[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how execute a script

On Tue, Nov 17, 2015 at 4:25 PM,  <tomas@tuxteam.de> wrote:
> Hash: SHA1
> On Tue, Nov 17, 2015 at 04:13:48PM -0500, shawn wilson wrote:
>> On Tue, Nov 17, 2015 at 3:24 PM,  <tomas@tuxteam.de> wrote:
> [...]
>> > Now you lost me.
>> >
>> If magic were smarter (was able to derive from syntax or had regex
>> capability in the format), it could've still told me I was looking at
>> a script (and not just a bunch of text - which is next to useless). It
>> doesn't, so arguing that magic could be used (not an argument I've
>> seen, but one I was expecting and figured I'd preempt) instead of an
>> extension is lacking.
> Got it. But magic *can* do many of those things. A headless shell
> script is a tough nut to crack, though: "echo" could occur as well
> in a Tcl script (via Tcl's crazy but genius "unknown" mechanism).

You're right - just "script" then. I'm not dissing magic - it's a good
starting point in forensics or to see what's in a bin directory, but
shouldn't be relied on (also see ftimes xmagic for a more featureful
magic implementation w/e sf comes back up).

My point is that you can't determine what you're looking at w/o being
told (an extension) or looking at it. So (my original point) you loose
data by removing/not having an extension.

Reply to: