recentpopularlog in

kme : reversing   7

Update: pdf-parser.py Version 0.7.0 | Didier Stevens
<code class="language-bash">
./pdf-parser.py -n document.pdf
./pdf-parser.py -s objstm document.pdf

# decode stream objects ('-f' = filter)
./pdf-parser.py -s objstm -f document.pdf

# force 'pdfid.py' to parse the output of above (even though it's
# missing a proper PDF header)
./pdf-parser.py -s objstm -f document.pdf | ./pdfid.py -n -f

# which is (I think?) is roughly the same as
./pdf-parser.py -a -O document.pdf
</code>
pdf  parser  reversing  reverseengineering  forensic  malware  analysis  commandline  python  video  streamobject  solution 
12 weeks ago by kme
Decompress FlateDecode Objects in PDF
Tips on how to get working in Python 3 here: https://stackoverflow.com/a/53609642/785213

<code class="language-python">import re
import zlib

pdf = open("some_doc.pdf", "rb").read()
stream = re.compile(r'.*?FlateDecode.*?stream(.*?)endstream', re.S)

for s in stream.findall(pdf):
s = s.strip('\r\n')
try:
print(zlib.decompress(s))
print("")
except:
pass</code>
python  pdf  reversing  forensics  objectstream  flatedecode  zlib 
12 weeks ago by kme

Copy this bookmark:





to read