How can you get a file into a VM without creating a potential malware breach? I was told to kill the internet connection, disable any type of sharing with the host, no copy paste, and no sharing disks, but how would I be able to get the files into the VM if it is secure from both sides? The file in question is about 36GB and there is a second file that is 678MB.
Thank you.
The point is that you isolate the VM after you get the file onto it but before running the potential malware. It’s not going to auto-execute, not if your Windows is patched and modern and up to date, we don’t live in the bad old days of floppy disks and CDs and USBs autorunning anymore (and for good reason).
If you are running a version of Windows (or anything) that is even capable of auto-executing code as it downloads, the malware you’re trying to test is the least of your worries because you’ll already have about a thousand other malware already running.
encode it in base 64 and type it in
I can’t imagine how long it would take to do that with a 32GB file, or how many errors it they would have by the end.
You could actually do it! If you founded a small dynasty of humans willing to type relentlessly for many hundreds of years, in succession.
don’t rush too much, and triple check everything
What would take long? Also, why would there be errors?
Manually typing the base64 encoded 32GB file? Open up a terminal and type
echo “example text” | base64, then imagine inputing the result of piping 32GB to it instead of 13 characters.
Well the reason the VM is isolated is probably 2 fold,
- prevent a spread of whatever caused the issue in the first place
- protect any data on the isolated device for being manipulated and corrupting any forensic evidence that might be on the VM/machine
so if things are done correctly you shouldn’t copy any file to or from the isolated machine
