RE: Check for scripts in a PDF

Tue, 23 Aug 2016 00:36:07 -0700 

Yes, i'm seeking to detect files with scripts. Not static. I don't undestand 
what do you mean with "Maybe compare
with the preflight source code to check that you didn't miss something", can 
you elaborate on that?

Thank you.

        Davide

________________________________________
Da: Tilman Hausherr [[email protected]]
Inviato: martedì 23 agosto 2016 8.34
A: [email protected]
Oggetto: Re: Check for scripts in a PDF

Am 22.08.2016 um 15:14 schrieb Davide Zoni:
> Hallo everybody,
>
> i'm using PDFbox to check if a PDF file contains malicious scripts. I'm using 
> the PDF/A-1a validation to check the file. Since i'm searching only for 
> potential damaging code and not for a true PDF/A-1a standard accompliance, is 
> it enough to consider 1.x.x, 6.x.x and 7.x.x errors as "true" errors? Below 
> category description:
>
> Category        Description
> 1[.y[.z]]       Syntax Error
> 2[.y[.z]]       Graphic Error
> 3[.y[.z]]       Font Error
> 4[.y[.z]]       Transparency Error
> 5[.y[.z]]       Annotation Error
> 6[.y[.z]]       Action Error
> 7[.y[.z]]       Metadata Error

Unclear what you're asking. Are you seeking to detect files with
javascript? If so, I'd rather build something something from scratch,
i.e. read the PDF specification and see where JS is used. Maybe compare
with the preflight source code to check that you didn't miss something.

Tilman


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Il contenuto e le informazioni di questo messaggio di posta elettronica sono 
riservate, confidenziali e non vincolanti nè impegnative per Cedacri s.p.a., ne 
è vietata pertanto la diffusione o divulgazione in qualunque modo eseguita. 
Qualora Lei non fosse la persona a cui il presente messaggio è destinato La 
invitiamo ad eliminarlo e a non leggerlo, dandocene gentilmente comunicazione. 
The content, informations and any attachments of this e-mail are classified, 
confidential and not binding neither impegnative for Cedacri S.P.A., the spread 
or spreading in any executed way is prohibited therefore. If you are not named 
recipient, please notify the sender immediately and do not disclose the 
contents to another person, use it for any purpose, or store or copy the 
information in any medium.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to