Peepdf
Jump to navigation
Jump to search
Description
peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not.
Some of the peepdf features:
- can list objects in the PDF file
- supports many common filters and encodings
- can parse different versions of a file, object streams and encrypted files
- provides Javascript and shellcode analysis wrappers (provided PyV8 and Pylibemu are installed)
- can create new PDF files or modify/obfuscate a PDF.
Installation
Prerequisites
lxml
$ sudo aptitude install python-lxml
PyV8
Note
This optional package is only available for Windows
pylibemu
First install libemu. Then install setuptools, required for the installation of pylibemu:
$ sudo aptitude install python-setuptools
At last, install pylibemu:
$ git clone https://github.com/buffer/pylibemu.git $ python setup.py build $ sudo python setup.py install
Installation of peepdf
$ wget http://peepdf.googlecode.com/files/peepdf_0.2-BlackHatVegas.tar.gz $ tar xzvf peepdf_0.2-BlackHatVegas.tar.gz $ cd peepdf_0.2-BlackHatVegas/
Usage
Syntax
Usage: ./peepdf.py [options] PDF_file
Options
- -h, --help
- show this help message and exit
- -i, --interactive
- Sets console mode.
- -s SCRIPTFILE, --load-script=SCRIPTFILE
- Loads the commands stored in the specified file and execute them.
- -f, --force-mode
- Sets force parsing mode to ignore errors.
- -l, --loose-mode
- Sets loose parsing mode to catch malformed objects.
- -u, --update
- Updates peepdf with the latest files from the repository.
- -g, --grinch-mode
- Avoids colorized output in the interactive console.
- -v, --version
- Shows program's version number.
- -x, --xml
- Shows the document information in XML format.
Example
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.