[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] [Tool] New release of peepdf (PDF analysis)
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] [Tool] New release of peepdf (PDF analysis)
- From: Jose Miguel Esparza <jesparza@xxxxxxxxxxxxxxxx>
- Date: Mon, 02 Apr 2012 21:09:15 +0200
Hi!
During last Black Hat Europe I released a new version of peepdf. If you
don't know it, it's a tool to analyze PDF documents, supporting
encryption, compressed objects, Javascript and shellcode emulation, etc.
You can also modify PDF documents, remove filters, obfuscate them, etc.
All of that with a powerful console.
In summary these are the main changes:
- Improved PDF filters like LZWDecode, ASCII85Decode and predictor
parameters for FlateDecode / LZWDecode.
- Monitorization of new vulnerabilities like CVE-2011-2462 or CVE-2011-4369.
- Added update process
- Javascript beautifier
- New command to hash objects, streams, etc.
- Added an easy way to extract information (>, >>)
- New commands to perform XOR operations and searches for patterns in
the result of XOR brute-forcing.
- XML output
You have the full blog post here:
http://eternal-todo.com/blog/peepdf-black-hat-arsenal-2012
And you can download it here:
http://peepdf.googlecode.com/files/peepdf-BlackHatEU12.zip
I want to deal with the next points in the next steps:
- AES 256 encryption
- Automatic analysis of embedded PDF documents
- Support for the rest of filters
- Improving modification capabilities
- ...
I hope these new changes can be useful to you and I would appreciate any
kind of feedback, bugs, etc.
Thanks!
Jose
--
Jose Miguel Esparza
@EternalTodo
http://eternal-todo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/