I'm visiting an unknown and possibly malicious website. Lots of them. Python's requests do not run javascript. Can I get infected? Should I consider using a virtual machine?
Asked
Active
Viewed 1,432 times
1 Answers
2
No, merely downloading HTTP data won't install a virus.
A virus needs to be activated too, and requests doesn't do anything with the downloaded data for that to happen. Normally, a virus uses bugs in the browser (or more commonly, a plugin in the browser) to trigger code execution, or by tricking the user into executing the downloaded file. For example, bugs in the Flash player executing a Flash file could be used to run arbitrary code, or the user is tricked into believing they downloaded a document but it is really an executable program.
Martijn Pieters
- 1,048,767
- 296
- 4,058
- 3,343
-
1Is there something or somewhere I can read to find out the majority of ways I can get infected? Maybe some book or an article or paper? What about drive-by attacks? – userqwerty1 Jan 08 '17 at 14:01
-
Probably, but I don't know what to recommend. I'd start with a search for "how do computer viruses work" and go from there. – Martijn Pieters Jan 08 '17 at 14:02
-
@userqwerty1 [SE.security](https://security.stackexchange.com) has a wealth of information and expertise. – PM 2Ring Jan 08 '17 at 14:12
-
@PM2Ring thanks, looking into it now. Well, paranoia, here I come! – userqwerty1 Jan 08 '17 at 14:19