Origami

From aldeid
Jump to navigation Jump to search

Description

Origami is a Ruby framework for manipulating PDF documents. It features a PDF compliant parser and allows to analyze, modify or create malicious PDF files.

Origami supports advanced features of the latest PDF specifications:

  • Encryption, up to Adobe Reader X
  • Digital signatures
  • Forms (Acrobat and XML)
  • JavaScript
  • Annotations
  • Flash
  • File attachments
  • Object streams

Installation

REMnux

Origami comes pre-installed on REMnux.

From packages

To install it, execute the following commands. They will install origami as well as the required dependencies:

$ sudo gem install gtk2
$ sudo gem install therubyracer
$ sudo gem install origami

From sources (development version)

$ hg clone https://code.google.com/p/origami-pdf/

Usage

Graphical User Interface (GUI)

pdfwalker
pdfwalker is the GUI version of Origami

Command Line Interface (CLI)

pdf2graph
Generates a Graphviz DOT file out of a PDF document.
pdf2pdfa
Enforces a document to be rendered as PDF/A.
This will disable multimedia features and JavaScript execution in Adobe Reader.
pdf2ruby
Convert a PDF document to an Origami script (experimental).
pdfcocoon
Embeds and PDF document into a trojan PDF document.
pdfcop
The PDF filtering engine. Scans PDF documents for malicious structures
pdfdecompress
ncompresses all binary streams of a PDF document.
pdfdecrypt
Decrypts a PDF document. Supports RC4 40 to 128 bits, AES128, AES256.
pdfencrypt
Encrypts a PDF document. Supports RC4 40 to 128 bits, AES128, AES256
pdfexplode
Explodes a document into separate documents
pdfextract
Extracts various data out of a document (streams, scripts, images, fonts, metadata, attachments).
pdfmetadata
Prints out the metadata contained in a PDF document.
pdfsh
Prints out the metadata contained in a PDF document.

Writing custom scripts

You can write your own custom scripts using the Origami API (Ruby).

Origami already comes up with some commonly useful scripts:

  • pdfencrypt/pdfdecrypt (encrypts or decrypts a document)
  • pdfdecompress (removes any compression layer)
  • pdfmetadata (prints document metadata)
  • pdfextract (extracts various objects from a document)
  • pdfcop (automatized analysis engine)
  • Some other miscellaneous scripts (pdf2ruby, pdf2graph, pdf2pdfa, ...)

Comments

blog comments powered by Disqus