ParanoiDF - PDF Analysis Suite: Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more

2014-08-14T00:47:23
ID KITPLOIT:3348620206524887875
Type kitploit
Reporter KitPloit
Modified 2014-08-14T00:47:23

Description

The swiss army knife of PDF Analysis Tools. Based on peepdf - http://peepdf.eternal-todo.com .

Features

Interactive Console: Type "help" to get a list of commands. Type "help [command]" to get a description/usage on specific command.

  • crackpw This executes Nacho Barrientos Arias's PDFCrack tool by performing an OS call. The command allows the user to input a custom dictionary, perform a benchmark or continue from a saved state file. If no custom dictionary is input, this command will attempt to brute force a password using a modifiable charset text file in directory "ParanoiDF/pdfcrack". ( http://pdfcrack.sourceforge.net/ )
  • decrypt This uses an OS call to Jay Berkenbilt's "QPDF" which decrypts the PDF document and outputs the decrypted file. This requires the user-password. ( http://qpdf.sourceforge.net/ )
  • encrypt Encrypts an input PDF document with any password you specify. Uses 128-bit RC4 encryption.
  • embedf Create a blank PDF document with an embedded file. This is for research purposes to show how files can be embedded in PDFs. This command imports Didier Stevens Make-pdf-embedded.py script as a module. ( http://blog.didierstevens.com/programs/pdf-tools/ )
  • embedjs Similiar to "embedf", but embeds custom JavaScript file inside a new blank PDF document. If no custom JavaScript file is input, a default app.alert messagebox is embedded ( http://blog.didierstevens.com/programs/pdf-tools/ )
  • extractJS This attempts to extract any embedded JavaScript in a PDF document. It does this by importing Blake Hartstein's Jsunpackn's "pdf.py" JavaScript tool as a module, then executing it on the file. ( https://code.google.com/p/jsunpack-n/ )
  • redact Generate a list of words that will fit inside a redaction box in a PDF document. The words (with a custom sentence) can then be parsed in a grammar parser and a custom amount can be displayed depending on their score. This command requires a tutorial to use. Please read "redactTutorial.pdf" in directory "ParanoiDF/docs".
  • removeDRM Remove DRM (editing, copying etc.) restrictions from PDF document and output to a new file. This does not need the owner-password and there is a possibility the document will lose some formatting. This command works by calling Kovid Goyal's Calibre's "ebook-convert" tool. ( http://calibre-ebook.com/ )

Download ParanoiDF