Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am working on a project that will involve file upload to a server. I am interested in understanding what kinds of files virus writers currently tend to target. I am aware of the following threads:
How would you programmatically test a file for viruses ?
ensuring uploaded files are safe
How can I determine a file’s true extension/type programatically?
Server side virus scanning
But am interested in general in finding out about common attack vectors.
All of them. There aren't any "safe" file types when a JPG image can infect you with a virus and you can even trick the browser to execute JavaScript in any file no matter its declared type.
But the biggest and most widespread danger doesn't even involve uploaded files - ANY text that is entered by users and displayed on your page is a potential vector of Cross-Site-Scripting attacks.
I ran an "upload file" form for a little while and a few things I found:
All sorts of PHP scripts (shells, redirects, various "owned by $LAMER", you name it)
I think I had a few browser exploits (.html, .jpgs)
A bunch of files with the wrong extensions (ie, PHP scripts with the extension .rar, hoping that the server's mime-type guesser did the wrong thing)
Zip files full of all of the above
Anyway, those are just a few things I found. Hope they are helpful.
.exe and .scr are most common filetypes. Also, there are "tricks" with double extensions like readme.txt.scr or readme.doc.exe
exe is probably the most common
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I am appending my installer name with the version number, as in "progname_setup_1.1.5678.9101.exe". I like it because it makes it easy for me to track and for the user to identify it from prior downloads. This is an Inno Setup build of .net. And it is signed (if that matters).
That means the file name will change with each update. Will this practice increase the chances of false positive flags by antivirus software. If I kept the same file name (e.g., progname_setup.exe), perhaps the file would get a chance to build a reputation, even though version numbers would change inside. Or maybe antivirus doesn't work like that at all.
So, what is the best approach for file naming regarding antivirus: progname_setup_1.1.5678.9101.exe, progname_setup.exe, or it doesn't matter?
I really can't speak for "all" anti virus engines but the good ones really don't use the file name as an indicator of anything because it's just too unreliable. Think about it, if an AV definition file said, "FOO.EXE == Malicious Virus" all the malware writer would have to do is constantly change the file name.
AV engines, at least the good ones, work by looking for bit patterns inside the body of the file; usually specific bit patterns that can exist anywhere in the file. Now, you don't have to take my word for it, check out the CLAMAv signature database docs and you will see that "file name" or any other file metadata (like size, perms, etc) are not even something you can specify in a signature.
https://github.com/vrtadmin/clamav-devel/blob/master/docs/signatures.pdf
You can also run your samples via scanii's web scanning tool https://scanii.com/free-virus-scan/ if you would like to be certain that they should not trigger a false positive - disclaimer scanii is my pet project.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
So I recently changed jobs and I brought a bunch of files with me off my OS X 10.7 system. I had way too many files than could fit on the external drive I had, so I had tried dragging select files onto the drive, which gave me eventual repeated errors, so instead I used:
tar -zcvf whatever.tar.gz my_files
and then dragged the gzipped tarball onto the drive and that worked just fine. Now however, on my new Mavericks 10.9 system, I just tried to open a rich text file (that I'd created in Text Edit on 10.7) and I get the error:
'The document "_lab_notebook_2.rtf" could not be opened.'
I called Apple about this and they claimed that gzip was adding "the command line" to the metadata of the file (I assume the rich text file - though I could be wrong) and that metadata chunk is incompatible with Text Edit in Mavericks. They said that they have a request in with the gzip developers to address this issue (by stripping out the added metadata at some point along the way). Eventually, they say once that is updated, it will be in a new system update.
In the meantime, I'm stuck with a file that Text Edit can't open. I can open the file in other text editors, but I really would rather use Apple's Text Edit, hence this post. I tried opening a copy of the file with Rezilla and I can see the metadata in coded form, but nothing's jumping out at me as the offending data. I even tried removing each resource 1 by 1 and trying to open the file after each removal, but it still would not open.
Does anyone have any hints as to how to strip out whatever it is that gzip added? Am I even working from the correct starting point? They said that the data was added during the zip-up of the file, and I no longer have access to the original. Should I be working with the .tar.gz file or the .rtf file that was contained there-in?
Thanks,
Rob
The file you are trying to open, _lab_notebook_2.rtf might not be the file. (Are you sure it doesn't have a dot before the underscore, i.e. ._lab_notebook_2.rtf?) It may be the resource fork of the actual file, where the actual file would be named lab_notebook_2.rtf.
I don't know who you talked to at Apple, but gzip doesn't add anything to anything. It is simply a lossless compression and decompression utility. They certainly haven't contacted me about it (I am one of the gzip developers). Please look up my contact information, e.g on zlib.net, and copy that email to me. Thanks.
tar on the other hand may not be preserving all of the information that was on the original file system, or storing resource forks as ._ files, depending on what you asked it to do. It would have been better if you had used the Finder File:Compress operation, which preserves all of that information. (Or on the command line, the ditto utility with the options noted in its man page to duplicate what Finder does.)
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I am working on a large project with thousands of java files, original author of project used some custom formatting to format java file which we don't have now, I tried to create a similar format in eclipse but it did't worked for me because there is still many differences, after writing code when i do press Ctrl+Shift+F it formats the document, but main problem comes when we have to merge file or compare with previous SVN version of file, because formatting of file changes, SVN shows thousands of changes which are not even true changes, and it even become impossible to merge it properly, What i want if i could extract format XML by giving my java file is it possible , Reverse engineering.
I don't know a way to reverse engineer a XML file from your code, but here is what you can certainly do:
Check out the code and freeze the trunk so that noone else can commit the code
Apply whatever formatting rules you want to apply - and apply this across your codebase
Once you have done formatting changes- do whatever sanity checks you do before committing code (Like build, basic tests etc.)
Now commit this code as "Formatting changes only- NO CODE CHANGED" - that way you have a logical commit of only formatting changes
Now ask other developers to update their codebase. Thus you will have changed to new formatting rules without affecting anything.
Also whatever rules you have in XML - ask other developers to implement in their IDE - so future commits are consistent in style and formatting.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 1 year ago.
Improve this question
I'm interested in an online application like the tool that comes with XCode, that shows the keys and values as rows, in an editable manner and handles xml plists (I don't care if it handles binary ones as well).
So, I was wondering the exact same thing, and when I saw this question and its answer, I said "Screw it, I'm making one!" And so I did. Two days later, here's my answer to you:
http://tustin2121.github.io/jsPlistor/
jsPListor (version 1 as of Aug 8th, 2013) will allow you to paste in the contents of an xml plist into it (via the Import button) and edit it with drag and drop and the like. When you're done, hit Export and it will package it all up into a valid plist for you to copy and paste back into the file.
There's still some bugs and glaring vacancies (like the Data Editing Dialog), but it functions. Future versions will attempt to allow saving via html5 download, and loading of files into data rows.
Feel free to examine, contribute, and submit bugs at the github repo: https://github.com/tustin2121/jsPlistor
I have resigned myself to the fact that there probably isn't one I will ever find. What I have found, however, is that JSON format and text PList format are very similar, and there are plenty of JSON editors available online and for windows and mac both. It may not be suitable for your needs, but it suited my needs just fine. By using nothing more than a couple of find & replaces in Notepad you can get 90% of the way to a plist file. The only big issue is semicolons vs. commas.
If you're working on a small enough file, that could be done manually. With larger files, a simple utility app to convert JSON to PList files would probably be pretty simple to whip up if you've got the urge.
Again, this all applies only to text formatted plist files. Most plist editors on mac at least can save a plist in text format.
There's Plistinator - its a native C++/Qt app for Mac, Windows and Linux desktop. So not an online tool, but it is at least portable and runs cross-platform (in case that is what the request for a web-based editor was about).
I'm not sure if the JS version handles binary files (Plistinator does). If you have a Mac you could edit them via the JS editor if you convert binary to XML via
plutil -convert xml myfile.plist
Note that will over-write myfile.plist with the XML version, which may not represent all the same information that the binary version can.
Full-disclosure: I am the author of Plistinator and the $12.99 goes to pay for my ramen & rent.
I don't think there are any plist editors online, at least not as functional as Plist Editor with Xcode.
You could use an online XML-editor, like Xmlia2.0, and code it yourself.
Why would you ever want an online tool for editing XML-files when you've got Plist Editor from xcode?
I wrote one once back in the day (for the old non-XML plist files). The structure is very regular, so it's not hard to create something that looks and acts more or less like the XCode plist editor.
I don't know off-hand of any online XML editors, but they must exist. Given a DTD-savvy XML editor, you ought to be able to edit plist files pretty easily.
Any web app that accepts .txt documents will edit plists just fine. Likewise for .xml
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
Does anyone know of any notepad++ plugin that saves a version of whatever I'm working on periodically? Ideally, it would save many versions with the automatic version number and the date in the title, and perhaps store them in a zipped archive to save space.
Does something like this exist already, or shold I attempt to write such a plugin myself?
Thanks,
Cameron
P.S. It should be freeware or (preferably) open-source.
Settings > Preferences > Backup tab > Click Verbose Backup
This will time stamp a copy of your file every time you save.
Update:
AutoSave allows to automatically save the currently open files based on a timer schedule (default is 1 min) and/or upon the application losing focus. The plugin offers a couple of options to save the current (or all the files), selecting only the named ones, accessible through a menu.
[Via Lifehacker]
Update2:
BEWARE: If the Custom Backup Directory you set to is deleted/moved, then the backups won't happen! No error is thrown notifying you of the dead link!
You might be better off looking into something closer to "real" version control - Mercurial, perhaps. It doesn't require a server, and it's really easy to set up.
To automate it, you could turn on autosave in Notepad++, and set up a windows scheduled task to do an hg commit every few minutes.
It seems that you are a Windows user, so you have an option of using shadow copies, but copies are probably not generated often enough.
IntelliJ Idea and some other Java IDEs have local history feature.
I personally use TortoiseSVN and svn server on Dreamhost. This had additional benefit of having my files stored off-site in case of disaster.