Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
B
binwalk
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-gitdep
binwalk
Commits
9f384a32
Commit
9f384a32
authored
May 09, 2014
by
devttys0
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improved CPIO signature
parent
a7e4b1ca
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
21 additions
and
13 deletions
+21
-13
binwalk
src/binwalk/magic/binwalk
+0
-0
archives
src/magic/archives
+21
-13
No files found.
src/binwalk/magic/binwalk
View file @
9f384a32
No preview for this file type
src/magic/archives
View file @
9f384a32
...
@@ -139,33 +139,41 @@
...
@@ -139,33 +139,41 @@
# character-header formats and thus are strings, not numbers.
# character-header formats and thus are strings, not numbers.
#0 string 070707 ASCII cpio archive (pre-SVR4 or odc)
#0 string 070707 ASCII cpio archive (pre-SVR4 or odc)
# WARNING: The jump-to-offset value in the ASCII
s
pio signatures below is a terrible hack.
# WARNING: The jump-to-offset value in the ASCII
c
pio signatures below is a terrible hack.
# This keyword is not intended to be passed a string (%s), and doing so can open
# This keyword is not intended to be passed a string (%s), and doing so can open
# up the possibility of keyword injection by a malicious file. This works here though, because:
# up the possibility of keyword injection by a malicious file. This works here though, because:
#
#
# 1) It would result in an invalid CPIO file (invalid size)
# 1) It would result in an invalid CPIO file (invalid size)
#
2) All valid keywords require more than 8 bytes, so a valid one can't be
# 2) All valid keywords require more than 8 bytes, so a valid one can't be
#
injected in the %.11
s field.
#
injected in the %.8
s field.
0 string
070701
ASCII cpio archive (SVR4 with no CRC),
0 string
070701
ASCII cpio archive (SVR4 with no CRC),
>110 byte 0 invalid
>110 byte 0 invalid
#>110 byte !0x2F
#>110 byte !0x2F
#>>110 string !TRAILER!!! invalid
#>>110 string !TRAILER!!! invalid
>94 byte <0x30 invalid
>94 byte >0x66 invalid
>54 byte <0x30 invalid
>54 byte >0x66 invalid
>110 string x file name: "%s",
>110 string x file name: "%s",
>94 string x file name length: "0x%.8s",
>94
string x file name length: "0x%.8s",
>54 string x file size: "0x%.8s"
>54
string x file size: "0x%.8s"
>54 string x {jump-to-offset:0x%.8s+110+
>54
string x {jump-to-offset:0x%.8s+110+
>94 string x \b0x%.8s}
>94
string x \b0x%.8s}
0 string
070702
ASCII cpio archive (SVR4 with CRC)
0 string
070702
ASCII cpio archive (SVR4 with CRC)
>110 byte 0 invalid
>110 byte 0 invalid
#>110 byte !0x2F
#>110 byte !0x2F
#>>110 string !TRAILER!!! invalid
#>>110 string !TRAILER!!! invalid
>94 byte <0x30 invalid
>94 byte >0x66 invalid
>54 byte <0x30 invalid
>54 byte >0x66 invalid
>110 string x file name: "%s",
>110 string x file name: "%s",
>94 string x file name length: "0x%.8s",
>94
string x file name length: "0x%.8s",
>54 string x file size: "0x%.8s"
>54
string x file size: "0x%.8s"
>54 string x {jump-to-offset:0x%.8s+110+
>54
string x {jump-to-offset:0x%.8s+110+
>94 string x \b0x%.8s}
>94
string x \b0x%.8s}
# HP Printer Job Language
# HP Printer Job Language
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
