Decided to dip my toes in so I followed the guide to a website where I can download some content via google drive. Like an idiot, I didn’t research the risks of direct downloads before and so I’m now a bit paranoid. I understand the chances are low and my media player needs to be exploited but is there a way to be certain? A post on reddit said to use mkvtoolnix to check all the elements but I honestly don’t know what to look for. Any help?

  • drwankingstein@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    is there a way to be certain? not absolutely however simply being up to date will make the risk pretty much negligible. you probably have a higher risk of catching an STD from eating food after a day of wearing gloves and other protective gear

    • jlow (he/him)@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Yeah, I think if videofiles where a common (or even feasable, I’ve never heard of it) way to distribute malware we’d know about it (and phishers would not need to rely on MS Word macros so much 👌).

      • drwankingstein@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        it’s not unheard of, multimedia is actually a pretty decent target, however this is due to a lot of media libraries being ancient even in deployment (see the libwebp stuff recently in chrome). However with stuff like mkv which is something that gets updated often, the risk is significantly lower so long as one is up to date. There are lots of people running outdated software which could be susceptible to these attacks.

      • andrew@radiation.party
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s feasible and has been used in various 0day exploits in the last few years. It’s getting significantly rarer nowadays but media player exploits leading to RCE has been a staple of malware distribution for a long while.

        It’s just much easier to make a malicious word macro and hope the user isn’t careful than to research/identify an exploitable bug in a media player.

  • ram@bookwormstory.social
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    AniDB contains hashes for episodes of anime. They’re obviously not all there - really it’s a fraction of a fraction of them - but it’s the most comprehensive public database of anime file hashes.

    • poncho@lemmynsfw.comOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      thanks for the info I did mostly download movies and can’t find their hashes on the website but I’ll still keep it bookmarked for refrences

  • AbidanYre@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    As long as it opens in a media player instead of trying to run as an executable, you’re probably fine.

  • drunkensailor@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    I understand the chances are low and my media player needs to be exploited but is there a way to be certain?

    Personally, even if I was on a highly targeted OS like Windows, I wouldn’t really worry too much about video files being infected - with the obvious exceptions of making sure they are actually video files not something like .mkv.exe and that your system isn’t compromised some other way (e.g. installing / running random apps or scripts off the web / email / etc).

    But if you want a little extra peace of mind, you could run an antivirus file scan on it or take steps to sandbox it in a VM or security container.

    If you are on Linux, you can run the media player apps like vlc / mpv / smplayer / etc in security containers which would limit their capabilities if there ever was a successful exploit on the player software via something embedded in a video or music file. There are several different apps you can use to make use of such security containers. The easiest is probably to just use flatpak versions of applications (flatpak is a “universal” linux build format - most of these are available on flathub.org - and have a built-in security container called bubblewrap which you can control with a tool called flatseal). There are also other options besides flatpaks such as firejail (which I use myself), which has pre-made profiles for a lot of the more popular linux apps so like for vlc I could simply launch firejail vlc in shortcuts or I think there is a graphical app for it too. edit: jsut checked and yup, there is a gui called firetools: github | their blog which has screenshots and a 2min video demo.

    Linux security containers rely on features built into the Linux kernel so I’m not sure if there are comparable alternatives for Windows or Mac. But I suppose if you were on one of those, you could always just run things in a virtual machine.

    A post on reddit said to use mkvtoolnix to check all the elements but I honestly don’t know what to look for. Any help?

    Without an actual link to see what they said, I’m going to go out on a limb and guess their assumption was that you would either have some kind of corrupted exe that is NOT a valid video OR a valid video. I mostly agree with that assumption - there are things like steganography that can hide data in some other data files like pictures or videos but that is more just extra crap than exploit.

    IF you accept this assumption, then what they probably meant was that you could use mkvtoolnix to confirm that the mkv file loaded successfully and had audio + video streams (e.g. a really really basic test for it being a valid mkv file). You could do the same thing with the mediainfo tool (I believe this is also crossplatform since that’s what RARBG used to use on their media detail pages… and God do I miss that, wish other public trackers all did the same thing).

    • poncho@lemmynsfw.comOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Wow I’m so sorry I missed this. You are truly a big help and I really appreciate everything you wrote thank you so much.

  • filister@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    1 year ago

    Run a live Linux from an USB, and try to play the videos from there. If some files don’t open, I would be a bit worried that they might contain a virus. You can also try to retranscode them with ffmpeg, not sure how this will work with infected files though, but maybe worth researching.

  • Gresham's Law@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    The filetype: parameter can be used in most search engines, query can specify the file type you want to search for.
    For example, if you would like to search for MKV files related to a particular topic, you could use the following query:

    ”topic name” filetype:MKV

    This will return only results that are MKV and contain the keyword “topic name”.

    You can also use other parameters like site:, inurl: or intitle: along with filetype to narrow down your search even further.