Troubleshoot Is my current VM secure? (SOLVED)

[NullPointerException]

Any chance I'll get infected if I test malware on my VM?
Config :
Boots from an ISO. Windows XP SP3 x32. Unpatched.
Sharing Clipboard Disabled.
Drag n' Drop Disabled.
Enable VT-x/AMD-x : Enabled.
Enable Nested Paging : Enabled.
Network Attached to NAT.
Cable Connected (ticked)
Promiscuous Mode : Disabled
Shared Folders :
"Machine Folders"
"Transient folders"

OP's Edit : Marked as solved.

 

[Cch123]

You may get infected if the malware happens to be targeting a vulnerability in your VM. Possible but highly unlikely.

 

[NullPointerException]

But no direction infecting (i.e. fault in my config), right?

 

[Cch123]

But no direction infecting (i.e. fault in my config), right?

Looks okay to me, but this is coming from a non expert in VM. Perhaps a more knowledgeable member can reply better

 

[illumination]

It is through direct relationships between the client and the host machine that may exist a chance of getting infected. This happens if you allow the client and the host to "Share Folders".

Hypothetically, breaking out of the virtualized environment IS possible, although extremely unlikely.

 

[NullPointerException]

It is through direct relationships between the client and the host machine that may exist a chance of getting infected. This happens if you allow the client and the host to "Share Folders".

Hypothetically, breaking out of the virtualized environment IS possible, although extremely unlikely.

That's the defailt config. I didn't change anything. I think those "shared" folders are required by Virtualbox.

 

[illumination]

That's the defailt config. I didn't change anything. I think those "shared" folders are required by Virtualbox.

That's the defailt config. I didn't change anything. I think those "shared" folders are required by Virtualbox.

I am running virtualbox right now, and by default there are no shared folders in any of my guest machines nor clones.

 

[Cch123]

I personally find those folders not an issue. Yes, a malware can save itself there, but it won't be able to run on your actual machine without escaping the VM, or unless you click on the malware file yourself in the actual machine.

 

[illumination]

I personally find those folders not an issue. Yes, a malware can save itself there, but it won't be able to run on your actual machine without escaping the VM, or unless you click on the malware file yourself in the actual machine.

Exactly why i stated above "may exist a chance", the OP asked, so i replied

 

[NullPointerException]

Click on your VM, click on settings, and you'll see a "Shared Folders" category. There are two "shared" folders, or were they paths?
Nvm. I'll just give the screenshot.

 

[illumination]

Ok, we have narrowed down the difference for those reading, i am running Virtualbox on Linux, and the OP is using windows.

 

[KelvinW4]

Yes, there is always a chance that there is a break out but finding one would be like a million in one. I would probably not worry about it. Make sure you have set your network to NAT and not have an escape point via shared folders.

 

[MalwareT]

Set shared folder to "Read-Only".

 

[illumination]

Set shared folder to "Read-Only".

We continued this convo via PM and found that they were set to readonly by default, so he is good to go.

 

[jen900]

well You'll be infected on that config

 

[illumination]

well You'll be infected on that config

Can you elaborate why you believe he would become infected with this config?

 

[MalwareT]

We continued this convo via PM and found that they were set to readonly by default, so he is good to go.

Ok, thanks

 

[NullPointerException]

Yes, there is always a chance that there is a break out but finding one would be like a million in one. I would probably not worry about it. Make sure you have set your network to NAT and not have an escape point via shared folders.

I understand the exploits behind the VM ; since no software is perfect. But it's 99.9% safe, so I shouldn't worry.