INTERNET STORM CENTER SPOTLIGHT
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Wireshark 4.2.5 Released
Published: 2024-05-18
Last Updated: 2024-05-18 14:25:51 UTC
by Didier Stevens (Version: 1)
Wireshark release 4.2.5 fixes 3 vulnerabilities (CVE-2024-4853, CVE-2024-4854 and CVE-2024-4855) and 19 bugs.
- https://www.wireshark.org/docs/relnotes/wireshark-4.2.5.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-4853
- https://nvd.nist.gov/vuln/detail/CVE-2024-4854
- https://nvd.nist.gov/vuln/detail/CVE-2024-4855
https://isc.sans.edu/diary/Wireshark+425+Released/30934/
Another PDF Streams Example: Extracting JPEGs
Published: 2024-05-17
Last Updated: 2024-05-17 12:04:03 UTC
by Didier Stevens (Version: 1)
In my diary entry "Analyzing PDF Streams" I showed how to use my tools file-magic.py and myjson-filter.py together with my PDF analysis tool pdf-parser.py to analyze PDF streams en masse.
In this diary entry, I will show how file-magic.py can augment JSON data produced by pdf-parser.py with file-type information that an then be used by myjson-filter.py to filter out files you are interested in. As an example, I will extract all JPEGs from a PDF document.
First, let's produce statistics with pdf-parser.py's option -a ...
This confirms that there are many "Indirect objects with a stream" in this document.
Next, I let pdf-parser.py produce JSON output (--jsonoutput) with the content of the unfiltered streams, and I let file-magic.py consume this JSON output (--jsoninput) to try to identify the file type of each stream based on its content (since streams don't have a filename, there is no filename extension and we need to look at the content) ...
Read the full entry:
https://isc.sans.edu/diary/Another+PDF+Streams+Example+Extracting+JPEGs/30924/