We use cookies to ensure you get the best experience on our website
ホーム エクスプローラ ヘルプ
登録 サインイン
0ct0pu5
/
CyberChef
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 369b640408
ブランチ タグ
CyberChef
/
src
/
core
/
operations
/
ScanForEmbeddedFiles.mjs

ScanForEmbeddedFiles.mjs 2.5 KB
履歴 Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. /**
    2. 

  2.  * @author n1474335 [n1474335@gmail.com]
    3. 

  3.  * @copyright Crown Copyright 2016
    4. 

  4.  * @license Apache-2.0
    5. 

  5.  */
    6. 

  6. 

  7. import Operation from "../Operation";
    8. 

  8. import Utils from "../Utils";
    9. 

  9. import {scanForFileTypes} from "../lib/FileType";
    10. 

  10. import {FILE_SIGNATURES} from "../lib/FileSignatures";
    11. 

  11. 

  12. /**
    13. 

  13.  * Scan for Embedded Files operation
    14. 

  14.  */
    15. 

  15. class ScanForEmbeddedFiles extends Operation {
    16. 

  16. 

  17.     /**
    18. 

  18.      * ScanForEmbeddedFiles constructor
    19. 

  19.      */
    20. 

  20.     constructor() {
    21. 

  21.         super();
    22. 

  22. 

  23.         this.name = "Scan for Embedded Files";
    24. 

  24.         this.module = "Default";
    25. 

  25.         this.description = "Scans the data for potential embedded files by looking for magic bytes at all offsets. This operation is prone to false positives.<br><br>WARNING: Files over about 100KB in size will take a VERY long time to process.";
    26. 

  26.         this.infoURL = "https://wikipedia.org/wiki/List_of_file_signatures";
    27. 

  27.         this.inputType = "ArrayBuffer";
    28. 

  28.         this.outputType = "string";
    29. 

  29.         this.args = Object.keys(FILE_SIGNATURES).map(cat => {
    30. 

  30.             return {
    31. 

  31.                 name: cat,
    32. 

  32.                 type: "boolean",
    33. 

  33.                 value: cat === "Miscellaneous" ? false : true
    34. 

  34.             };
    35. 

  35.         });
    36. 

  36.     }
    37. 

  37. 

  38.     /**
    39. 

  39.      * @param {ArrayBuffer} input
    40. 

  40.      * @param {Object[]} args
    41. 

  41.      * @returns {string}
    42. 

  42.      */
    43. 

  43.     run(input, args) {
    44. 

  44.         let output = "Scanning data for 'magic bytes' which may indicate embedded files. The following results may be false positives and should not be treat as reliable. Any suffiently long file is likely to contain these magic bytes coincidentally.\n",
    45. 

  45.             numFound = 0;
    46. 

  46.         const categories = [],
    47. 

  47.             data = new Uint8Array(input);
    48. 

  48. 

  49.         args.forEach((cat, i) => {
    50. 

  50.             if (cat) categories.push(Object.keys(FILE_SIGNATURES)[i]);
    51. 

  51.         });
    52. 

  52. 

  53.         const types = scanForFileTypes(data, categories);
    54. 

  54. 

  55.         if (types.length) {
    56. 

  56.             types.forEach(type => {
    57. 

  57.                 numFound++;
    58. 

  58.                 output += "\nOffset " + type.offset + " (0x" + Utils.hex(type.offset) + "):\n" +
    59. 

  59.                     "  File extension: " + type.fileDetails.extension + "\n" +
    60. 

  60.                     "  MIME type:      " + type.fileDetails.mime + "\n";
    61. 

  61. 

  62.                 if (type.fileDetails.description && type.fileDetails.description.length) {
    63. 

  63.                     output += "  Description:    " + type.fileDetails.description + "\n";
    64. 

  64.                 }
    65. 

  65.             });
    66. 

  66.         }
    67. 

  67. 

  68.         if (numFound === 0) {
    69. 

  69.             output += "\nNo embedded files were found.";
    70. 

  70.         }
    71. 

  71. 

  72.         return output;
    73. 

  73.     }
    74. 

  74. 

  75. }
    76. 

  76. 

  77. export default ScanForEmbeddedFiles;
    78.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5