WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Content monitorting in Application Security

From: Martin Mačok <martin.macok () underground cz>
Date: Mon, 10 Jan 2005 10:35:58 +0100
On Sun, Jan 09, 2005 at 04:22:35PM -0500, Ofer Shezaf wrote:


Do you think that matching extension and content type header would be
enough? If no, are you aware of any technology to determine a file type
according to its content?


Name        : file
URL         : ftp://ftp.gw.com/mirrors/pub/unix/file/
Summary     : A utility for determining file types.

Description :
The file command is used to identify a particular file according to the
type of data contained by the file.  File can identify many different
file types, including ELF binaries, system libraries, RPM packages, and
different graphics formats.

% file *.*
activity.png:           PNG image data, 598 x 639, 8-bit/color RGB, non-interlaced
apache_chunked.nasl:    ISO-8859 English text
eicar.com:              ASCII text, with no line terminators
hadi.scr:               MS Windows PE 32-bit Intel 80386 GUI executable
hadi.zip:               Zip archive data, at least v2.0 to extract
japanesesubway.wmv:     Microsoft ASF
jihlava-praha.ps:       PostScript document text conforming at level 3.0
music.mp3:              MP3 file with ID3 version 2.3.0 tag
Ricany-info.pdf:        PDF document, version 1.4
ssl-lwp.pl:             a /usr/bin/perl -w script text executable
upgrade.sh:             Korn shell script text executable


Martin Mačok
ICT Security Consultant
Previous By Date Next
Previous By Thread Next

Current thread: