MagicNumber 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +15 -0
  2. data/lib/magic_number.rb +273 -0
  3. metadata +45 -0
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ ZjU5NWQyNTJjNjA1YWRjYzc3ZWU3MTdjODkxMGRhMTgzZjVlNmYyZA==
5
+ data.tar.gz: !binary |-
6
+ NjgxZjQyZGM2ZDU2NDEwOGY2MGJhYjdmYjk2NzMxOTQzMjVjOWQ3Mg==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ MGQwY2U4ZDI2MzQxOGVjZDQ5ZDA5NDYxZGYxNGIwYjdmNWUxMTRlNTM1OTY3
10
+ Zjg2YzNkZjUyZDcyNWFkZDUyM2MyZmNmYjA0NmU5MWE5YWE5NGVhNmQzOTFk
11
+ MmE4YzllNGFlZjRlNGJiZjM4OWY4MDE3YjU2YmYyMDUwYzYzNTA=
12
+ data.tar.gz: !binary |-
13
+ Njg3NTY3Y2VlNmVjMzM3OTk0ZmU5YzJlMDYwYzNkMmM1Y2I3ZmMwY2JlMmJj
14
+ MDBlYjE2MjQyNzg1M2FkOTYyZWY3YTNkYTY3OTYxNWM2OWQ1MjkxNmEwZDM1
15
+ NzNkMjAxMGY5YmRhMDVlMWNiZjZmMjY5YWUwNTRlMDcxYzg3OTE=
data/lib/magic_number.rb ADDED
@@ -0,0 +1,273 @@
1
+ class MagicNumber
2
+ SIGNATURES = {
3
+ "pdf" => {
4
+ 'sign_begin' => ["25504446"],
5
+ 'length_begin' => [4],
6
+
7
+ 'sign_end' => "0a2525454f460a",
8
+ 'offset_end' => IO::SEEK_END,
9
+ 'length_end' => -7
10
+ },
11
+ "pic" => {
12
+ 'sign_begin' => ["00"],
13
+ 'length_begin' => [1],
14
+ },
15
+ "pif" => {
16
+ 'sign_begin' => ["00"],
17
+ 'length_begin' => [1]
18
+ },
19
+ "sea" => {
20
+ 'sign_begin' => ["00"],
21
+ 'length_begin' => [1]
22
+ },
23
+ "ytr" => {
24
+ 'sign_begin' => ["00"],
25
+ 'length_begin' => [1]
26
+ },
27
+ "dba" => {
28
+ 'sign_begin' => ["BEBAFECA"],
29
+ 'length_begin' => [4]
30
+ },
31
+ "ico" => {
32
+ 'sign_begin' => ["00000100"],
33
+ 'length_begin' => [4]
34
+ },
35
+ "z" => {
36
+ 'sign_begin' => ["1F9D"],
37
+ 'length_begin' => [2]
38
+ },
39
+ "bz2" => {
40
+ 'sign_begin' => ["425A68"],
41
+ 'length_begin' => [3]
42
+ },
43
+ "gif" => {
44
+ 'sign_begin' => ["474946383961", "474946383961"],
45
+ 'length_begin' => [6]
46
+ },
47
+ "tiff" => {
48
+ 'sign_begin' => ["49492A00", "4D4D002A"],
49
+ 'length_begin' => [4]
50
+ },
51
+ "tif" => {
52
+ 'sign_begin' => ["49492A00", "4D4D002A"],
53
+ 'length_begin' => [4]
54
+ },
55
+ "cr2" => {
56
+ 'sign_begin' => ["49492A0010000000"],
57
+ 'length_begin' => [8]
58
+ },
59
+ "jpg" => {
60
+ 'sign_begin' => ["FFD8FFDB", "FFD8FFE0nnnn4A4649460001", "FFD8FFE1nnnn457869660000"],
61
+ 'length_begin' => [4, 12, 12]
62
+ },
63
+ "jpeg" => {
64
+ 'sign_begin' => ["FFD8FFDB", "FFD8FFE0nnnn4A4649460001", "FFD8FFE1nnnn457869660000"],
65
+ 'length_begin' => [4, 12, 12]
66
+ },
67
+ "exe" => {
68
+ 'sign_begin' => ["4D5A"],
69
+ 'length_begin' => [2]
70
+ },
71
+ "zip" => {
72
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
73
+ 'length_begin' => [4]
74
+ },
75
+ "jar" => {
76
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
77
+ 'length_begin' => [4]
78
+ },
79
+ "docx" => {
80
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
81
+ 'length_begin' => [4]
82
+ },
83
+ "xlsx" => {
84
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
85
+ 'length_begin' => [4]
86
+ },
87
+ "pptx" => {
88
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
89
+ 'length_begin' => [4]
90
+ },
91
+ "vsdx" => {
92
+ 'sign_begin' => ["504B0304", "504B0506", "504B0708"],
93
+ 'length_begin' => [4]
94
+ },
95
+ "rar" => {
96
+ 'sign_begin' => ["526172211A0700", "526172211A070100"],
97
+ 'length_begin' => [7, 8]
98
+ },
99
+ "png" => {
100
+ 'sign_begin' => ["89504E470D0A1A0A"],
101
+ 'length_begin' => [8]
102
+ },
103
+ "class" => {
104
+ 'sign_begin' => ["CAFEBABE"],
105
+ 'length_begin' => [4]
106
+ },
107
+ "asf" => {
108
+ 'sign_begin' => ["3026B2758E66CF11", "A6D900AA0062CE6C"],
109
+ 'length_begin' => [8]
110
+ },
111
+ "ogg" => {
112
+ 'sign_begin' => ["4F676753"],
113
+ 'length_begin' => [4]
114
+ },
115
+ "oga" => {
116
+ 'sign_begin' => ["4F676753"],
117
+ 'length_begin' => [4]
118
+ },
119
+ "ogv" => {
120
+ 'sign_begin' => ["4F676753"],
121
+ 'length_begin' => [4]
122
+ },
123
+ "psd" => {
124
+ 'sign_begin' => ["38425053"],
125
+ 'length_begin' => [4]
126
+ },
127
+ "wav" => {
128
+ 'sign_begin' => ["52494646nnnnnnnn", "57415645"],
129
+ 'length_begin' => [8, 4]
130
+ },
131
+ "avi" => {
132
+ 'sign_begin' => ["52494646nnnnnnnn", "41564920"],
133
+ 'length_begin' => [8,4]
134
+ },
135
+ "mp3" => {
136
+ 'sign_begin' => ["FFFB", "494433"],
137
+ 'length_begin' => [2,3]
138
+ },
139
+ "bmp" => {
140
+ 'sign_begin' => ["424D"],
141
+ 'length_begin' => [2]
142
+ },
143
+ "iso" => {
144
+ 'sign_begin' => ["4344303031"],
145
+ 'length_begin' => [5]
146
+ },
147
+ "flac" => {
148
+ 'sign_begin' => ["664C6143"],
149
+ 'length_begin' => [4]
150
+ },
151
+ "mid" => {
152
+ 'sign_begin' => ["4D546864"],
153
+ 'length_begin' => [12]
154
+ },
155
+ "midi" => {
156
+ 'sign_begin' => ["4D546864"],
157
+ 'length_begin' => [12]
158
+ },
159
+ "doc" => {
160
+ 'sign_begin' => ["D0CF11E0A1B11AE1"],
161
+ 'length_begin' => [8]
162
+ },
163
+ "xls" => {
164
+ 'sign_begin' => ["D0CF11E0A1B11AE1"],
165
+ 'length_begin' => [8]
166
+ },
167
+ "ppt" => {
168
+ 'sign_begin' => ["D0CF11E0A1B11AE1"],
169
+ 'length_begin' => [8]
170
+ },
171
+ "msg" => {
172
+ 'sign_begin' => ["D0CF11E0A1B11AE1"],
173
+ 'length_begin' => [8]
174
+ },
175
+ "vmdk" => {
176
+ 'sign_begin' => ["4B444D"],
177
+ 'length_begin' => [3]
178
+ },
179
+ "crx" => {
180
+ 'sign_begin' => ["43723234"],
181
+ 'length_begin' => [4]
182
+ },
183
+ "fh8" => {
184
+ 'sign_begin' => ["41474433"],
185
+ 'length_begin' => [4]
186
+ },
187
+ "dmg" => {
188
+ 'sign_begin' => ["7801730D626260"],
189
+ 'length_begin' => [7]
190
+ },
191
+ "tar" => {
192
+ 'sign_begin' => ["7573746172003030", "7573746172202000"],
193
+ 'length_begin' => [8,8]
194
+ },
195
+ "mkv" => {
196
+ 'sign_begin' => ["1A45DFA3"],
197
+ 'length_begin' => [4]
198
+ },
199
+ "mka" => {
200
+ 'sign_begin' => ["1A45DFA3"],
201
+ 'length_begin' => [4]
202
+ },
203
+ "mks" => {
204
+ 'sign_begin' => ["1A45DFA3"],
205
+ 'length_begin' => [4]
206
+ },
207
+ "mk3d" => {
