gdesmar
gdesmar
Thanks for the update and a bit of explanation on what may be happening! If you are referring to the certificates located in the signature, here are the results :...
Hi, I refactored my code to merge all my traits into this library. - Detecting if the script is a one-liner, even if there is one or more empty lines...
Absolutely! That should simplify it greatly. I did try to use pure yaml, but I was seeing a few things that you may not like as much: - The current...
I took a look at it and am impressed by that utf-8 trick. On the AL side of things, we are [trusting libmagic's ini detection](https://github.com/CybercentreCanada/assemblyline-base/blob/v4.5.0.stable21/assemblyline/common/identify_defaults.py#L238). Have you often seen files...
After a few more tests, it turns out that the utf-8 is well handled by libmagic. If I convert the dos newlines to unix using dos2unix, the sample is identified...
I added the new executor to our current list. It is obviously a very flimsy approach as a single change to the exec line would stop our identification. If we...
From [identify's defaults](https://github.com/CybercentreCanada/assemblyline-base/blob/v4.5.0.stable9/assemblyline/common/identify_defaults.py#L139): ```python {"al_type": "archive/tar", "regex": r"^(GNU|POSIX) tar archive"}, {"al_type": "archive/ar", "regex": r"ar archive"}, {"al_type": "archive/vhd", "regex": r"^Microsoft Disk Image"}, ``` The file's magic is "Electron AS**AR archive**, header...
Someone from the community has tried to add it to JsJaws (CybercentreCanada/assemblyline-service-jsjaws/pull/726) but we have given no follow up on it (and a few things should be improved before merging)....
Hello @kirk-sayre-work, Are there any plans to merge pull requests for python2 before the python3 version is finished? I am asking because it is starting to become a little complicated...
The PR was merged. The updated Identify code should be part of the next release! Just make sure to backup your local change before reverting to get the latest at...