WhereIsIt Catalog file
application/octet-stream
Magic Bytes
Offset: 0
43 6C 69 65 6E 74 20 55 72 6C 43 61 63 68 65 20 4D 4D 46 20 56 65 72 20
The WhereIsIt Catalog file (CTF) is a proprietary database format created by Robert Galle for the WhereIsIt media organization utility. It provides a searchable index for archiving metadata from removable media, hard drives, and network directories to facilitate offline file management. Although this legacy format is associated with obsolete software, it remains a passive data repository that is considered secure as it does not support executable code or embedded scripts.
Validation Code
How to validate .ctf files in Python
Python
def is_ctf(file_path: str) -> bool:
"""Check if file is a valid CTF by magic bytes."""
signature = bytes([0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x55, 0x72, 0x6C, 0x43, 0x61, 0x63, 0x68, 0x65, 0x20, 0x4D, 0x4D, 0x46, 0x20, 0x56, 0x65, 0x72, 0x20])
with open(file_path, "rb") as f:
return f.read(24) == signatureHow to validate .ctf files in Node.js
Node.js
function isCTF(buffer: Buffer): boolean {
const signature = Buffer.from([0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x55, 0x72, 0x6C, 0x43, 0x61, 0x63, 0x68, 0x65, 0x20, 0x4D, 0x4D, 0x46, 0x20, 0x56, 0x65, 0x72, 0x20]);
return buffer.subarray(0, 24).equals(signature);
}
Go
func IsCTF(data []byte) bool {
signature := []byte{0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x55, 0x72, 0x6C, 0x43, 0x61, 0x63, 0x68, 0x65, 0x20, 0x4D, 0x4D, 0x46, 0x20, 0x56, 0x65, 0x72, 0x20}
if len(data) < 24 {
return false
}
return bytes.Equal(data[:24], signature)
}API Endpoint
GET
/api/v1/ctf
curl https://filesignature.org/api/v1/ctf