this post was submitted on 16 Aug 2025
22 points (86.7% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

63551 readers
349 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

🏴‍☠️ Other communities

FUCK ADOBE!

Torrenting/P2P:

Gaming:

💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
db0@lemmy.dbzer0.com
sunbrothersco@lemmy.dbzer0.com
Flatworm7591@lemmy.dbzer0.com
RandomLegend@lemmy.dbzer0.com
Andromxda@lemmy.dbzer0.com
CosmicTurtle0@lemmy.dbzer0.com
tenchiken@lemmy.dbzer0.com
22
How to put a file into a VM without a malware breach? (lemmy.dbzer0.com)
submitted 1 day ago by Yourname942@lemmy.dbzer0.com to c/piracy@lemmy.dbzer0.com
15 comments fedilink hide all child comments
 

How can you get a file into a VM without creating a potential malware breach? I was told to kill the internet connection, disable any type of sharing with the host, no copy paste, and no sharing disks, but how would I be able to get the files into the VM if it is secure from both sides? The file in question is about 36GB and there is a second file that is 678MB.

Thank you.

top 15 comments
sorted by: hot top controversial new old
[–] cecilkorik@lemmy.ca 24 points 23 hours ago

The point is that you isolate the VM after you get the file onto it but before running the potential malware. It's not going to auto-execute, not if your Windows is patched and modern and up to date, we don't live in the bad old days of floppy disks and CDs and USBs autorunning anymore (and for good reason).

If you are running a version of Windows (or anything) that is even capable of auto-executing code as it downloads, the malware you're trying to test is the least of your worries because you'll already have about a thousand other malware already running.

[–] frongt@lemmy.zip 11 points 1 day ago (1 children)

Create an ISO and mount that.

But really, it doesn't matter how you get the file in before you open it. It's extremely unlikely that it malware could be executed just by putting a file on disk.

[–] Yourname942@lemmy.dbzer0.com 1 points 23 hours ago (2 children)

Thank you. Just to confirm, do I make an ISO from a .7z file?

[–] Onomatopoeia@lemmy.cafe 2 points 22 hours ago* (last edited 22 hours ago)

7zip is an archive format - creating an iso requires the raw files (unless you have 7zip installed in the VM to extract the zip file).

All that is unnecessary though, just enable a shared folder via the VM software (I assume they all do it now, VMware has had this feature forever). This isn't a network share, it's a virtual network share that only exists within VMware for that specific VM, and by default it's read only.

Or put the files on a thumb drive, and connect that thumb drive to the VM.

Or enable networking on the VM, copy the files in, then disable the network card in the VM.

Getting the files in doesn't require any special security, it's when you're executing the files that the VM needs to be isolated.

[–] frongt@lemmy.zip 1 points 11 hours ago

Sure. Put whatever file into an iso and mount it.

[–] Cevilia@lemmy.blahaj.zone 9 points 17 hours ago

Based on our recent interactions, I would say you probably don't have the expertise necessary to evaluate whether the file's safe. I very much doubt you're gonna gain any new knowledge from doing this.

This isn't a slight against you. I don't have the expertise, either.

[–] vrighter@discuss.tchncs.de 7 points 13 hours ago (1 children)

encode it in base 64 and type it in

[–] borari@lemmy.dbzer0.com 1 points 6 hours ago

I can’t imagine how long it would take to do that with a 32GB file, or how many errors it they would have by the end.

[–] deadcade@lemmy.deadca.de 3 points 1 day ago* (last edited 1 day ago) (1 children)

Start off with a clean slate. Windows, freshly installed from a Microsoft provided ISO (Assuming you're looking at a Windows executable). Try to follow a guide on bypassing the MS account requirement (AtlasOS has a section of their guide telling you how to do this).

When you're setting things up, there's no restrictions to internet access, sharing, etc. You just have to be careful not to open/view the files you want to isolate, which is easy enough by for example putting the files in a password protected zip. You can also install any required tools now (like maybe 7zip).

At this stage, there's a few options:

  • The easiest is to put your files into a separate folder, then run a simple webserver, like with python3 -m http.server on your host. Then download it on the VM.
  • Another option is to mount the VMs disk, then copy the files directly. Turn off the VM, mount the disk, copy the files, unmount, then turn it back on.
  • You could create a disk image that contains your files, readable by the VM.

When you're ready to actually open the file, close off all access from the VM to the host. No networking, clipboard sharing, etc. Do this on the hosts VM settings, not inside the VM. Also note that without further tooling, it's extemely difficult to tell if there's any advanced malware present.

As soon as you view the potentially malicious files, consider anything coming from that VM as malicious. Don't try to view/open files on your host, do not give it network access.

Malware can be (but often isn't) incredibly advanced, and even an isolated VM isn't a 100% guaranteed method of keeping it contained.

[–] Onomatopoeia@lemmy.cafe 2 points 22 hours ago (1 children)

VMware's shared folders is secure - by default it's read-only, and it's only visible to the specific VM on which it's configured.

The client OS doesn't even need a network card, VMware emulates the network just for the shared folder.

I assume other virtualization tools have a similar feature.

[–] deadcade@lemmy.deadca.de 2 points 15 hours ago (1 children)

It's not. There's no way to be 100% certain the shared folder daemon on the host has absolutely zero exploits, same thing for the networking stack used for transport. That also includes VM disk I/O, virtual graphics output, and any other communication between guest and host. It'd take some really advanced malware to abuse such exploits, but you're better off minimizing attack surface as much as possible. That means disabling (or removing) every possible form of communication between host and guest, unless absolutely necessary for operation.

[–] Yourname942@lemmy.dbzer0.com 1 points 11 hours ago (2 children)

thank you for the in depth responses. Do you know if it is follish to keep internet on my host when I have the VM have no network connections, or is it highly recommended to kill the internet for both host and VM?

[–] deadcade@lemmy.deadca.de 2 points 11 hours ago

If you're this unsure about running potential malware in a VM, the best method is to just not run it at all.

You should be perfectly fine running with networking on your host, as long as you disable it in the VM configuration before running the potential malware.

[–] frongt@lemmy.zip 1 points 11 hours ago

It is not going to matter. If the malware can escape the VM, it's going to do that regardless of host network access.

[–] MangoPenguin@lemmy.blahaj.zone 1 points 9 hours ago

Personally I just copy/paste into the VM over a network share, then disable networking before running (or enable with a firewall rule on the hypervisor to allow only internet access for the VM if it needs it)