Scribd Logo
Upload

Welcome to Scribd!

  • 52 views

    Lab 1 - File Signature Analysis Lab

    Uploaded by

    AlexandruPutere
    This lab teaches students to identify mismatched file extensions by analyzing file signatures. Students are instructed to install hex editors and use them to view the first four bytes of several files to determine their true type, rename them with the correct extension, and observe what happens when they are opened.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Lab 1 - File Signature Analysis Lab

    Uploaded by

    AlexandruPutere
    52 views2 pages
    This lab teaches students to identify mismatched file extensions by analyzing file signatures. Students are instructed to install hex editors and use them to view the first four bytes of several files to determine their true type, rename them with the correct extension, and observe what happens when they are opened.

    Original Description:

    Expertizarea informatica1

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This lab teaches students to identify mismatched file extensions by analyzing file signatures. Students are instructed to install hex editors and use them to view the first four bytes of several files to determine their true type, rename them with the correct extension, and observe what happens when they are opened.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    52 views2 pages

    Lab 1 - File Signature Analysis Lab

    Uploaded by

    AlexandruPutere
    This lab teaches students to identify mismatched file extensions by analyzing file signatures. Students are instructed to install hex editors and use them to view the first four bytes of several files to determine their true type, rename them with the correct extension, and observe what happens when they are opened.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    Lab 1 – File Signature Analysis

    This lab is designed to teach the students to determine if a file has a mismatched file extension,
    a common method attackers use to deliver malware successfully through firewalls and to hide it
    from the typical user.

    For this lab, install the ICY Hexplorer hex editor (hex_setup26.exe) and WinRAR (wrar550.exe)
    from the Lab 1 folder. Launch ICY Hexplorer and change the font (View > Options… > Font:
    System Fixed Font). To answer the following questions drag each file into ICY Hexplorer. Use
    “File Signatures.htm1” as a reference for the file signatures. HINT: Search for the hex characters
    of the header.

    1. file1
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    2. file2
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    3. file3
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    4. file4
    First four bytes: _________________________________

    1
    https://www.garykessler.net/library/file_sigs.html
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    5. file5
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    6. file6
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    7. file7
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    8. file8
    First four bytes: _________________________________
    File Extension/Type: _____________________________
    Rename the file with the correct extension and open it. What is it?
    ___________________________________________________________________________

    You might also like