That's it you have easily created a new PDF file. But it's very unlikely to find this in common maldocs.ī DidierStevensLabs. We'll show you how to make your OpenOffice files more compatible by saving them as PDFs. A targeted attack might use a more sofisticated exploit, without any of the signs reported by pdfid or pdf-parser's statistics. The PDF export feature in Apache OpenOffice provides a huge set of formatting and security options so that PDF files can be customized for many different scenarios, including ISO standard PDF/A files.odt Standard - Save your documents in OpenDocument format, the new international standard for office documents. Should you suspect that this is targeted, then you could continue your analysis as explained in diary entry series " It is a resume", for example. When you encounter a document like this, it's most likely not malicious. This explicit destination refers to object 1: this is a page: This is explained in the PDF reference documents: OpenAction here is not used to execute JavaScript code upon opening of the PDF (as is often the case with malicious PDFs), but it is used to present the first page with the desired position and zoom. Its purpose is to present the first page when you open the document for the first time. ![]() This /OpenAction is typically added by OpenOffice and LibreOffice when creating a PDF document. Best is to combine this with option -O to look inside stream objects, should they be present: ![]() odp), OpenOffice, LibreOffice, Microsoft Office or an alternative. otg), Draw 3 can open the formats used by OOo 1.x (.sxd and. Adobe Reader, Foxit Reader or an alternative. In addition to OpenDocument formats (.odg and. uof) CGM Computer Graphics Metafile (.cgm) Portable Document Format (.pdf) Opening graphic files. One basic way is to copy the material from your PDF file and paste it into a new. ![]() You can also find search keywords like /OpenAction using pdf-parser.py's statistics option (-a). Unified Office Format presentation (.uop. You can do two things to convert your PDF to OpenOffice document formats. When you look at such a PDF with pdfid.py, everything looks OK, except that there is an /OpenAction: From time to time, I get a question about PDFs that have an /OpenAction, but don't seem to contain (malicious) code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |