Ahh, and we found one of the original posts;; From: Michal Zalewski <[EMAIL PROTECTED]> Subject: [Full-Disclosure] Automated metadata recovery for document collections (tool release) Cc: [EMAIL PROTECTED] Date: Sat, 3 Apr 2004 17:18:49 +0200 (CEST) To: [EMAIL PROTECTED]
Hi, After my short write-up on results of automated change tracking data recovery for Microsoft Word documents found at microsoft.com [1], I've received a couple of inquiries from pen-testers who asked me about the tool I used to find the data, and stated that something like this would be a good addition to their everyday testing methodology. A beta version of the tool to automatically detect and index change tracking information in a collection of Word documents published on a website (or stored on disk, mounted via SMB/NFS, etc) is now available for download: http://lcamtuf.coredump.cx/soft/therev.tgz If there is enough interest, I'll try to maintain this tool and add options to gather all other types of security-relevant metadata (such as usernames, MAC addresses and whatnot) as well. Regards, mz [1] http://lcamtuf.coredump.cx/strikeout/ This moight be the tools originally requested. Thanks, Ron DuFresne On Mon, 31 Jan 2005, Florian Weimer wrote: > * Clement Dupuis: > > > This is why so many companies have adopted the PDF format for document > > exchange. What you see is what it is, no hidden code or revision bits. > > This view is a bit too simplistic. PDF files can contain layers, and > the text that is nicely covered by those black rectangle may still be > present in the document. > > In general, PDF documents are not too bad an idea, though. At least > it avoids the embarrassment of embedded OLE objects which contain far > more information that is actually visible in the parent document (and > I don't think Microsoft's tool addresses this because it would > castrate the document). > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > -- "Sometimes you get the blues because your baby leaves you. Sometimes you get'em 'cause she comes back." --B.B. King ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
