Beispiel #1
0
def main():
    filenames = ["./test"]
    options = pdfid.get_fake_options()
    options.scan = True
    options.json = True
    list_of_dict = pdfid.PDFiDMain(filenames, options)
    print(list_of_dict)
Beispiel #2
0
 def __pdfid_analysis(self):
     success = False
     try:
         options = pdfid.get_fake_options()
         options.json = True
         list_of_dict = pdfid.PDFiDMain([self.filepath], options)
         self.results["pdfid"] = list_of_dict
     except Exception as e:
         logger.exception(e)
         self.results["pdfid"]["error"] = str(e)
     else:
         success = True
     return success
Beispiel #3
0
def check_path(path):

    print("Screening pdf for script and automatic actions: %s" % path)
    options = pdfid.get_fake_options()
    options.scan = True
    options.json = True
    report = pdfid.PDFiDMain([path], options)["reports"][0]
    script_count=report["/JS"]+report["/JavaScript"]
    action_count=report["/AA"]+report["/OpenAction"]
    suspect_count=script_count+action_count
    print("Detected Scripts:%s Actions:%s" % (script_count,action_count))

    if suspect_count > 0:
        return AV_STATUS_INFECTED, "PDF.IllegalContent_Scripts:%s_Actions:%s" % (script_count,action_count)
    else:
        return AV_STATUS_CLEAN, AV_SIGNATURE_OK