lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0501311148070.9696-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: OT: Tool for sanitizing MS office documents?


Ahh, and we found one of the original posts;;

From: Michal Zalewski <lcamtuf@...ttot.org>
Subject: [Full-Disclosure] Automated metadata recovery for document
collections    (tool release)
Cc: pentest@...urityfocus.com
Date: Sat, 3 Apr 2004 17:18:49 +0200 (CEST)
To: full-disclosure@...sys.com

Hi,

After my short write-up on results of automated change tracking data
recovery for Microsoft Word documents found at microsoft.com [1], I've
received a couple of inquiries from pen-testers who asked me about the
tool I used to find the data, and stated that something like this would be
a good addition to their everyday testing methodology.

A beta version of the tool to automatically detect and index change
tracking information in a collection of Word documents published on a
website (or stored on disk, mounted via SMB/NFS, etc) is now available for
download:

  http://lcamtuf.coredump.cx/soft/therev.tgz

If there is enough interest, I'll try to maintain this tool and add
options to gather all other types of security-relevant metadata (such as
usernames, MAC addresses and whatnot) as well.

Regards,
mz

[1] http://lcamtuf.coredump.cx/strikeout/




This moight be the tools originally requested.

Thanks,

Ron DuFresne

On Mon, 31 Jan 2005, Florian Weimer wrote:

> * Clement Dupuis:
>
> > This is why so many companies have adopted the PDF format for document
> > exchange.  What you see is what it is, no hidden code or revision bits.
>
> This view is a bit too simplistic.  PDF files can contain layers, and
> the text that is nicely covered by those black rectangle may still be
> present in the document.
>
> In general, PDF documents are not too bad an idea, though.  At least
> it avoids the embarrassment of embedded OLE objects which contain far
> more information that is actually visible in the parent document (and
> I don't think Microsoft's tool addresses this because it would
> castrate the document).
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

-- 
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