MBot Postado Junho 13, 2018 em 21:02 Compartilhar Postado Junho 13, 2018 em 21:02 2018-05-30 v0.53: - olevba and mraptor can now parse Word/PowerPoint 2007+ pure XML files (aka Flat OPC format) - improved support for VBA forms in olevba (oleform) - rtfobj now displays the CLSID of OLE objects, which is the best way to identify them. Known-bad CLSIDs such as MS Equation Editor are highlighted in red. - Updated rtfobj to handle obfuscated RTF samples. - rtfobj now handles the "\'" obfuscation trick seen in recent samples such as https://twitter.com/buffaloverflow/status/989798880295444480, by emulating the MS Word bug described in https://securelist.com/disappearing-bytes/84017/ - msodde: improved detection of DDE formulas in CSV files - oledir now displays the tree of storage/streams, along with CLSIDs and their meaning. - common.clsid contains the list of known CLSIDs, and their links to CVE vulnerabilities when relevant. - oleid now detects encrypted OpenXML files - fixed bugs in oleobj, rtfobj, oleid, olevbaDownload Link para o comentário Compartilhar em outros sites More sharing options...
Posts Recomendados
Arquivado
Este tópico foi arquivado e está fechado para novas respostas.