Home » Posts filed under PDF

Instant PDF Password Remover v3.5 - Free PDF Password & Restrictions Removal Tool

in , , , , , , , , , , , , - on 10:16 AM - No comments

Instant PDF Password Remover is the FREE tool to instantly remove Password of protected PDF document. It can remove both User & Owner password along with all PDF file restrictions such as Copy, Printing, Screen Reader etc.

Often we receive password protected PDF documents in the form of mobile bills, bank statements or other financial reports. It is highly inconvenient to remember or type these complex and long passwords.

'Instant PDF Password Remover' helps you to quickly remove the Password from these PDF documents. Thus preventing the need to type these complex/long password every time you open such protected PDF documents.

Note that it cannot help you to remove the unknown password. It will only help you to remove the KNOWN password so that you don't have to enter the password everytime while opening the PDF file.

It makes it even easier with the 'Right Click Context Menu' integration. This allows you to simply right click on the PDF file and launch the tool. Also you can Drag & Drop PDF file directly onto the GUI window to start the password removal operation instantly.


It can unlock PDF document protected with all versions of Adobe Acrobat Reader using different (RC4, AES) encryption methods.

It comes with Installer for quick installation/un-installation. It works on wide range of Operating systems starting from Windows XP to Windows 8.


Read more
Labels: , , , , , , , , , , , ,

[Peepdf] PDF Analysis and Creation/Modification Tool

in , , , , , , , - on 4:57 PM - No comments

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of PyV8 and Pylibemu it provides Javascript and shellcode analysis wrappers too. Apart of this it's able to create new PDF files and to modify/obfuscate existent ones.

The main functionalities of peepdf are the following:

Analysis:
  • Decodings: hexadecimal, octal, name objects
  • More used filters
  • References in objects and where an object is referenced
  • Strings search (including streams)
  • Physical structure (offsets)
  • Logical tree structure
  • Metadata
  • Modifications between versions (changelog)
  • Compressed objects (object streams)
  • Analysis and modification of Javascript (PyV8): unescape, replace, join
  • Shellcode analysis (Libemu python wrapper, pylibemu)
  • Variables (set command)
  • Extraction of old versions of the document
  • Easy extraction of objects, Javascript code, shellcodes (>, >>, $>, $>>)
  • Checking hashes on VirusTotal

Creation/Modification:
  • Basic PDF creation
  • Creation of PDF with Javascript executed wen the document is opened
  • Creation of object streams to compress objects
  • Embedded PDFs
  • Strings and names obfuscation
  • Malformed PDF output: without endobj, garbage in the header, bad header...
  • Filters modification
  • Objects modification

Execution modes:
  • Simple command line execution
  • Powerful interactive console (colorized or not)
  • Batch mode

TODO:
  • Embedded PDFs analysis
  • Improving automatic Javascript analysis
  • GUI 
Read more
Labels: , , , , , , ,

[PDFMiner] Python PDF parser and analyzer

in , , , , , , , , , , - on 7:57 AM - No comments

PDFMiner is a tool for extracting information from PDF documents. Unlike other PDF-related tools, it focuses entirely on getting and analyzing text data. PDFMiner allows one to obtain the exact location of text in a page, as well as other information such as fonts or lines. It includes a PDF converter that can transform PDF files into other text formats (such as HTML). It has an extensible PDF parser that can be used for other purposes than text analysis.

Features

  • Written entirely in Python. (for version 2.4 or newer)
  • Parse, analyze, and convert PDF documents.
  • PDF-1.7 specification support. (well, almost)
  • CJK languages and vertical writing scripts support.
  • Various font types (Type1, TrueType, Type3, and CID) support.
  • Basic encryption (RC4) support.
  • PDF to HTML conversion (with a sample converter web app).
  • Outline (TOC) extraction.
  • Tagged contents extraction.
  • Reconstruct the original layout by grouping text chunks.
PDFMiner is about 20 times slower than other C/C++-based counterparts such as XPdf.

Online Demo: (pdf -> html conversion webapp)



Read more
Labels: , , , , , , , , , ,

[XSS Cheat Sheet] Bypassing Modern Web Application Firewall XSS Filters

in , , , - on 4:42 PM - No comments

While we doing web application penetration testing for our clients, we may some time have to face the Web application Firewall that blocks every malicious request/payload.

There are some Cheat sheets available on internet that helped to bypass WAF in the past. However, those cheats won't work with the modern WAFs and latest browsers.  
So, here is need for creating new Cheat sheet.

One of the top security researcher Rafay Baloch has done an excellent job by organizing his own techniques to bypass modern WAFs and published a white paper on that.

The paper titled "Modern Web Application Firewalls Fingerprinting and Bypassing XSS Filters" covers only the techniques needed for bypassing XSS filters.

Rafay promised to write other vulnerabilities' bypassing techniques in his next paper.



Read more
Labels: , , ,