Murdoch Posted July 16, 2021 (edited) 14 minutes ago, DoomGater said: In fact, I did not say INSTALL Linux. but giving it a 2nd thought, even an Linux Installation is easy and usually done much faster than installing Windows. Maybe you should try it yourself one day? I have. I hated it. Does some things well but others not so much depending on the exact distro and so i constantly hit roadblocks and issues of one form or another. Windows 10 is far from perfect but it runs with essentially no issues on the four systems i run it on. And since common sense and solid antivirus means i have not had an infection get loose on any of my windows rigs in decades why would i change what essentially works for something that sometimes doesn't? I dont have time for dealing with that stuff. And yes you did say use not install but my key point is unchanged. It's not helpful to throw an inexperienced user in the deep in with an OS they don't understand. Edited July 16, 2021 by Murdoch 2 Quote Share this post Link to post
DoomGater Posted July 16, 2021 2 minutes ago, Murdoch said: I have. I hated it. Does some things well but others not so much depending on the exact distro and so i constantly hit roadblocks and issues of one form or another. Windows 10 is far from perfect but it runs with essentially no issues on the four systems i run it on. And since common sense and solid antivirus means i have not had an infection get loose on any of my windows rigs in decades why would i change what essentially works for something that sometimes doesn't? I dont have time for dealing with that stuff. you feel the chains only when you move :-) (Sorry, I couldn't resist, but please be assured, really no offense intended!!) 0 Quote Share this post Link to post
Major Arlene Posted July 16, 2021 I think that's quite enough derail. Please take your OS supremacy arguments elsewhere :) 7 Quote Share this post Link to post
Maes Posted July 16, 2021 Soooo.... to sum up, PK3 files could, in theory, carry a virus, but they cannot just "give it" to you, you have to put in some extra work yourself for that :-) 0 Quote Share this post Link to post
CBM Posted July 16, 2021 (edited) 7 minutes ago, Maes said: Soooo.... to sum up, PK3 files could, in theory, carry a virus, but they cannot just "give it" to you, you have to put in some extra work yourself for that :-) To be fair, pk3 files can give its user the "doom virus"... aka the desire to play more and more doom stuff :-) ... not intended as derail... but no... pk3 files would never be able to launch a virus on their own and if just used as intended (as far as I know), only when extracted as a zip file. Edited July 16, 2021 by CBM 0 Quote Share this post Link to post
TheMagicMushroomMan Posted July 16, 2021 No, Golden Souls 2 will not give you a virus. Yes, Golden Souls 2 is FUCKING AWESOME. 2 Quote Share this post Link to post
Maes Posted July 16, 2021 1 hour ago, CBM said: ... not intended as derail... but no... pk3 files would never be able to launch a virus on their own and if just used as intended (as far as I know), only when extracted as a zip file. We all know that...UNLESS there's some crazy, obscure bug/exploit in some ZIP-capable software (including the zip libaries used in many source ports), where a maliciously crafted archive could somehow trigger a buffer overflow or other vulnerability, deliver + execute an arbitrary payload. Getting cold feet now, eh? ;-) 1 Quote Share this post Link to post
HavoX Posted July 16, 2021 (edited) 16 minutes ago, TheMagicMushroomMan said: No, Golden Souls 2 will not give you a virus. Yes, Golden Souls 2 is FUCKING AWESOME. And it was well worth the wait, too! On 7/14/2021 at 2:24 PM, DoomGater said: 3. use linux - less virii If you're implying that Linux doesn't get viruses, that is 100% incorrect and false. Even Linux can get viruses and malware if you don't use common sense. Edited July 16, 2021 by HavoX 1 Quote Share this post Link to post
Zulk RS Posted July 16, 2021 Can a pk3 file give you a virus? Yes. (Though there are some technicalities here.) You want to play Golden Souls 2? I mean where are you downloading it from? If you're getting it from idgames, you shouldn't really have much to worry about. If you're downloading it from somewhere else though, be a bit more careful. The actual mod itself is safe but beware of sites trying to push viruses into your PC by posing as the mod. ((Download managers, .exe files, something that isn't pk3 or something that's name just doesn't seem right) Unrelated, long ago, for some reason, my Anti-virus once falsely flagged a doom wad as virus. I don't remember why that happened that one time and I don't remember the specifics either. I think whatever anti-virus I used at the time was just shitty. 1 Quote Share this post Link to post
Zulk RS Posted July 16, 2021 (edited) 37 minutes ago, Maes said: We all know that...UNLESS there's some crazy, obscure bug/exploit in some ZIP-capable software (including the zip libaries used in many source ports), where a maliciously crafted archive could somehow trigger a buffer overflow or other vulnerability, deliver + execute an arbitrary payload. Getting cold feet now, eh? ;-) Now I wonder... in theory could someone hide away some kind of virus software inside a PK3 file that can run from just downloading it or by playing the pk3 file on GZDoom? I guess no one has found a way to do that since the people of Doomworld in their collective dooming career has never encountered something like that. Plus it's kinda unlikely I guess because usually files don't just run automatically with you opening it up. Then there is also that Windows message you get that says, "sonic.exe wants to make changes to your computer" and then prompts you to allow it or not. I guess you can try and trick some non-computer savy person by password protecting a pk3 and telling them they need to put a given password to unlock it. That said password is written in a different file that CAN give you a virus. Maybe a .html file that will download and run the actual virus? A .bin file pretending to just give you the password or unlock the protected pk3 file for you but will actually launch the malicious code? I think I'm being dumb again. Edited July 16, 2021 by Zulk RS 0 Quote Share this post Link to post
Sergeant_Mark_IV Posted July 16, 2021 Yes, but not in the way you are thinking. Doom wads and pk3s are like zip files, somebody could put a virus in there, but the virus would have no ways of infecting you unless you unpack the file and then run this virus. Doom sourceports by themselves can't do that. So to infect you, the hacker not only needs to put the virus into the wad/pk3. but he also needs to convince you to download his fork of a Doom sourceport that is capable of executing this virus. Any reasonable hacker would find smarter ways to infect people, like Facebook ads. 5 Quote Share this post Link to post
Maes Posted July 16, 2021 4 hours ago, Zulk RS said: I think I'm being dumb again. Not at all, what you're describing are "legit" techniques known as drive-by downloads, trojans, social engineering etc. If the PK3 is really totally inert by itself, then you must somehow trick or deceive the user into using something else that allows a malicious payload. And cybercriiminals have proven themselves to be more than capable of "delivering" on that account. But if you reach that far, why not just include the malicious payload with that soimething else and forego the PK3 entirely, even if you're a 1337 h4x0r ;-) The only way to do it without social engineering or tricks external to the Doom sourceports themselves, would be to find a vulnerability with either the ZIP library used by a specific source port, or the ZIP preview functionality of Windows. As for Linux, even with Windows UAC, its security and privilege model is quite different from Windows. It would be very hard to get a non-technical, non-root user to do real damage on it. However, pure browser-based exploits and tricks like fake "ransomware" that just abuses the Javascript "do you want to leave this page" dialog etc. 2 Quote Share this post Link to post
CBM Posted July 16, 2021 (edited) 4 minutes ago, Maes said: As for Linux, even with Windows UAC, its security and privilege model is quite different from Windows. I did not know that Windows had a United Aerospace Corporation feature, DOOM had UAC before Windows! :-) On a more serious note, I have never seen Windows preview a zip file as such? Edited July 16, 2021 by CBM 0 Quote Share this post Link to post
Zulk RS Posted July 16, 2021 1 hour ago, Maes said: The only way to do it without social engineering or tricks external to the Doom sourceports themselves, would be to find a vulnerability with either the ZIP library used by a specific source port, or the ZIP preview functionality of Windows. As for Linux, even with Windows UAC, its security and privilege model is quite different from Windows. It would be very hard to get a non-technical, non-root user to do real damage on it. However, pure browser-based exploits and tricks like fake "ransomware" that just abuses the Javascript "do you want to leave this page" dialog etc. Not sure if this would count as social engineering but I thought of something. So when you download and play GZDoom, you download it from the official website right? What if someone creates a website that looks identical to the real GZDoom site and then uses bots to artificially boost its traffic to the point that it would be the number 1 result when you search GZDoom Download on Google. Then when you download from it, it gives you a modified version of GZDoom that runs almost exactly like the real deal but has been edited to actually execute .exe files if it finds them inside a pk3 or WAD. So basically the guy created a vulnerability himself that he can exploit. THEN he releases a bunch of new wads all that have his virus in it and when you play it with his version of GZDoom, it infects your computer. Maybe make sure people download your version of GZDoom and play one of your wads by creating fake accounts on sites like ZDoom.org and Doomworld and advertise his wads as something that's a work-in-progress. When the virus infects a computer it can even maybe log into the victim's Doomworld, ZDoom.org account or even just email friends of the victim with even more infected Pk3s Of course, people are going to realize that his wads have this virus pretty quickly but maybe if they are busy deleting these infected Pk3s from the net, they won't notice that they are actually running a fake version of GZDoom? Of course if someone has to go through this much work to get a virus into people's computers via Doom wads, they're probably better off just sticking to the basic "Hot MILFS in your area" ads with virus sites :P 1 Quote Share this post Link to post
Shepardus Posted July 17, 2021 (edited) 4 hours ago, Zulk RS said: What if someone creates a website that looks identical to the real GZDoom site That would be phishing, which does count as social engineering and is a major topic in internet security. But if you're able to convince someone they're on a legitimate site, there are more direct ways to get their credentials than what you described, such as asking them to enter their password on a spoofed login form (which, again, is a very real thing). Edited July 17, 2021 by Shepardus 1 Quote Share this post Link to post
Zulk RS Posted July 17, 2021 Yeah my brain was just running thorough possibilities while tired at 3 AM. The steps I described above are probably really impractical and you can probably do the same thing much easier in other ways :P. Also 3 AM me of yesterday forgot what Phising was at the time of writing that post but I do know what it is generally. 0 Quote Share this post Link to post
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.