Showing posts with label Apache. Show all posts
Showing posts with label Apache. Show all posts

Sunday 10 May 2020

Detect Malicious File in Java using Apache Tika

Dear Friends,

We often need to upload files in our web application/portal, and we start analyzing the risks associated with the activity.
I've been doing this over quite a certain period and realized this could be really fatal to our application, especially when you are working on a Production server in live internet.

After looking a lot over internet, Apache again came up as a savior with the API Apache Tika

At the time of writing this blog, the latest stable version  of Tika is

Maven Link

<!-- https://mvnrepository.com/artifact/org.apache.tika/tika-core -->
<dependency>
    <groupId>org.apache.tika</groupId>
    <artifactId>tika-core</artifactId>
    <version>1.24</version>
</dependency>

to get results, we merely need two lines
1. to initialize tika
2. to detect tika , any inputStream or File etc (attaching the screenshot)



ex:
Tika tika=new Tika();
System.out.println("File Detect : "+tika.detect(inputStream));

result:
File Detect : image/png
File Detect : application/x-msdownload now this file is malicious even though the hacker tried uploading the file using any valid extension.

Thank You :)


A Guide to Installing Oracle HR Schema on an Existing Docker Container

  Hi Reader, Today I want to share my learning on how to install Oracle HR schema on a existing docker container. Step 1: Download the verif...