Detect archive type
I have an archive without extension, how i can detect the file format?
Begin of file (screenshot):
Begin of file (text):
ef cd ab 19 14 00 05 00 08 00 1b 8c 2f 34 63 e3
f1 35 68 00 00 00 8c 00 00 00 09 00 00 00 49 4e
44 45 58 2e 53 59 53 90 77 a2 38 fc 2f 53 09 a9
df 40 2d 0f d5 8f 89 2e 2f a1 eb e2 2e a1 9a 02
39 5d ad 4c b1 cc ca e4 e4 ab 83 a6 ef 1d ab 1f
66 b5 fd 2b f5 81 aa 9d b4 19 34 52 f3 24 58 15
45 4a 38 4a c0 84 19 22 6b ad ef 28 e3 89 36 e7
aa e2 aa 64 dd 19 4b 5d 8b 38 7a 15 14 77 a2 7e
f4 e0 be ba f9 bd a3 e5 4e 54 12 c6 47 d6 cc ef
cd ab 19 14 00 05 00 08 00 f4 80 51 4c a4 35 50
85 b4 00 00 00 d9 00 00 00 08 00 00 00 49 4e 46
4f 2e 53 59 53 52 b4 68 91 65 88 05 26 da 72 0a
5f ce a3 8e 2a cc 6d a2 8f 9e 36 d6 fa f8 84 7d
43 0d 95 1b 7c 15 ee 3f ba 43 13 41 7f de 47 f1
3c a6 4f 45 e5 cc 0d 32 1b 7c 62 c2 8d d6 f1 f7
d8 f2 88 14 62 a1 ac 6e 96 e5 85 db bd 82 40 e4
83 a9 88 a8 90 26 89 fd aa b1 85 71 10 30 2a 2d
c2 ce e1 3c 13 4b 3c 13 13 60 e1 76 87 df c4 9b
ef 4f 2a c2 bd 74 14 de 42 d8 f2 77 a1 60 31 fb
72 ec 88 1e 41 72 3c de 2a f0 ac de a3 31 fb ee
11 30 1b f7 fb d8 3b 74 26 b2 56 46 03 a2 b3 7e
87 00 1b 6b 84 c3 ea ae be f0 0c 9c 2f 11 44 74
75 c9 2d 92 c1 ac 24 6a 31 ef cd ab 19 14 00 05
00 08 00 8d a9 47 32 08 85 79 7f f0 00 00 00 22
01 00 00 0c 00 00 00 51 4d 57 57 49 4e 4a 47 2e
for starters there appears to be a pattern in the data you provided
C:\>grep -obUaP "\xef\xcd\xab\x19\x14\x00\x05\x00\x08\x00" bindata
0:ïI«↓¶ ♣
143:ïI«↓¶ ♣
361:ïI«↓¶ ♣
C:\>xxd -g 1 -l 10 -s 0 bindata & xxd -g 1 -l 10 -s 143 bindata & xxd -g 1 -l 10 -s 361 bindata
0000000: ef cd ab 19 14 00 05 00 08 00 ..........
000008f: ef cd ab 19 14 00 05 00 08 00 ..........
0000169: ef cd ab 19 14 00 05 00 08 00 ..........
that is 0x19abcdef as some magic signature may be you can follow it up from here
also there appears to be file names at a constant offset
C:\>xxd -g 1 -l 16 -s 30 bindata & xxd -g 1 -l 16 -s 173 bindata & xxd -g 1 -l 16 -s 391 bindata
000001e: 49 4e 44 45 58 2e 53 59 53 90 77 a2 38 fc 2f 53 INDEX.SYS.w.8./S
00000ad: 49 4e 46 4f 2e 53 59 53 52 b4 68 91 65 88 05 26 INFO.SYSR.h.e..&
0000187: 51 4d 57 57 49 4e 4a 47 2e QMWWINJG.
assuming it is some kind of PKZIP an xxd dumper seems to confirm?? the layout
echo off
set /a qwsize = 8
set /a dwsize = 4
set /a wsize = 2
set /a bsize = 1
set /a signature = %1
set /a version = %signature% + %dwsize%
set /a flags = %version% + %wsize%
set /a Compression = %flags% + %wsize%
set /a ModTime = %compression% + %wsize%
set /a ModDate = %ModTime% + %wsize%
Set /a Crc32 = %ModDate% + %wsize%
set /a CompressedSize = %Crc32% + %dwsize%
set /a UncompressedSize = %CompressedSize% + %dwsize%
set /a FileNameLength = %UncompressedSize% + %dwsize%
set /a ExtraFieldLength = %FileNameLength% + %wsize%
set /a filename = %ExtraFieldLength% + %wsize%
printf "%%20s" "signature " & xxd -g 4 -s %signature% -l %dwsize% bindata &^
printf "%%20s" "version " & xxd -g 2 -s %version% -l %wsize% bindata &^
printf "%%20s" "flags " & xxd -g 2 -s %flags% -l %wsize% bindata &^
printf "%%20s" "Compression " & xxd -g 2 -s %Compression% -l %wsize% bindata &^
printf "%%20s" "ModTime " & xxd -g 2 -s %ModTime% -l %wsize% bindata &^
printf "%%20s" "ModDate " & xxd -g 2 -s %ModDate% -l %wsize% bindata &^
printf "%%20s" "Crc32 " & xxd -g 4 -s %Crc32% -l %dwsize% bindata &^
printf "%%20s" "Compressed_Size " & xxd -g 4 -s %CompressedSize% -l %dwsize% bindata &^
printf "%%20s" "UncompressedSize " & xxd -g 4 -s %UncompressedSize% -l %dwsize% bindata &^
printf "%%20s" "File Name length " & xxd -g 2 -s %FileNameLength% -l %wsize% bindata &^
printf "%%20s" "Extra Field len " & xxd -g 2 -s %ExtraFieldLength% -l %wsize% bindata &^
printf "%%20s" "filename " & xxd -g 1 -s %filename% -l %qwsize% bindata
C:>dumpinxxd.bat 0
C:\>echo off
signature 0000000: efcdab19 ....
version 0000004: 1400 ..
flags 0000006: 0500 ..
Compression 0000008: 0800 ..
ModTime 000000a: 1b8c ..
ModDate 000000c: 2f34 /4
Crc32 000000e: 63e3f135 c..5
Compressed_Size 0000012: 68000000 h...
UncompressedSize 0000016: 8c000000 ....
File Name length 000001a: 0900 ..
Extra Field len 000001c: 0000 ..
filename 000001e: 49 4e 44 45 58 2e 53 59 INDEX.SY
C:>dumpinxxd.bat 143
C:\>echo off
signature 000008f: efcdab19 ....
version 0000093: 1400 ..
flags 0000095: 0500 ..
Compression 0000097: 0800 ..
ModTime 0000099: f480 ..
ModDate 000009b: 514c QL
Crc32 000009d: a4355085 .5P.
Compressed_Size 00000a1: b4000000 ....
UncompressedSize 00000a5: d9000000 ....
File Name length 00000a9: 0800 ..
Extra Field len 00000ab: 0000 ..
filename 00000ad: 49 4e 46 4f 2e 53 59 53 INFO.SYS
C:>dumpinxxd.bat 361
C:\>echo off
signature 0000169: efcdab19 ....
version 000016d: 1400 ..
flags 000016f: 0500 ..
Compression 0000171: 0800 ..
ModTime 0000173: 8da9 ..
ModDate 0000175: 4732 G2
Crc32 0000177: 0885797f ..y.
Compressed_Size 000017b: f0000000 ....
UncompressedSize 000017f: 22010000 "...
File Name length 0000183: 0c00 ..
Extra Field len 0000185: 0000 ..
filename 0000187: 51 4d 57 57 49 4e 4a 47 QMWWINJG
- How to append data to file using file_put_contents()?
- Connecting 2 java files in visual studio
- Register to be default app for custom file type
- logger configuration to log to file and print to stdout
- Handling multiple byte lengths within a WAV struct
- Why does patch not find this file?
- How to include asset file in Maui Android
- Can I recover a file whose ObjectOutputStream was never closed?
- Count files in folder, ignoring hidden files, ignoring nested folders, in Java
- Converting an abstract File to String in Java
- Django - Create A Zip of Multiple Files and Make It Downloadable
- including php file from another server with php
- Handling file in a generator function
- Check if an executable exists in the Windows path
- Counting the number of files in a directory using Java
- Laravel - how to get path name of file
- The difference between Absolute path and Path with a root component in Java documentation of Path.resolve()
- How do I get the path and name of the python file that is currently executing?
- How can I inspect page resources in Firefox?
- How to upload file with python requests?
- Go func for running external command, occasionally getting error: file already closed
- I want to pre-fill an input of type IFormFile
- How to copy all files with specific extension and rename them adding the subdirectory names
- java - copy specific rows from a file to another file
- Write a file on iOS
- Reading integers from binary file in Python
- Change default text in input type="file"?
- How to limit the number of dropzone.js files uploaded?
- How do I load a PHP file into a variable?
- Remove lines from a text file if it contains a string