droid icon indicating copy to clipboard operation
droid copied to clipboard

Published 20 hours ago verified publisher icon digital-preservation

Identify Base64 encoded files

Open DavidUnderdown opened this issue 6 years ago • 1 comments

We've come across the issue of files being stored in a database in Base64 encoding, when preparing a SIARD export these LOB files are externalised, and then DROID can't identify them due to the Base64 encoding.

We would probably need to do something like the approach beign used in https://github.com/DissectMalware/base64_substring to convert signatures to be able to search teh Base64 encoded files automatically, or perhaps convert a suspected Base64 encoded file in memory and try to ID as usual.

DavidUnderdown avatar Jul 16 '18 09:07 DavidUnderdown

Would be interested in any proposed solutions to this. Not really viable to create signature patterns for base64 encoded 'things' - feels like it needs a step to determine whether an object is base64 encoded first, but wasteful to 'try' that with every object

Dclipsham avatar Apr 09 '20 15:04 Dclipsham