-
Notifications
You must be signed in to change notification settings - Fork 240
/
CHANGELOG
109 lines (86 loc) · 5.45 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
-----------------------------------------------
peepdf 0.3 r235, 2014-06-09
-----------------------------------------------
* New features:
- Added descriptive titles for the vulns found
- Added detection of CVE-2013-2729 (Adobe Reader BMP/RLE heap corruption)
- Added support for more than one script block in objects containing Javascript (e.g. XFA objects)
- Updated colorama to version 3.1 (2014-04-19)
- Added detection of CVE-2013-3346 (ToolButton Use-After-Free)
- Added command "js_vars" to show the variables defined in the Javascript context and their content
- Added command "js_jjdecode" to decode Javascript code using the jjencode algorithm (Thanks to Nahuel Riva @crackinglandia)
- Added static detection for CVE-2010-0188
- Added detection for CoolType.dll SING uniqueName vulnerability (CVE-2010-2883). Better late than never ;p
- Added new command "vtcheck" to check for detection on VirusTotal (API key included)
- Added option to avoid automatic Javascript analysis (useful with endless loops)
- Added PyV8 as Javascript engine and removed Spidermonkey (Windows issues).
* Fixes:
- Fixed bug when encrypting/decrypting hexadecimal objects (Thanks to Timo Hirvonen for the feedback)
- Fixed silly bug related to abbreviated PDF Filters
- Fixed bug related to the GNU readline function not handling correctly colorized prompts
- Fixed log_output function, it was storing the previous command output instead of the current one
- Fixed bug in PDFStream to show the stream content when the stream dictionary is empty (Thanks to Nahuel Riva)
- Fixed Issue 12, related to bad JS code parsing due to HTML entities in the XFA form (Thanks to robomotic)
- Fixed Issue 10 related to bad error handling in the PDFFile.decrypt() method
- Fixed Issue 9, related to an uncaught exception when PyV8 is not installed
- Fixed bug in do_metadata() when objects contain /Metadata but they are not really Metadata objects
* Others
- Removed the old redirection method using the "set" command, it is useless now with the shell-like redirection (>, >>, $>, $>>)
* Known issues
- It exists a problem related to the readline module in Mac OS X (it uses editline instead of GNU readline), not handling correctly colorized prompts.
-----------------------------------------------
peepdf Black Hat Vegas (0.2 r156), 2012-07-25
-----------------------------------------------
* New features:
- Added "grinch mode" execution to avoid colorized output
- Added more colors in the interactive console output: warning, errors, important information...
- Changed sctest command, now it's implemented with pylibemu
- Added decrypt command to parse password protected documents
- Modified analyseJS() to extract JS code from XDP packets and unescape HTML entities
- Added function unescapeHTMLEntities() to unescape HTML entities
- Added AES decryption support (128 and 256 bits).
- Added hashes in objects information (info $object_id)
- Added support for decoding CCITTFaxDecode filters (Thanks to @binjo)
* Fixes:
- Fix to show decrypt errors
- Fixed silly bug with /EncryptMetadata element
- Added missing binary file operations
- Fixed Issue 5: Resolved false positives when monitoring some elements like actions, events, etc. (Thanks to @hiddenillusion)
- Bug in PDFStream.decode and PDFStream.encode, dealing with an array of filter parameters (Thanks to @binjo)
-----------------------------------------------
peepdf Black Hat Arsenal (0.1 r92), 2012-03-16
-----------------------------------------------
* New features:
- Added support for more parameters in Flate/LZW decode (stream filters)
- Encryption algorithm now showing in document information
- Added XML output and SHA hash to file information
- Improved unescape function to support mixed escaped formats (eg. "%u6734%34%u8790")
- Added xor and xor_search commands
- Added easy way of redirect console output (>, >>, $>, $>>)
- Added xor function by Evan Fosmark
- Added detection of CVE-2011-4369 (/PRC)
- Added hash command (Thanks to @binjo for code and comments)
- Added js_beautify command
- Update function added
- Added new vulns and showing information related to non JS vulns
- Added escape sequence in the limited output
- Added ascii85 decode from pdfminer to improve code and avoid bugs (Thanks to Brandon Dixon!)
- Added lzwdecode from pdfminer to improve code and avoid bugs
* Fixes:
- Update process rewritten, now based on hashing of files
- Silly bug in computeUserPass function (Thanks to Christian Martorella!)
- Added binary mode in files operations
- Recursion bug in update function
- Minor bug in do_embed function
- Bug to support encoding following PDF specifications (Issue 3 by czchen)
- Bug to handle negative numbers in P element
- Bug in the xref table when creating a new PDF (Issue 2)
- Silly bug when parsing filter parameters
- Bug related to updating objects and statistics of PDF files
- Some bugs related to offsets calculation
- Fixed "replace" function in PDFObjectStream
- Fix in asciiHexDecode filter function
-----------------------------------------------
peepdf 0.1 r15, 2011-05-05
-----------------------------------------------
- Initial Release