SO
application/octet-stream
Magic Bytes
Offset: 10
23 20 54 68 69 73 20 69 73 20 61 20 73 68 65 6C 6C 20 61 72 63 68 69 76 65
The SO file format is a legacy shell archive container originally developed by Unix developers to bundle multiple text files. It is primarily utilized for transmitting source code or documentation through text-based communication channels such as email or early Usenet forums. As this format essentially functions as an executable shell script, it has been largely superseded by modern, non-executable archival standards that offer superior security and significantly better data compression ratios.
Validation Code
How to validate .so files in Python
Python
def is_so(file_path: str) -> bool:
"""
Check if file is a valid SO by magic bytes.
Signature offset: 10 bytes
"""
signature = bytes([0x23, 0x20, 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x73, 0x68, 0x65, 0x6C, 0x6C, 0x20, 0x61, 0x72, 0x63, 0x68, 0x69, 0x76, 0x65])
with open(file_path, "rb") as f:
f.seek(10)
return f.read(25) == signatureHow to validate .so files in Node.js
Node.js
function isSO(buffer: Buffer): boolean {
// Signature offset: 10 bytes
const signature = Buffer.from([0x23, 0x20, 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x73, 0x68, 0x65, 0x6C, 0x6C, 0x20, 0x61, 0x72, 0x63, 0x68, 0x69, 0x76, 0x65]);
if (buffer.length < 35) return false;
return buffer.subarray(10, 35).equals(signature);
}
Go
func IsSO(data []byte) bool {
// Signature offset: 10 bytes
signature := []byte{0x23, 0x20, 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, 0x73, 0x68, 0x65, 0x6C, 0x6C, 0x20, 0x61, 0x72, 0x63, 0x68, 0x69, 0x76, 0x65}
if len(data) < 35 {
return false
}
return bytes.Equal(data[10:35], signature)
}API Endpoint
GET
/api/v1/so
curl https://filesignature.org/api/v1/so