PDF 분석(pdf-parser)
■ Package Description
PDF 문서를 분석하여 분석 된 파일에 사용 된 기본 요소를 식별한다.
의심스러운 특성에 대한 PDF 파일을 분석하는 용도로 사용한다.
Adobe zero-day 취약점을 공격하는 pdf 악성코드 등
악의적인 PDF 문서는 방화벽, 침임 방지 시스템 및 기타 보안 장비들을 쉽게 통과하고
사용자가 문서를 열도록 유인하기 용이하다. 이러한 조작 된 파일을 분석 할 때 사용할 수 있다.
[사용방법]
# pdf-parser -a
참조 사이트
http://blog.didierstevens.com/programs/pdf-tools/
https://www.youtube.com/watch?v=OGlRKz2PECg
http://sinun.tistory.com/135
CVE-2013-2729(exploit-db)
■ OPTIONS
# pdf-parser -h
root@kali:~# pdf-parser -h |
[EX] 사용 예제
# pdf-parser -a /usr/share/doc/texmf/fonts/lm/lm-info.pdf Comment: 3 XREF: 1 Trailer: 1 StartXref: 1 Indirect object: 526 282: 7, 8, 12, 17, 18, 27, 28, 30, 31, 34, 35, 43, 44, 78, 79, 111, 112, 120, 121, 123, 124, 126, 127, 129, 130, 132, 133, 135, 136, 138, 139, 141, 142, 144, 145, 155, 156, 158, 159, 164, 165, 168, 169, 172, 173, 176, 177, 179, 180, 183, 184, 187, 188, 191, 192, 2, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, 295, 296, 297, 298, 299, 300, 301, 302, 303, 30 4, 305, 306, 307, 308, 309, 310, 311, 312, 313, 314, 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, 325, 32 6, 327, 328, 329, 330, 331, 332, 333, 334, 335, 336, 337, 338, 339, 340, 341, 342, 343, 344, 345, 346, 347, 348, 349, 350, 351, 352, 353, 354, 355, 356, 357, 358, 359, 360, 361, 362, 363, 364, 365, 366, 367, 368, 369, 370, 371, 472, 473, 474, 475, 476, 477, 478, 479, 480, 481, 482, 484, 485, 486, 488, 489, 490, 492, 493, 494, 496, 497, 498, 500, 501, 502, 504, 505, 506, 508, 509, 510, 512, 513, 514, 516, 517, 518, 520, 521, 522, 524, 525, 526, 372, 374, 375, 383, 450, 451, 453, 454, 457, 458, 460, 461, 463, 464, 466, 467, 469, 470 /Catalog 1: 1 /Encoding 1: 10 /ExtGState 1: 6 /Font 105: 11, 4, 5, 14, 20, 21, 22, 23, 24, 25, 26, 33, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 161, 162, 163, 167, 171, 175, 182, 186, 190, 15, 37, 39, 41, 114, 116, 118, 147, 149, 151, 153, 16, 38, 40, 42, 115, 117, 119, 148, 150, 152, 154 /FontDescriptor 94: 9, 373, 376, 377, 378, 379, 380, 381, 382, 384, 385, 386, 387, 388, 389, 390, 391, 392, 393, 394, 395, 396, 397, 398, 399, 400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 416, 417, 418, 419, 420, 421, 422, 423, 424, 425, 426, 427, 428, 429, 430, 431, 432, 433, 434, 435, 436, 437, 438, 439, 440, 441, 442, 443, 444, 445, 446, 447, 448, 449, 452, 455, 456, 459, 462, 465, 468, 471, 483, 487, 491, 495, 499, 503, 507, 511, 515, 519, 523 /Page 26: 3, 19, 29, 32, 36, 45, 80, 113, 122, 125, 128, 131, 134, 137, 140, 143, 146, 157, 160, 166, 170, 174, 178, 181, 185, 189 /Pages 15: 195, 196, 194, 198, 199, 200, 197, 202, 203, 201, 205, 206, 207, 204, 193 /XObject 1: 13 |
'Learning > └Kali Linux' 카테고리의 다른 글
[Forensics Tools] pdgmail (0) | 2017.01.11 |
---|---|
[Forensics Tools] pdfid (0) | 2017.01.11 |
[Forensics Tools] p0f (0) | 2017.01.11 |
[Forensics Tools] iPhone Backup Analyzer (0) | 2017.01.11 |