Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Question about WINE
New Posts  All Forums:Forum Nav:

Question about WINE - Page 2

post #11 of 22
Will be interested to hear back from you guys trying this in a VM...
po-ta-toe
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 2600 DH67CL Radeon HD 6850 Transcend Information  
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO Western Digital Blue Western Digital Green LG Multi-write DVD-ROM 
CoolingOSMonitorKeyboard
Stock openSUSE Samsung TV Steelseries 6Gv2 
PowerCaseMouse
No name 550kW Circle Steelseries Sensei 
  hide details  
Reply
po-ta-toe
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 2600 DH67CL Radeon HD 6850 Transcend Information  
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO Western Digital Blue Western Digital Green LG Multi-write DVD-ROM 
CoolingOSMonitorKeyboard
Stock openSUSE Samsung TV Steelseries 6Gv2 
PowerCaseMouse
No name 550kW Circle Steelseries Sensei 
  hide details  
Reply
post #12 of 22
As a few people have mentioned it would probably at most wreck the wine environment IF it actually worked. Either way whatever potential flaw's it was designed to attack in windows would not exist in linux as they are completely different operating systems and I dont think I have ever seen any sort of virus that was designed to attack and exploit both.

To write such an exploit would probably not be worth the time and effort it would take, and as such most 'hackers' go after the easy targets where they can spread rapidly and consume as much resources as possible. The ones who would however put time into something like this are probably targeting government systems not your average home computer and more than likely they would be targeted attacks, not just out on the web.
Desktop
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 EVGA 780SLi EVGA GTX285SSC 4GB OCZ Reaper HPC Edition 
Hard DriveOptical DriveOSPower
150GB Velociraptor x2 - RAID0 2 - Samsung Write Master's Window 7 64-bit 750 Watt OCZ 60 AMPs on +12v 
CaseMouse
LIAN LI PC-V2110B Black Logitech G3 
  hide details  
Reply
Desktop
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 EVGA 780SLi EVGA GTX285SSC 4GB OCZ Reaper HPC Edition 
Hard DriveOptical DriveOSPower
150GB Velociraptor x2 - RAID0 2 - Samsung Write Master's Window 7 64-bit 750 Watt OCZ 60 AMPs on +12v 
CaseMouse
LIAN LI PC-V2110B Black Logitech G3 
  hide details  
Reply
post #13 of 22
Thread Starter 
well i put slackware as vbox, logged in as root, installed wine, and firefox for windows in wine (which ran surprisingly fast, so when i was browsing, i was as root, so if any virus/malware was to get on my system, it would have a 100% control if it was going to do so).

i went to every dubious pron site, warez site i could think of, clicked on ads i would've never do on my real system, downloaded and ran all sorts of files i would've never, opened up every mail in my junk folder that had an attatchment. after about 2 hours, i did notice the vbox had tripled in its resource usage, ran a few linux based av's, found about 3 "suspected" virus's, but they all seemed to be contained in .wine

so i restarted the vbox, resources were fine, opened up FF linux native, resources spiked a little, system acted fine, no indications that a virus was running, but as soon as i opened up FF for windows (i closed out the linux native) resources almost quadrupled in resources and cpu time, the browser acted a bit funny. but that didn't stop me.

i spent a few more hours browsing and downloading things i would know for fact contain dubious code, even ran a few vbscripts and macros i found.

so my conclusion, wine is able to run malware and virus's made for windows, but not very well. when they were trying to execute, my original assumptions were confirmed, they would eat a lot of the system resources for about a minute, but the process would die quickly.

my wine environment was definitely compromised, but linux itself was unharmed, i deleted .wine from my home folder, ran the linux av's again, didn't find any infected files, even went as far as running a few bootdisk virus scanners i have in the vbox on the virtual drive, and they couldn't find anything.

now i did one thing i still wouldn't do on my main system, i went back into the vbox, and with a native linux browser (firefox 3.6), i went to all the sites, clicked on ad's, and downloaded email attatchments, that i had done in the Firefox for windows thru wine (i'm still root during this test.)

vbox resources barely changed thru the whole thing, and once i was done, i redid the virus scans, and wasn't able to come up with anything.

Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #14 of 22
worth noting... all the stuff you did right there to GET the viruses... works perfectly fine native in linux where viruses arent really a threat...

why would anyone browse pron through wine, native firefox or chrome or opera does it just as well

i dont think wine is a security risk if you use it minimally... mostly gets used for things that wont drop a virus down your pants
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
Kinda meh now...
(13 items)
 
  
CPUMotherboardGraphicsRAM
PhII 940 BE asus M4N82 Deluxe 2x 8800gts(g92) 2x 1g ocz ddr2 1066 
Hard DriveOptical DriveOSMonitor
/dev/sd[abc] /dev/sr0 WinXP/Linux 22in acer 
PowerCaseMouseMouse Pad
950w rosewill timebomb Antec 900 (2small) Voodoo Deathadder (RED!) X-Trac Pads Ripper XL 
  hide details  
Reply
post #15 of 22
Nice read, interesting...REP!
*Mal Nai*
(18 items)
 
  
Reply
*Mal Nai*
(18 items)
 
  
Reply
post #16 of 22
Thread Starter 
Quote:
Originally Posted by EntTheGod View Post
worth noting... all the stuff you did right there to GET the viruses... works perfectly fine native in linux where viruses arent really a threat...

why would anyone browse pron through wine, native firefox or chrome or opera does it just as well

i dont think wine is a security risk if you use it minimally... mostly gets used for things that wont drop a virus down your pants
yes i would typically use my native browser for all my, extra-curricular activities...but since this was a test on the question basically, does wine emulate windows enough to get windows viruses and malware? the answer is a mixed yes and no, it can run them, but no it can't really mess with your linux box (even running as root.)

but then again, i wouldn't take my test as a 100% scientific either i did it as a amuzing side note project, i'm sure if i sat down, set out some test parameters, it would turn out better or worst.
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #17 of 22
Not to mention if a virus wanted to attach itself to run32.dll it can't in wine. I go back to the same reason the steam overlay won't work.

As for the file system comment, doesn't matter once the system is running. Programs don't interact with the file system they interact with the OS. Basically they don't know (or care) what the file system is. How do you think windows programs even run on EXT4 based wine? THINK!!!
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #18 of 22
WINE-wine is not an emulator. Answer your question?
hp touchsmart 600
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 CPU E60 plug-in 1919 MB 
Hard DriveOptical DriveOSMonitor
1 x 750 Byte - Portable - 7200 rpm, - Serial ATA-3 SuperMulti SATA Drive and Double Layer supporting windows 7 58.42 cm (23 inch) LCD panel display with touchscr 
KeyboardPowerCaseMouse
wireless 150W power supply (100V-240V) Height: 45.7 cm (18 inches) Width: 58.4 cm (23 inc wireless 
Mouse Pad
none 
  hide details  
Reply
hp touchsmart 600
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 CPU E60 plug-in 1919 MB 
Hard DriveOptical DriveOSMonitor
1 x 750 Byte - Portable - 7200 rpm, - Serial ATA-3 SuperMulti SATA Drive and Double Layer supporting windows 7 58.42 cm (23 inch) LCD panel display with touchscr 
KeyboardPowerCaseMouse
wireless 150W power supply (100V-240V) Height: 45.7 cm (18 inches) Width: 58.4 cm (23 inc wireless 
Mouse Pad
none 
  hide details  
Reply
post #19 of 22
Thread Starter 
Quote:
Originally Posted by Civ216 View Post
WINE-wine is not an emulator. Answer your question?
i know wine is not an emulator, i know its a compability layer, just poor choice of words on my part in the earlier thread. the question was none the less answered as "unlikely, but wouldn't suprise me if it did".
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
Bazinga Punk
(12 items)
 
ooh shiny!
(6 items)
 
 
CPUMotherboardGraphicsRAM
Intel Xeon 3440 AsRock P55 extreme Evga 8800 GT 512 MB Gskill Ripjaws 
Hard DriveCoolingOSMonitor
Western Digital Blue Antec Khuler 620 Ubuntu 11.10 Asus vw264H 
KeyboardPowerCaseMouse
GIGABYTE KM7600 CORSAIR TX 650 Cooler Master 590 GIGABYTE GM-M6800 
CPUMotherboardGraphicsRAM
Intel Core I5 6500 Gigabyte z170xp-SLI Nvidia 970gtx Corsair 16gb ddr4 2666mhz  
Hard DriveOS
250gb Samsung Evo 850 Windows 10 & Ubuntu 15.10 
  hide details  
Reply
post #20 of 22
Chances are the virus wouldn't run. Most viruses these days want to steal your information, install adware, or turn your computer into a bot. The viruses are windows programs, and fairly low level ones at that. WINE was designed for fairly abstract programs, so things like Photoshop will run flawlessly while Paint won't, so they would probably just crash, or try and replace WINE's system files with Windows ones, which would probably crash WINE. Any kind of autorun would fail too since WINE doesn't handle that.


In short, unless you run into a DOS-era hard drive wiping virus, getting infected even through root wouldn't do much. Even then, DOS isn't POSIX-compliant so little damage would be done.
    
CPUMotherboardGraphicsRAM
Core i5 4670k ASUS Maximus VI Gene Gigabyte GTX 460 1GB Kingston Hyper-X 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 OCZ Vertex 3 WD6401AALS WD5000AAKS 
CoolingOSMonitorMonitor
Noctua NH-D14 elementary OS Dell Ultrasharp U2312HM LG W2442PA-BF 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 Corsair HX750W Corsair Graphite 600T Logitech G700 
Audio
ASUS Xonar DG 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core i5 4670k ASUS Maximus VI Gene Gigabyte GTX 460 1GB Kingston Hyper-X 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 OCZ Vertex 3 WD6401AALS WD5000AAKS 
CoolingOSMonitorMonitor
Noctua NH-D14 elementary OS Dell Ultrasharp U2312HM LG W2442PA-BF 
KeyboardPowerCaseMouse
Microsoft Sidewinder X4 Corsair HX750W Corsair Graphite 600T Logitech G700 
Audio
ASUS Xonar DG 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Question about WINE