1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to visit malicious site safely?

Discussion in 'BlackHat Lounge' started by IndianGrad, Jun 25, 2011.

Tags:
  1. IndianGrad

    IndianGrad Junior Member

    Joined:
    May 13, 2011
    Messages:
    156
    Likes Received:
    31
    Occupation:
    Internet Marketing
    Location:
    In the sea of blackhatters
    I want to visit a known malicious site to see what that guy does. Firefox and Chrome both give a malicious warning before visiting it.

    Any suggestions as to how can I safely visit the site?
    Like disabling Javascript would do?
     
  2. cyberzilla

    cyberzilla Elite Member Premium Member

    Joined:
    Nov 15, 2009
    Messages:
    2,204
    Likes Received:
    3,364
    Location:
    zeta reticuli
    You can view the Google cache version of the page. Put the URL in G0ogle and click on the "cached" link. It is safe not to visit the site directly even if you disable the JS.
     
  3. SpareTimeBillionaire

    SpareTimeBillionaire Registered Member

    Joined:
    Jun 11, 2011
    Messages:
    55
    Likes Received:
    16
    Location:
    By the Sea
    Home Page:
    Funny old day... I just upgraded Firefox and got told that McAfee Site Advisor would no longer work :(

    Absolute vigilance is in order ... and keep your virus scanner updated!

    [edit]Actually, the simplest way is to have two computers. One that you do most stuff on and another that you don't. The second can be the cheapest second hand model that can run a browser and you can simply reformat when sh1t happens[/edit]
     
    Last edited: Jun 25, 2011
  4. Sanitarium

    Sanitarium Regular Member

    Joined:
    Sep 27, 2008
    Messages:
    312
    Likes Received:
    648
    Occupation:
    I guess making love to your eyes since you're read
    Location:
    In your mind.
    Then do it. isn't getting your pc fucked up part of the fun experience!! YAY
    then when your pc starts having a fit, blame it on eminem or Marilyn Manson while you grab your balls.
     
  5. Patel

    Patel Senior Member

    Joined:
    Mar 1, 2011
    Messages:
    1,116
    Likes Received:
    1,503
    Location:
    On the coast
    If its really malicious, I'd say download a copy of vmware somewhere, install a windows iso on it, and visit it there.

    Delete the virtual machine when done.
     
  6. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Install sandboxie open a browser inside it.
     
    • Thanks Thanks x 1
  7. IndianGrad

    IndianGrad Junior Member

    Joined:
    May 13, 2011
    Messages:
    156
    Likes Received:
    31
    Occupation:
    Internet Marketing
    Location:
    In the sea of blackhatters
    No cache for it :(



    Too much work. And not always it is fun. The fun part is probably the first 2 times, then it just needs to be taken care of.

    I found this which gives the source code of site
    http://www.find-ip-address.org/site-viewer.php

    But my problem is that the site is only visible from a particular referrer. And idea as to how I could fake a referrer to input the the above site?
     
  8. DoorKnocker

    DoorKnocker Regular Member

    Joined:
    Sep 10, 2010
    Messages:
    492
    Likes Received:
    231
    Occupation:
    Unlimited bulk mailing without paying for it
    Location:
    Hanging on your door
    just rent a very freaking cheap vps, or go to a local internet cafe is the best solution, go to schoool or library use their computer

    lol
     
  9. Didcot

    Didcot BANNED BANNED

    Joined:
    Feb 2, 2010
    Messages:
    328
    Likes Received:
    29
    Lube yourself up and wear a condom, works for me. :D
     
  10. abyssal_miss

    abyssal_miss Power Member

    Joined:
    Jun 18, 2011
    Messages:
    618
    Likes Received:
    140
    Install Sandboxie and open a Sandboxed web browser. Delete contents afterwards
     
    • Thanks Thanks x 1
  11. Sanitarium

    Sanitarium Regular Member

    Joined:
    Sep 27, 2008
    Messages:
    312
    Likes Received:
    648
    Occupation:
    I guess making love to your eyes since you're read
    Location:
    In your mind.
    sounds like whale requirements, why your whole self?
     
    Last edited: Jun 25, 2011
  12. SpareTimeBillionaire

    SpareTimeBillionaire Registered Member

    Joined:
    Jun 11, 2011
    Messages:
    55
    Likes Received:
    16
    Location:
    By the Sea
    Home Page:
    Well you sound like a lazy little shyster to me!

    Best wishes in your endeavours!
     
  13. IndianGrad

    IndianGrad Junior Member

    Joined:
    May 13, 2011
    Messages:
    156
    Likes Received:
    31
    Occupation:
    Internet Marketing
    Location:
    In the sea of blackhatters
    Now that's the kind of intelligent answer I was looking for! Thanks + Rep :)


    Lolz... Nice one :p

    Trying to do something with least efforts should not be confused with laziness. Rather if someone is ready to do an hour's work for something which can be completed in minutes, I'd say he's dumb! I'd be a shithead if I would have to format my computer everytime I want to visit something like this. Check out the sandboxed browser solution by abyssal_miss for differentiating "laziness with efficiency"
     
  14. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,804
    Likes Received:
    6,372
    Home Page:
    Maybe visit on iPhone or similar device? Or just brave it and have hit at the ready lol.
     
  15. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Not that I need the rep but?
     
  16. IndianGrad

    IndianGrad Junior Member

    Joined:
    May 13, 2011
    Messages:
    156
    Likes Received:
    31
    Occupation:
    Internet Marketing
    Location:
    In the sea of blackhatters
    I visited it using sandboxie


    Damn! It freaked me out still... Following was the incomplete sequence till I witnessed it:

    1. A message box (or alert box?) which says that your site is infected with malware (In disguise as if it is a windows alert box)
    2. Then visually shows your hard drives as you see in your "My Computer" page, all in red with some scripts running in the progress bar at the centre of the screen as if it was doing some kind of scanning from windows.

    Everything was just moving so fast I just closed the browser and started seeing if it still creeped into my system after using sandboxie.

    Would probably try seeing the entire sequence next time I use an internet cafe :p

    I didn't realize though as to how he makes money (might be I missed the ending climax of the movie :p )
     
  17. IndianGrad

    IndianGrad Junior Member

    Joined:
    May 13, 2011
    Messages:
    156
    Likes Received:
    31
    Occupation:
    Internet Marketing
    Location:
    In the sea of blackhatters
    Oops! I already had the answer before posting the reply. Seems it was missed on account of concurrency and next time I just saw the threads below my reply so missed again.

    You deserve rep so I'd still give :) Thanks :)
     
  18. Kid Shaleen

    Kid Shaleen Regular Member

    Joined:
    Oct 29, 2009
    Messages:
    250
    Likes Received:
    63
    I've found that Oracle's VirtualBox works well.

    1) Install VB;

    2) Make a snapshot of the VB disk immediately after installing VB and before doing anything else.

    3) Run a browser in VB;

    4) After visiting the site, rollback VB to the original snapshot.
     
  19. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Sounds like a rouge anti virus install exploit.
    They will blackmail you to remove their shit.
     
  20. MojoSoDope

    MojoSoDope Regular Member

    Joined:
    Feb 6, 2011
    Messages:
    304
    Likes Received:
    333
    Get a mac.