[TriLUG] Scanning for executables
jonc
jonc at nc.rr.com
Wed Jan 4 08:40:53 EST 2006
Jim,
You can do the equivalent of a "strings" command against the file -
treating it as a streaming binary file. Look for a few specific binary
sequences near the very beginning of the stream and that will tag the
file as a binary.
I don't know what the sequences you need to look for are, but I've done
similar things in the past - hacking executables to change specific
initialization data - and I've always noticed that the beginning
sequences of executables are very similar.
Good luck - Jon
On Tue, 2006-01-03 at 14:00, James Tuttle wrote:
> I'm scripting a process to look through random GIS data and search for,
> among other things, files that are executable so that they can be
> removed. I first thought of searching for specific extensions, but
> extensions aren't a reliable indication of file type. Permissions won't
> work either, of course. If anyone has any suggestions to offer, I'd be
> grateful. I'm writing in Python in Linux, but the data will be moved to
> Solaris and Windows environments.
>
> Thanks,
> Jim
>
> --
> -------------------------
>
> Jim Tuttle
> Geospatial Data Librarian
> North Carolina State University Libraries
> Phone:919.513.0651 Fax: 919.513.3553 Jim_Tuttle at ncsu.edu
>
> PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
More information about the TriLUG
mailing list