208
+ 'sign_begin' => ["1A45DFA3"],
209
+ 'length_begin' => [4]
210
+ },
211
+ "webm" => {
212
+ 'sign_begin' => ["1A45DFA3"],
213
+ 'length_begin' => [4]
214
+ }
215
+ }
216
+
217
+ def self.get_signature(ext)
218
+ return SIGNATURES[ext]
219
+ end
220
+
221
+
222
+ # @see https://en.wikipedia.org/wiki/List_of_file_signatures
223
+ # @since 0.0.1
224
+ # @param [String] file_path Path to analyzable file
225
+ # @return [boolean] wether the file content is in accordance with the extension
226
+ def self.is_real?(file_path)
227
+ file = File.new(file_path, 'r')
228
+ signature = MagicNumber.get_signature(file_path.split(".").last.downcase)
229
+
230
+ MagicNumber.check_begin_sign(file, signature)
231
+ MagicNumber.check_end_sign(file, signature)
232
+
233
+ file.close
234
+ end
235
+
236
+ def self.check_begin_sign(file, signature)
237
+ if signature.has_key?("sign_begin")
238
+ i = 0
239
+ while i < signature['sign_begin'].count
240
+ sign = MagicNumber.read_beginning_bytes(file, signature['length_begin'][i])
241
+ return true if (sign == signature['sign_begin'][i])
242
+ i += 1
243
+ end
244
+
245
+ return false
246
+ else
247
+ return true
248
+ end
249
+ end
250
+
251
+ def self.check_end_sign(file, signature)
252
+ if signature.has_key?("sign_end")
253
+ sign = MagicNumber.read_end_bytes(file, signature['offset_end'], signature['length_end'])
254
+ return (sign == signature['sign_end'])
255
+ else
256
+ return true
257
+ end
258
+ end
259
+
260
+
261
+
262
+ def self.read_beginning_bytes(file, length)
263
+ file.rewind
264
+ return file.readpartial(length).unpack("H*").first
265
+ end
266
+
267
+ def self.read_end_bytes(file, offset, length)
268
+ file.seek(length, offset)
269
+ return file.read.unpack("H*").first
270
+ end
271
+ end
272
+
273
+
metadata ADDED
@@ -0,0 +1,45 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: MagicNumber
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Adrian Fernandez Lopez
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-05-04 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Detect fake file types using magic numbers
14
+ email: adrian@adrian-fernandez.net
15
+ executables: []
16
+ extensions: []
17
+ extra_rdoc_files: []
18
+ files:
19
+ - lib/magic_number.rb
20
+ homepage: https://github.com/adrian-fernandez/magic_number
21
+ licenses:
22
+ - MIT
23
+ metadata: {}
24
+ post_install_message:
25
+ rdoc_options: []
26
+ require_paths:
27
+ - lib
28
+ required_ruby_version: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - ! '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ required_rubygems_version: !ruby/object:Gem::Requirement
34
+ requirements:
35
+ - - ! '>='
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ requirements: []
39
+ rubyforge_project:
40
+ rubygems_version: 2.2.2
41
+ signing_key:
42
+ specification_version: 4
43
+ summary: Detect fake file types using magic numbers
44
+ test_files: []
45
+ has_rdoc: