Origami v1.0.0-beta0 - Parse, Analyze, and Forge PDF documents

by

In: Framework , Local auditing , Origami

15 September 2009

Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents.

Features

  • Create PDF documents from scratch.
  • Parse existing documents, modify them and recompile them.
  • Explore documents at the object level, going deep into the document structure, uncompressing PDF object streams and desobfuscating names and strings.
  • High-level operations, such as encryption/decryption, signature, file attachments...
  • A GTK interface to quickly browse into the document contents.
PNG - 78.5 kb

The people of Origami provide some scripts helping to perform common actions on PDF files.

Full scripts

  • detectjs.rb: search for all JavaScript objects.
  • embed.rb: add an attachment to a PDF file.
  • create-jspdf.rb: add a JavaScript to a PDF file, executed when the document is opened.
  • moebius.rb: transform a PDF to a moebius strip.
  • encrypt.rb: encrypt a PDF file.

Post scriptum


Related Articles

Framework
Local auditing
Origami