Someone i believe have interest on this ... http://www.owasp.org/index.php/PDF_Attack_Filter_for_Apache_mod_rewrite
http://www.owasp.org/index.php/PDF_Attack_Filter_for_Java_EE Maybe can help member to understand for pdf attack. Regards, Mohd Fazli Azran On Thu, Apr 1, 2010 at 10:55 AM, Muhammad Najmi Ahmad Zabidi < [email protected]> wrote: > At first I have a thought whether this would be appropriate for OWASP, > since Web apps should concern on port 80, 8080,443 , or maybe you deal > with strange http port (heh). > > Later decided to post since PDF is application based attack, hence the > method of outbreak is via web. > > Didier also wrote couple of tools and host them here: > http://blog.didierstevens.com/programs/pdf-tools/ > > His tool even can be used for you to include your own JS to PDF. > > > On Thu, Apr 1, 2010 at 10:43 AM, Amir Haris Ahmad <[email protected]> > wrote: > > Cool and good info, will give a try. > > > > On Thu, Apr 1, 2010 at 9:50 AM, Adnan bin Mohd Shukor > > <[email protected]> wrote: > >> > >> me.. the pdf analysis features is kewl as well ;) > >> > >> On 1 April 2010 08:55, Muhammad Najmi Ahmad Zabidi > >> <[email protected]> wrote: > >> > Hello, > >> > > >> > Anyone is using pyew? > >> > > >> > http://code.google.com/p/pyew/ > >> > > >> > na...@notre-dame:/var/lib/nepenthes/binaries$ ~/pyew/pyew.py > >> > 1f8a826b2ae94daa78f6542ad4ef173b > >> > PE Information > >> > > >> > Sections: > >> > 0x1000 0x20000 75776 > >> > 0x21000 0x2000 3584 > >> > 0x23000 0xf6000 36864 > >> > 0x119000 0x8000 30720 > >> > > >> > Entry Point at 0x1c85c > >> > Virtual Address is 0x51905c > >> > Code Analysis ... > >> > > >> > [0x00000000]> vt > >> > File 1f8a826b2ae94daa78f6542ad4ef173b with MD5 > >> > 1f8a826b2ae94daa78f6542ad4ef173b > >> > > >> > > ------------------------------------------------------------------------------- > >> > > >> > McAfee+Artemis : W32/Sdbot.worm.gen.x > >> > nProtect : Backdoor/W32.RBot.155648.W > >> > CAT-QuickHeal : I-Worm.Bobic.hq > >> > McAfee : W32/Sdbot.worm.gen.x > >> > K7AntiVirus : Backdoor.Win32.Rbot > >> > TheHacker : Backdoor/Rbot.aftu > >> > VirusBuster : Worm.Rbot.AFAE > >> > NOD32 : Win32/Rbot > >> > F-Prot : W32/Trojan5.DCW > >> > > >> > > >> > And... the rest of the AV lines results. > >> > _______________________________________________ > >> > Owasp-Malaysia mailing list > >> > [email protected] > >> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >> > > >> > OWASP Malaysia Wiki > >> > http://www.owasp.org/index.php/Malaysia > >> > > >> > OWASP Malaysia Wiki Facebook > >> > > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >> > > >> _______________________________________________ > >> Owasp-Malaysia mailing list > >> [email protected] > >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >> > >> OWASP Malaysia Wiki > >> http://www.owasp.org/index.php/Malaysia > >> > >> OWASP Malaysia Wiki Facebook > >> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
