您可以将文件解压缩到一个安全的地方(如安装noexec的文件系统)并检查生成的目录中的二进制文件。该file命令可以告诉您文件是文本、源代码、二进制文件等。
[root@xt ~]# file ./packages/Digest-MD5-2.33/t/badfile.t
./packages/Digest-MD5-2.33/t/badfile.t: ASCII text
[root@xt ~]# file ./packages/Digest-MD5-2.33/MD5.pm
./packages/Digest-MD5-2.33/MD5.pm: Perl5 module source text
[root@xt ~]# file ./packages/rrdtool-1.0.50/src/gdpng.o
./packages/rrdtool-1.0.50/src/gdpng.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
Run Code Online (Sandbox Code Playgroud)
类似于以下内容,您可以在其中过滤 ELF 可执行文件:
find . -type f -exec file {} + | grep ELF
输出将是:
[root@xt ~]# find . -type f -exec file {} + | grep ELF
./packages/rrdtool-1.0.50/gd1.3/gdfontl.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
./packages/rrdtool-1.0.50/gd1.3/gdfontmb.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
./packages/rrdtool-1.0.50/gd1.3/gdlucidan10l2.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
./packages/rrdtool-1.0.50/gd1.3/gdlucidab14.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
./packages/rrdtool-1.0.50/gd1.3/gdlucidan10.o: ELF 64-bit LSB relocatable, AMD x86-64, version 1 (SYSV), not stripped
Run Code Online (Sandbox Code Playgroud)
| 归档时间: |
|
| 查看次数: |
4589 次 |
| 最近记录: |