I have setup a reverse proxy with mwg7.2 31253 build. My website does not have have any upload link so i cannot upload a virus on it. How can i show to my mamangement that antimalware is working by showing them some notification message. Do you guys have some testing exe which can do this to proof that my internal web servers are protected? OR any other alternatives to test the same?
Put a very very simple form on the site with the HTML:
<FORM METHOD="POST" ENCTYPE="multipart/form-data" >
<INPUT Type="FILE" SIZE="40" NAME="FILE1"><BR>
<INPUT TYPE=SUBMIT VALUE="Upload!">
When you upload an infected file, the web server will give an error, but the reverse proxy should catch it and present a block page before the file gets to the web server.
Do you not have any page that accepts a POST command and a multipart/form-data upload?
You could try an unsolicited POST of a test virus like eicar to the site from the outside.
download eicar.com to the attack machine and run curl:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
It's like throwing a ball up against a wall, but MWG should catch it before it hits the wall.
I am trying to send the virus via curl but getting error:
i have downloaded curl from curl.haxx.se/download.html using download wizard for windows.
It had an exe that i am running using cli...
My mwg is deployed in transparent switch mode....
From where can i download fully working curl which is supported on windows 7 or XP.. Please advice!
oops! the images didn't come...i'll text it this time
ERROR: c:\Windows\system32\LIBEAY#@.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the orignal installation media or contact your system administrator or the software vendor for support.
I tried few binaries but all had some or the other problem..
One other easy thing could be reverse proxy https://www.csm-testcenter.org, just change the hosts file on your windows to reflect MWG as being this particular host. Then open http://www.csm-testcenter.org/test?do=show&subdo=common&test=file_upload and you should be able to upload an eicar file and show detection, or a word document, where media type filtering triggers, etc.