Magic Bytes

magicbytes.py

import hexdump as hd
import re
import sys
import os

def banner():
	banner = ''''
                                           
 _____         _     _____     _           
|     |___ ___|_|___| __  |_ _| |_ ___ ___ 
| | | | .'| . | |  _| __ -| | |  _| -_|_ -|
|_|_|_|__,|_  |_|___|_____|_  |_| |___|___|
          |___|           |___|            

          [v0.1 Beta ~ <3]
 ''' 	
	print banner

def file_analyser(file_name):
	magicbytes = { 

	".gif" : "47 49 46 38 39 61",
	".exe" : "4D 5A",
	".pdf" : "25 50 44 46",
	".wav" : "57 41 56 45 66 6D 74 20",
	".jpg" : "FF D8",
	".zip" : "50 4B 03 04",
	".doc" : "D0 CF"
	}

	with open(file_name,'r') as fhand:
		data = fhand.read().replace("\n", "") #Take all data in one variable

	hexd = hd.dump(data)   #Get hex of it
	print("[+] Analyzing Hex now.")

	for ext,magic in magicbytes.items():
		if bool(re.search(magic,hexd)) == True:
			print("[+] It is a %s type of file. Renaming now." % ext)
			orignal_ext = file_name.split(".")[0]+ext            #Find signature and rename if found.
			os.rename(file_name,orignal_ext)
			print("[+]Done. Printing File Hex for review.")
			print hexd
			return
		else:
			pass

	print("[!] Can't file any valid externsion for this file :/")


if __name__ == '__main__':
	banner()
	file_analyser(sys.argv[1])