mirror of
https://github.com/rapid7/metasploit-framework
synced 2024-10-29 18:07:27 +01:00
8c06e0d46e
commit 5c82f0acade617d8314858170752c498eac4b4fb
Author: Alexander Klink <git@alech.de>
Date: Thu Apr 19 20:57:21 2012 +0200
pdf2xdp.rb script to convert PDF file to XDP format
XDP is an equivalent format for PDF, but is pretty useful in evading AV
software.
See
https://www.metasploit.com/redmine/issues/3679
http://shiftordie.de/blog/2011/02/09/evading-avs-using-the-xml-data-package-xdp-format/
[Closes #345]
37 lines
854 B
Ruby
Executable File
37 lines
854 B
Ruby
Executable File
#!/usr/bin/env ruby
|
|
|
|
# This script converts a PDF file to an equivalent XML Data Package file,
|
|
# which can be opened by Adobe Reader as well and typically escapes AV
|
|
# detection better than a "normal" PDF
|
|
#
|
|
# Alexander 'alech' Klink, 2011
|
|
# public domain / CC-0
|
|
|
|
require 'base64'
|
|
|
|
pdf = ARGV.shift
|
|
xdp = ARGV.shift
|
|
|
|
if ! xdp then
|
|
STDERR.puts " Usage: #{$0} input.pdf output.xdp"
|
|
exit 1
|
|
end
|
|
|
|
pdf_content = begin
|
|
File.read(pdf)
|
|
rescue
|
|
STDERR.puts "Could not read input PDF file: #{$!}"
|
|
exit 2
|
|
end
|
|
|
|
xdp_out = begin
|
|
open xdp, 'w'
|
|
rescue
|
|
STDERR.puts "Could not open output XDP file: #{$!}"
|
|
exit 3
|
|
end
|
|
|
|
xdp_out.print '<?xml version="1.0"?><?xfa ?><xdp:xdp xmlns:xdp="http://ns.adobe.com/xdp/"><pdf xmlns="http://ns.adobe.com/xdp/pdf/"><document><chunk>'
|
|
xdp_out.print Base64.encode64(pdf_content)
|
|
xdp_out.print '</chunk></document></pdf></xdp:xdp>'
|