Open in app

Sign in

Write

Sign in

How to Check Files for Embedded Links and Objects (OLE) using Go

Cloudmersive
2 min readJun 20, 2023

--

Files with OLE (Object Linking and Embedding) capabilities can host a variety of disguised malicious objects designed to enable remote code execution once accessed by a document viewer. There’s little reason to allow OLE documents into a system from untrusted external sources, so it’s best to block them entirely.

Using the below code, you can take advantage of a powerful virus scanning API which automatically detects a variety of hidden threats — including OLE embedded links and objects — within file uploads. The API response will return a Boolean indicating if OLE content is present within a document, and you can easily take steps to remove those documents from your upload process. Each document will additionally be scanned for millions of virus and malware threats, and you can set custom rules against a variety of hidden threats using the clearly defined API request body.

You can structure your API call in one quick step using the ready-to-run Golang code examples below, and you can authenticate with a free-tier API key (get one on the Cloudmersive website; this comes with 800 API calls per month and no additional commitment).

package main

import (
     "fmt"
     "bytes"
     "mime/multipart"
     "os"
     "path/filepath"
     "io"
     "net/http"
     "io/ioutil"
)

func main() {

     url := "https://api.cloudmersive.com/virus/scan/file/advanced"
     method := "POST"

     payload := &bytes.Buffer{}
     writer := multipart.NewWriter(payload)
     file, errFile1 := os.Open("/path/to/file")
     defer file.Close()
     part1,
         errFile1 := writer.CreateFormFile("inputFile",filepath.Base("/path/to/file"))
     _, errFile1 = io.Copy(part1, file)
     if errFile1 != nil {
          fmt.Println(errFile1)
          return
     }
     err := writer.Close()
     if err != nil {
          fmt.Println(err)
          return
     }


     client := &http.Client {
     }
     req, err := http.NewRequest(method, url, payload)

     if err != nil {
          fmt.Println(err)
          return
     }
     req.Header.Add("allowExecutables", "<boolean>")
     req.Header.Add("allowInvalidFiles", "<boolean>")
     req.Header.Add("allowScripts", "<boolean>")
     req.Header.Add("allowPasswordProtectedFiles", "<boolean>")
     req.Header.Add("allowMacros", "<boolean>")
     req.Header.Add("allowXmlExternalEntities", "<boolean>")
     req.Header.Add("allowInsecureDeserialization", "<boolean>")
     req.Header.Add("allowHtml", "<boolean>")
     req.Header.Add("restrictFileTypes", "<string>")
     req.Header.Add("Content-Type", "multipart/form-data")
     req.Header.Add("Apikey", "YOUR-API-KEY-HERE")

     req.Header.Set("Content-Type", writer.FormDataContentType())
     res, err := client.Do(req)
     if err != nil {
          fmt.Println(err)
          return
     }
     defer res.Body.Close()

     body, err := ioutil.ReadAll(res.Body)
     if err != nil {
          fmt.Println(err)
          return
     }
     fmt.Println(string(body))
}
API
Cybersecurity
Virus Scan
Embedded Links
Golang

--

--

Cloudmersive
Cloudmersive

Written by Cloudmersive

695 Followers
10 Following

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams