How to insert a .PDF document inside another and automatically open it?
46 views
Skip to first unread message
Rick K. M.
Oct 22, 2012, 2:54:05 PM10/22/12
to origa...@googlegroups.com
Hi all
I'm new to Origami, but it's very nice. I'm trying to use Origami to test our defense approach against malicious PDFs. I saw a script called pdfcocoon that embeds an PDF document into a trojan PDF document. However I noticed that only one PDF is opened, the injected one is never opened. There is a way to automatically opens the injected "safe" pdf automatically?
Thanks.
I'm new to Origami, but it's very nice. I'm trying to use Origami to test our defense approach against malicious PDFs. I saw a script called pdfcocoon that embeds an PDF document into a trojan PDF document. However I noticed that only one PDF is opened, the injected one is never opened. There is a way to automatically opens the injected "safe" pdf automatically?
Thanks.
jena peoples
Oct 22, 2012, 2:56:02 PM10/22/12
to origa...@googlegroups.com
I was able to insert java that automatically opened html. You should be able to do something similar. Sorry I don't have much to contribute other than the thought, its been a while since I've worked on it.
Rick K. M.
Oct 22, 2012, 3:05:52 PM10/22/12
to origa...@googlegroups.com
Hi Jena
Thanks for your answer, very appreciated.
But have you pointed to a local or remote .html? Also it opened without any confirmation request?
I think you referenced a remote .html file, right? Because if it was embedded inside the PDF I think it would be hard to auto-load it, in special because I don't know if this embedded content (PDF, HTML, etc) is dropped on the filesystem or if it's handled internally by the the PDF reader software.
Also, if it's dropped on the disk there is no big advantage for an attacker perspective since an AV will detect it on the same way.
Thanks.
Thanks for your answer, very appreciated.
But have you pointed to a local or remote .html? Also it opened without any confirmation request?
I think you referenced a remote .html file, right? Because if it was embedded inside the PDF I think it would be hard to auto-load it, in special because I don't know if this embedded content (PDF, HTML, etc) is dropped on the filesystem or if it's handled internally by the the PDF reader software.
Also, if it's dropped on the disk there is no big advantage for an attacker perspective since an AV will detect it on the same way.
Thanks.
Alexandre Bique
Mar 11, 2015, 1:59:08 PM3/11/15
to origa...@googlegroups.com
Hi,
Did you manage to do what you wanted?
If so, I'm interested in the solution :)
If so, I'm interested in the solution :)
Regards,
Alexandre
Reply all
Reply to author
Forward
0 new messages