サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
アメリカ大統領選
blog.didierstevens.com
I discovered the flag FORCE_INTEGRITY last year when I released my tool setdllcharacteristics. This flag will force a check of the executable’s digital signature (on Windows Vista and Windows 7) and will prevent the program from running if the signature is invalid (or missing). But it’s only now that I hold all the pieces to test this flag. A normal authenticode signature is not enough. And you ca
The title says it all… This is a document I shared with my Brucon workshop attendees. I know, this is a PDF document, you’ve to appreciate the irony 😉
This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability! I use a launch action triggered by the opening of my PoC PDF. With Adobe Reader, the user gets a warning asking for approval to launch the action, but I can (partially) control the message displayed by the dialog. Foxit Reader displays no warning at all, the action gets e
EICARgen is just a program that creates the EICAR Anti-Virus test file. The EICAR Anti-Virus test file is 68 bytes long, and it will cause all Anti-Virus software to trigger a virus alert. Of course, this EICAR file is not a virus, it’s just an industry-standard test file. The EICAR file is only detected by Anti-Virus software that supports the EICAR file, but I’m not aware of any that doesn’t. Th
Here is a set of free YouTube videos showing how to use my tools: Malicious PDF Analysis Workshop. pdf-parser.py This tool will parse a PDF document to identify the fundamental elements used in the analyzed file. It will not render a PDF document. The code of the parser is quick-and-dirty, I’m not recommending this as text book case for PDF parsers, but it gets the job done. You can see the parser
このページを最初にブックマークしてみませんか?
『Didier Stevens』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
