Here is an example of using it on Windows: strings ScaryFile | findstr /i TextToSearchForīut for the rest of my answer here I'll assume you're on *nix, since that is my experience with strings. You can also get "strings" for Windows, as mentioned by Polynomial, below. On *nix systems, do this: strings ScaryFile.pdf | less In this situation I've always used the Unix/Linux/OSX shell command "strings". Also, it's not a bad idea to run the host Linux environment from a read-only installation (i.e. Save a snapshot of the virtual OS, and then revert to that snapshot after you're done interacting with the malicious content. I'd recommend booting into a Linux system and running your target OS (usually Windows) in Virtualbox or a similar environment.
If you find yourself frequently dealing with potentially malicious materials, it would be very wise to set up a hardened virtual environment. This is not necessarily true for all vulnerabilities, so it's important to understand what you're getting in to ahead of time.
PDF TOOLKIT VIRUS PDF
But there are alternate PDF viewers such as foxit or even Google chrome's built-in viewer that do not necessarily have the same vulnerabilities as Adobe's official viewer. The real issue is knowing whether or not your viewer is vulnerable, which usually means knowing specifically what the exploit is. If you view the document in a program that isn't vulnerable (or in a configuration that inhibits the vulnerability), then you won't be exploited. Document-based exploits are directed not at the document itself, but rather at some vulnerability in the viewer.
0 kommentar(er)
