[Esd-l] New compressed file extension
John D. Hardin
jhardin at impsec.org
Fri Jan 7 20:36:13 PST 2005
On Fri, 7 Jan 2005, Simon Matthews wrote:
> I don't suppose there is any file magic that could be used to
> detect different forms of archives, rather than relying on a
> possibly incomplete list of extensions?
Yes, the first four bytes of a ZIP file are magic.
I have an idea for how to scan an attachment for the magic and do
zipfile scanning regardless of what the MIME header says it is, but
haven't started working on it yet.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
What nuts do with guns is terrible, certainly. But what evil or crazy
people do with *anything* is not a valid argument for banning that item.
-- John C. Randolph <jcr at idiom.com>
-----------------------------------------------------------------------
More information about the esd-l
mailing list