Linux能通过Wine感染病毒
时间:2009-10-30 来源:linux论坛
Linux不是避风港,它也会被病毒感染,虽然数量上与Windows相差几个数量级。但是别忘了Windows模拟环境,如wine。如果通过wine下载了病毒,然后运行,那么Linux系统估计也会被折腾的不轻。一位Linux用户在机器上进行了一番测试,在此案例中,病毒让系统瘫痪了。
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" />
安全风险提示不能去那里。
但在你告诉火狐浏览器“这没关系,这是我的错,如果我死了”,并加载站点和重定向,您再次获取:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" /> No!
而在接过去,太多,再次下载该文件:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" /> I said no, dammit, NO!
因此,我下载了它。跑在wine。和...同时,原来葡萄酒模拟视窗足够好,可是由Windows病毒感染。样的,至少。我仍然得到这个:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/virus-install-fail');}" onmousewheel="return imgzoom(this);" alt="" />
作为一个防病毒程序提出了这个病毒,和“安装”本身都在你的硬盘驱动器,包括将Explorer.exe和假像,在你的system32目录svhost.exe东西。然后运行假冒扫描,并告诉您您的计算机是borked,并提供“卖出”你“完整”版本,将“修复”您的计算机。 “不感谢”选项字面读取“不要购买,并让<一些声称台子蠕虫感染with>把我的信用卡信息到远程服务器。”是啊,好像它本身并不会做同样的事情,如果涉及您的信用卡信息。screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/windows-police-pro');}" onmousewheel="return imgzoom(this);" alt="" />
我敢肯定有没有C:\的Windows \ System32 \在Windows winebrowser.exe文件。
它甚至把自己和补充任务栏,并添加提醒不时(读:每2分钟),您正在使用的未注册版。另外,有没有办法阻止它。嗯,不从Windows /wine,但我有其他计划:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/virus-got-pwned');}" onmousewheel="return imgzoom(this);" alt="" />
这可能不是它的结束。要停止完全,我不得不杀死wine进程。如果它成功地感染葡萄酒注册表还不够,它的自动运行,我将不得不把wine注册表去手动删除它。
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" />
安全风险提示不能去那里。
但在你告诉火狐浏览器“这没关系,这是我的错,如果我死了”,并加载站点和重定向,您再次获取:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" /> No!
而在接过去,太多,再次下载该文件:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/reported-attack-site');}" onmousewheel="return imgzoom(this);" alt="" /> I said no, dammit, NO!
因此,我下载了它。跑在wine。和...同时,原来葡萄酒模拟视窗足够好,可是由Windows病毒感染。样的,至少。我仍然得到这个:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/virus-install-fail');}" onmousewheel="return imgzoom(this);" alt="" />
作为一个防病毒程序提出了这个病毒,和“安装”本身都在你的硬盘驱动器,包括将Explorer.exe和假像,在你的system32目录svhost.exe东西。然后运行假冒扫描,并告诉您您的计算机是borked,并提供“卖出”你“完整”版本,将“修复”您的计算机。 “不感谢”选项字面读取“不要购买,并让<一些声称台子蠕虫感染with>把我的信用卡信息到远程服务器。”是啊,好像它本身并不会做同样的事情,如果涉及您的信用卡信息。screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/windows-police-pro');}" onmousewheel="return imgzoom(this);" alt="" />
我敢肯定有没有C:\的Windows \ System32 \在Windows winebrowser.exe文件。
它甚至把自己和补充任务栏,并添加提醒不时(读:每2分钟),您正在使用的未注册版。另外,有没有办法阻止它。嗯,不从Windows /wine,但我有其他计划:
screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onmouseover="if(this.width>screen.width*0.7) {this.resized=true; this.width=screen.width*0.7; this.style.cursor='hand'; this.alt='Click here to open new window\nCTRL+Mouse wheel to zoom in/out';}" onclick="if(!this.resized) {return true;} else {window.open('http://blog.opensourcenerd.com/upload/virus-got-pwned');}" onmousewheel="return imgzoom(this);" alt="" />
这可能不是它的结束。要停止完全,我不得不杀死wine进程。如果它成功地感染葡萄酒注册表还不够,它的自动运行,我将不得不把wine注册表去手动删除它。
相关阅读 更多 +
