El dimecres, 13 de setembre de 2017, a les 18:20:42 CEST, Alex va escriure: > Hi, > > I have a malicious PDF that fails to be detected properly apparently > because it's encrypted in some way:
"Fails to be detected properly" by what? Cheers, Albert > > # podofopdfinfo /var/tmp/Invoice\ -\ NF22394519.pdf > Error: An error 8 ocurred during uncompressing the pdf file. > > > PoDoFo encounter an error. Error: 8 ePdfError_InternalLogic > Error Description: An internal error occurred. > Callstack: > #0 Error Source: > /builddir/build/BUILD/podofo-0.9.1/src/base/PdfParser.cpp:209 > Information: Unable to load objects from file. > #1 Error Source: > /builddir/build/BUILD/podofo-0.9.1/src/base/PdfParserObject.cpp:377 > Information: Unable to parse the stream for object 30 0 obj > . #2 Error Source: > /builddir/build/BUILD/podofo-0.9.1/src/base/PdfEncrypt.cpp:1137 > Information: CreateEncryptionInputStream does not yet > support AES > > Would someone be interested in investigating this? Am I missing > something to properly detect and manage these? > > https://www.dropbox.com/s/8bqkp5okojma83b/Invoice%20-%20NF22394519.pdf?dl=0 > > Is there a legitimate reason to encrypt a PDF in this way? In other > words, I can still see the contents and click on the malicious link, > but apparently not view the meta information about it... > _______________________________________________ > poppler mailing list > [email protected] > https://lists.freedesktop.org/mailman/listinfo/poppler _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
