LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-26-2017, 12:27 PM   #16
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351

I don't understand the question.
In order to work malware needs to be executed. It can be stored labelled as anything on any medium anywhere so long as it will be executed.
One thing I do find interesting are things like the jpeg library flaws found a few years back which, apparently, allowed data files (jpeg photographs) to to be executed by the opening program.
File extensions are irrelevant, even under Windows, it's getting the code to execute that counts.
 
Old 04-26-2017, 01:58 PM   #17
linux4evr5581
Member
 
Registered: Sep 2016
Location: USA
Posts: 275

Original Poster
Rep: Reputation: Disabled
Yeah how they execute I'm sure there's a million ways, but I was just wondering if malware code can hide in plain sight inside of these text files.. The jpeg thing you're talking about sounds like a "scriptless attack" where you can corrupt memory to execute arbitrary code in order to open a malicious file, all without a script (maybe this one was disguised as a wallpaper?). This happened just recently with Fedora's Gstreamer decoder, where the malicious file in this case was a malformed video file whom individual frames have been specially crafted to have specific values written to memory during the decoding of the video, which would allowed an attacker to take complete control of the system (so he could open his malicious file).. This could happen via drive by download, but you can detect such exploits by monitoring systems calls (I think Samhain does this) and using network based detection tools..

Last edited by linux4evr5581; 04-26-2017 at 02:17 PM.
 
Old 04-26-2017, 02:07 PM   #18
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
Quote:
Originally Posted by linux4evr5581 View Post
Yeah how they execute I'm sure there's a million ways, but I'm just wondering if malware code can hide in plain sight inside of these text files..
Yes, you could encode a whole OS inside a text file as harmless looking text. Not sure how you'd actually execute it though...
In other words -- method of execution is the only thing important to executable files and the rest is just a matter of patience.
It is irrelevant what you can or cannot "hide" in any given file what is relevant is what you can or cannot execute.
 
Old 04-26-2017, 02:26 PM   #19
linux4evr5581
Member
 
Registered: Sep 2016
Location: USA
Posts: 275

Original Poster
Rep: Reputation: Disabled
I understand what you mean but I think getting malware on a system is half the battle, and I'd rather not have malware in my text files..
 
Old 04-26-2017, 02:30 PM   #20
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
Quote:
Originally Posted by linux4evr5581 View Post
I understand what you mean but I think getting malware on a system is half the battle, and I'd rather not have malware in my text files..
I'm sorry but this statement makes no sense.
Just what do you think that a "text file with malware hidden in it" will do and how?
You could download every piece of malware on the internet and store it on your hard drive but until you execute it it is all absolutely harmless data (I've downloaded my fair share).
What exactly is it you're worried about and why?
 
Old 04-26-2017, 02:46 PM   #21
linux4evr5581
Member
 
Registered: Sep 2016
Location: USA
Posts: 275

Original Poster
Rep: Reputation: Disabled
Well I must say it would suck to buy a brand new laptop only to have it presumably compromised as soon as you transfer seemingly harmless text files over to it. I wish to avoid such a situation like the plague. And perhaps my previous comet was exaggeration (but perhaps it could be true in certain scenarios..) as I realize different networks/systems require different approaches to gaining entry. But what if like a previous commenter replied, that it may be possible to execute a "harmless" text file when you go to edit it in a text editor like vim, and all it's plugins that could have bugs to allow for such a thing? Would it not be possible then?

Last edited by linux4evr5581; 04-26-2017 at 04:35 PM.
 
Old 04-26-2017, 02:50 PM   #22
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,585

Rep: Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351Reputation: 2351
I give up. Please look up the differences between executable files and data files and the various ways of distinguishing between the two. Also the difference between storage and memory.
Please also read up on how computers can become infected with malware and what that means.
Really, your posts make no sense.
 
Old 04-26-2017, 02:56 PM   #23
linux4evr5581
Member
 
Registered: Sep 2016
Location: USA
Posts: 275

Original Poster
Rep: Reputation: Disabled
Thank you good sir for trying
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] awk question - read in txt files, offset data by given amount, output new txt files pomico Programming 19 09-17-2012 11:43 AM
Copy the contents of a txt file to other txt files (with similar names) by cp command TheIndependentAquarius Linux - Newbie 7 07-03-2010 12:54 AM
cat onelinefile.txt >> newfile.txt; cat twofile.txt >> newfile.txt keep newline? tmcguinness Programming 4 02-12-2009 06:38 AM
Where would a virus/malware hide on Slackware? digger95 Slackware 10 02-08-2009 02:23 PM
how do I hide files? joshknape Linux - Newbie 11 09-12-2005 09:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration