• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Bear Bibeault
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Jj Roberts
  • Carey Brown
Bartenders:
  • salvin francis
  • Frits Walraven
  • Piet Souris

Getting malware from using HTTP GET

 
Master Rancher
Posts: 4107
37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My wife got an email from an acquaintance that looked like a phishing attack.  It had a generic text like: " Here are some files for you"  and a link.  She deleted it, but I was wondering if I used a small java program I have that uses a URLCOnnection class object to send an HTTP GET and read the response if there was a way for a site to notice my activity and reach out and put a file on my PC?  I've never heard of that capability, but there are a lot of powerful tools out there that could do the unexpected.  
 
Java Cowboy
Posts: 16084
88
Android Scala IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Norm Radder wrote:... if there was a way for a site to notice my activity


If you send an HTTP GET request to a server, then that server definitely notice that you are doing that and it will probably at least log it.

Norm Radder wrote:... and reach out and put a file on my PC?


A server cannot just reach out and put a file on your PC without your permission, unless your system has a severe security vulnerability that is being taken advantage of.
 
Norm Radder
Master Rancher
Posts: 4107
37
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

A server cannot just reach out and put a file on your PC without your permission


So there is a way for software to put a file on my PC if it is able to get "permission".  And if there are exploits for "getting permission" then it can be done.

BTW My PC is running Windows 10
 
Saloon Keeper
Posts: 6802
162
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you're concerned about the security of the Windows machine (probably wise when accessing a suspected malware site), you could retrieve the file via curl or wget from within a patched-up virtual Linux machine.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic