is questioning. I think it's rather obvious that could happen. I also don't understand what your trying to say about the home folder encryption.... when encryption is unlocked it's not protecting anything, it's only when the user is logged out that the encryption will be protecting files...

    I did like the bit about app armor (I really need to get around to messing with that)
    You are correct my point was to demonstrate that the host linux system os accessible frpm within wine using windows code nothing more

  5. #15
    Join Date
    Feb 2012
    Location
    Northern India
    Beans
    34
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Windows Viruses in WINE

    No it won't. Unless you have some fancy utility installed on your system that resembles windows' autorun feature.

    As for the the hidden virus files, if the file starts with a ".", then it will be hidden, and could infect a windows PC.
    For example-
    I write a virus for windows. Using windows, i set its attributes to hidden and i include a "." in the beggining of its name.
    Now- Neither Windows nor Linux users can see the file(with their default options). I also include a ".ini" file in the drive which instructs Windows to run the program on inserting the pen drive. This way I could infect a windows PC, if not yours..!!

  6. #16
    Join Date
    Dec 2011
    Location
    Manchester, UK
    Beans
    356
    Distro
    Ubuntu

    Re: Windows Viruses in WINE

    Quote Originally Posted by Dangertux View Post
    You are correct my point was to demonstrate that the host linux system os accessible frpm within wine using windows code nothing more
    some programs in wine work, others don't. Same with malware. In any case, the malware won't do anything to the root owned folders, and it's always good practice to scan something if you are unsure of it's trustworthiness.

  7. #17
    Join Date
    Dec 2007
    Location
    California
    Beans
    4,952
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Windows Viruses in WINE

    Quote Originally Posted by kaustbh View Post
    No it won't. Unless you have some fancy utility installed on your system that resembles windows' autorun feature.
    Actually, both Gnome and KDE do have an autorun facility by default, although it's for linux scripts. Create a autorun.sh (maybe .autorun.sh I can't remember atm which one, make it do something simple like call gedit) in the root of a usb drive then plug it in.
    "You can't expect to hold supreme executive power just because some watery tart lobbed a sword at you"

    "Don't let your mind wander -- it's too little to be let out alone."

  8. #18
    Join Date
    Dec 2011
    Location
    Manchester, UK
    Beans
    356
    Distro
    Ubuntu

    Re: Windows Viruses in WINE

    Quote Originally Posted by jerome1232 View Post
    Actually, both Gnome and KDE do have an autorun facility by default, although it's for linux scripts. Create a autorun.sh (maybe .autorun.sh I can't remember atm which one, make it do something simple like call gedit) in the root of a usb drive then plug it in.
    Yeah but they don't run it as root do they?

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •