mirror of
https://github.com/gchq/CyberChef
synced 2025-01-25 02:35:02 +00:00
Added detection patterns for UNIX timestamps, Zlib deflate, Gzip, Zip and Bzip2.
This commit is contained in:
parent
48f8ca693d
commit
615a020469
2 changed files with 59 additions and 34 deletions
|
@ -2708,12 +2708,27 @@ const OperationConfig = {
|
||||||
value: DateTime.UNITS
|
value: DateTime.UNITS
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^1?\\d{9}$",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: ["Seconds (s)"]
|
||||||
//},
|
},
|
||||||
|
{
|
||||||
|
match: "^1?\\d{12}$",
|
||||||
|
flags: "",
|
||||||
|
args: ["Milliseconds (ms)"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
match: "^1?\\d{15}$",
|
||||||
|
flags: "",
|
||||||
|
args: ["Microseconds (μs)"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
match: "^1?\\d{18}$",
|
||||||
|
flags: "",
|
||||||
|
args: ["Nanoseconds (ns)"]
|
||||||
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"To UNIX Timestamp": {
|
"To UNIX Timestamp": {
|
||||||
|
@ -3009,12 +3024,12 @@ const OperationConfig = {
|
||||||
value: Compress.INFLATE_VERIFY
|
value: Compress.INFLATE_VERIFY
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^\\x78(\\x01|\\x9c|\\xda|\\x5e)",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: [0, 0, "Adaptive", false, false]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Gzip": {
|
"Gzip": {
|
||||||
|
@ -3051,12 +3066,12 @@ const OperationConfig = {
|
||||||
inputType: "byteArray",
|
inputType: "byteArray",
|
||||||
outputType: "byteArray",
|
outputType: "byteArray",
|
||||||
args: [],
|
args: [],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^\\x1f\\x8b\\x08",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: []
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Zip": {
|
"Zip": {
|
||||||
|
@ -3114,12 +3129,12 @@ const OperationConfig = {
|
||||||
value: Compress.PKUNZIP_VERIFY
|
value: Compress.PKUNZIP_VERIFY
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^\\x50\\x4b(?:\\x03|\\x05|\\x07)(?:\\x04|\\x06|\\x08)",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: ["", false]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Bzip2 Decompress": {
|
"Bzip2 Decompress": {
|
||||||
|
@ -3128,12 +3143,12 @@ const OperationConfig = {
|
||||||
inputType: "byteArray",
|
inputType: "byteArray",
|
||||||
outputType: "string",
|
outputType: "string",
|
||||||
args: [],
|
args: [],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^\\x42\\x5a\\x68",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: []
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Generic Code Beautify": {
|
"Generic Code Beautify": {
|
||||||
|
|
|
@ -225,8 +225,8 @@ const FileType = {
|
||||||
|
|
||||||
if (buf[0] === 0x78 && buf[1] === 0x01) {
|
if (buf[0] === 0x78 && buf[1] === 0x01) {
|
||||||
return {
|
return {
|
||||||
ext: "dmg",
|
ext: "dmg, zlib",
|
||||||
mime: "application/x-apple-diskimage"
|
mime: "application/x-apple-diskimage, application/x-deflate"
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -434,8 +434,11 @@ const FileType = {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
// Added by n1474335 [n1474335@gmail.com] from here on
|
/**
|
||||||
// ################################################################## //
|
*
|
||||||
|
* Added by n1474335 [n1474335@gmail.com] from here on
|
||||||
|
*
|
||||||
|
*/
|
||||||
if ((buf[0] === 0x1F && buf[1] === 0x9D) || (buf[0] === 0x1F && buf[1] === 0xA0)) {
|
if ((buf[0] === 0x1F && buf[1] === 0x9D) || (buf[0] === 0x1F && buf[1] === 0xA0)) {
|
||||||
return {
|
return {
|
||||||
ext: "z, tar.z",
|
ext: "z, tar.z",
|
||||||
|
@ -524,6 +527,13 @@ const FileType = {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (buf[0] === 0x78 && (buf[1] === 0x01 || buf[1] === 0x9C || buf[1] === 0xDA || buf[1] === 0x5e)) {
|
||||||
|
return {
|
||||||
|
ext: "zlib",
|
||||||
|
mime: "application/x-deflate"
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue