search

victims / victims-client-java-legacy

Standalone victims client to handle java artifacts.
GNU Affero General Public License v3.0
11 stars 13 forks source link

Scan Archives #3

Open abn opened 10 years ago

abn commented 10 years ago

We need to consider handling ZIP and TAR files for scans.

Maybe RPM too?

gcmurphy commented 10 years ago

I agree that this is something worth considering. Although I am concerned about is scope creep. e.g. Do we also include .deb files? .rar?

One thing worth considering is that the three file formats that you've mentioned all can be unpacked to stdout e.g. for tar files. So perhaps a general solution could include an option to receive file content from stdin via a special flag.

rpm2cpio example.rpm | cpio --to-stdout -iv | java -jar victims-client.jar --pipe

However there are numerous headaches that would come from this also. I'll put this on the todo list I'm not certain what the best way to tackle this is right now.

abn commented 10 years ago

Scope creep is an issue yes, however for a standalone client I reckon we need to at the very least support the handling of ZIP archives.

The rest I suppose can be handled via a stdin based scanner. Although it might be good to design it in such a way that new scanners can be plugged in with stdin and zip being the first ones. We can expand later if/when the need arises.