Recently want to see how the Cuckoo file recognition function, turned the cuckoo source, found its file format judgment code as follows:
def_get_filetype (self, data):"""Gets filetype, uses libmagic if available. @param data:data to be analyzed. @return: File type or None. """ if nothave_magic:returnNoneTry: Ms=Magic.open (Magic. Magic_none) ms.load () File_type=ms.buffer (data)except: Try: File_type=magic.from_buffer (data)exceptException:returnNonefinally: Try: Ms.close ()except: Pass returnFile_type
The magic,libmagic in the Libmagic Library is a development library that identifies file types based on the file header, which Python can use to make it easy to determine the file format. Record the installation process. Installation environment: WinXP + Python 2.7
Install the Magic module:
1, installation pycparser-2.14 link: https://pypi.python.org/pypi/pycparser
2, installation Vcforpython, Link: http://aka.ms/vcpython27
3, install Cffi module, Link: https://pypi.python.org/pypi/cffi/#downloads
4, installation Libmagic link: https://pypi.python.org/pypi/python-libmagic
5. Install file, add to environment variable path after installation:. \gnuwin32\bin
6. Install Magic Module Link: https://github.com/ahupp/python-magic
Test Import Magic successfully
More details see Https://github.com/ahupp/python-magic
Procedures for sorting samples using Kaspersky's scan results (including file type recognition) See: Https://github.com/Viwilla/ClassifySamples
Adding magic to Python for file type recognition
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
