PDF Hacks

PDF Hacks

diffpdf-Free Cross Platform Software to compare PDF

DiffPDF can compare two PDF files. It offers two comparison modes: Text and Appearance.

By default the comparison is of the text on each pair of pages, but comparing the appearance of pages is also supported (for example, if a diagram is changed or if a paragraph is reformatted). It is also possible to compare particular pages or page ranges. For example, if there are two versions of a PDF file, one with pages 1-12 and the other with pages 1-13 because of an extra page having been added as page 4, they can be compared by specifying two page ranges, 1-12 for the first and 1-3, 5-13 for the second. This will make DiffPDF compare pages in the pairs (1, 1), (2, 2), (3, 3), (4, 5), (5, 6), and so on, to (12, 13).

 

Reference,

Free software to Compare the appearance difference of two PDF

diffpdf windows 32 version download address

November 19, 2010 Posted by | Open Source, Software, Windows | , , | Leave a Comment

Google Docs support OCR for PDF and Images

This feature only works for the following languages: English, French, Italian, German and Spanish. “For the technically curious: we’re using Optical Character Recognition (OCR) that our friends from Google Books helped us set up. OCR works best with high-resolution images, and not all formatting may be preserved.”, Google Docs Blog says.

for details, please visit Google Docs add OCR support to PDF and Images.

July 16, 2010 Posted by | PDF News | , | 1 Comment

Freely Rotate PDF Page Online-Google App Engine Application

Rotate PDF Page Online(PdfRotate)

RubyPDF release the 3rd Google App Engine Application, PDFRotate Online, wit it, you can freely rotate PDF page online, the rotate angles support 90, 180 and 270 degrees.

Rotate PDF Page Online(PdfRotate)

If you want offline version, please check pdfrotate.

January 12, 2010 Posted by | Uncategorized | , , , , , , , , | Leave a Comment

Free Divide PDF Page Online-Another Google App Engine Application

Today, RubyPDF released another Google App Engine Application, Freely Divide PDF Page Online, also bases on iText.

the main feature is Split a PDF page to two half size Pdf Page, for example, Split a A3 Page to two A4 pages.

btw, RubyPDF also released desktop version before.

January 6, 2010 Posted by | Uncategorized | , , , , , , , | Leave a Comment

How to download the big files through Google App Engine UrlFetch API Call

I offer the UrlFetch function in my PDF Password Remover Online application, but I do not want to let it only manipulate no more 1M PDF, after some study, I got the solution, let UrlFetch API download no more 1M data each time, but repeat many times until all data downloaded, of course, there still a limit, 30 second request limit.
For details, please visit

How to Use Google App Engine UrlFetch API to download the files over 1M

December 25, 2009 Posted by | Tutorials | , , , | Leave a Comment

First PDF Password Remover application hosted on Google App Engine

RubyPDF Software released the First PDF Password Remover application hosted on Google App Engine, bases on iText(version 2.1.7, but with many modification). with it, you can easily remove the user password or owner password online, and it is free.

  • remove restrictions on any secured PDF document (you should have the right to do it, for example, if you forgot the password). Any Acrobat version up to 9 is supported, even with 128-bit AES or 128-bit RC4 encryption. PDF restrictions removal is an instant process. Unlocked file can be opened in any PDF viewer without any restrictions so you may edit/copy/print it.
  • remove the PDF open password. Decryption of the file with password for opening is guaranteed for PDF files Any Acrobat version up to 9 is supported, even with 128-bit AES or 128-bit RC4 encryption,but you must know the password first.

For details, please visit RubyPDF PDF Password Remover Online.

December 23, 2009 Posted by | PDF News, Software | , , , , , | Leave a Comment

how to Optimize and Reduce PDF File Size with the Help of Adobe Acrobat

I noticed How to use Adobe Acrobat to Optimize and Reduce PDF File Size lists two PDF version tutorials,
PDF version tutorial of Adobe Acrobat 6 solution to optimize and redue file size,
http://www.adobe.com/designcenter/acrobat/articles/acr6optimize/acr6optimize.pdf
PDF version tutorial of Adobe Acrobat 7 solution to optimize and redue file size,
http://www.adobe.com/designcenter/acrobat/articles/acr7optimize/acr7optimize.pdf
and I just wonder why they do not release the tutorials for Adobe Acrobat 8 and Adobe Acrobat 9.

October 30, 2009 Posted by | Hacks, Tutorials | , , , | Leave a Comment

using pdfsizeopt to Optimize & Reduce PDF File Size

pdfsizeopt is open source project hosting on Google Code, the main feature is PDF file size optimizer. it bases on the following tools,

  • pdfsizeopt.py
  • Python
  • Ghostscript
  • Java
  • sam2p
  • jbig2
  • png22pnm
  • pngtopnm
  • Multivalent.jar
  • PNGOUT

pdfsizeopt is a collection of best practices and scripts for Unix to optimize the size of PDF files, with focus on PDFs created from TeX and LaTeX documents. pdfsizeopt is developed on a Linux system, and it depends on existing tools such as Python 2.4, Ghostscript 8.50, jbig2enc (optional), sam2p, pngtopnm, pngout (optional), and the Multivalent PDF compressor (optional) written in Java.

for details, please visit pdfsizeopt-a Free and Open Source PDF Manipulation Tool to Reduce PDF File Size

references,

pdfsizeopt home page
Convert JBIG2 to PDF with free and open source software agl’s jbig2enc
Windows version JBIG2 Encoder-Jbig2.exe

 

October 30, 2009 Posted by | Hacks, Linux, Open Source, Software, Tutorials, Windows | Leave a Comment

PDFMiner-Python PDF parser and analyzer

PDFMiner is a suite of programs that help extracting and analyzing text data of PDF documents. Unlike other PDF-related tools, it allows to obtain the exact location of texts in a page, as well as other extra information such as font information or ruled lines. It includes a PDF converter that can transform PDF files into other text formats (such as HTML). It has an extensible PDF parser that can be used for other purposes instead of text analysis.

Features:

  • Written entirely in Python. (for version 2.4 or newer)
  • PDF-1.7 specification support. (well, almost)
  • Non-ASCII languages and vertical writing scripts support.
  • Various font types (Type1, TrueType, Type3, and CID) support.
  • Basic encryption (RC4) support.
  • PDF to HTML conversion (with a sample converter web app).
  • Outline (TOC) extraction.
  • Tagged contents extraction.
  • Infer text running by using clustering technique.

Download and For details, please visit http://www.unixuser.org/~euske/python/pdfminer/index.html.

btw,

PDFMiner comes with two handy tools: pdf2txt.py and dumppdf.py.

pdf2txt.py extracts text contents from a PDF file. It extracts all the texts that are to be rendered programmatically, It cannot recognize texts drawn as images that would require optical character recognition. It also extracts the corresponding locations, font names, font sizes, writing direction (horizontal or vertical) for each text portion. You need to provide a password for protected PDF documents when its access is restricted. You cannot extract any text from a PDF document which does not have extraction permission.

For non-ASCII languages, you can specify the output encoding (such as UTF-8).

dumppdf.py dumps the internal contents of a PDF file in pseudo-XML format. This program is primarily for debugging purpose, but it’s also possible to extract some meaningful contents (such as images).

October 19, 2009 Posted by | Linux, Open Source, Software, Windows | , , , , , , , , , | Leave a Comment

Some PDF Tools developed in Python

When Search WordPress.com, I noticed a article  PDF Tools, it introduces some small PDF tools and all developed in Python.

pdf-parser.py

This tool will parse a PDF document to identify the fundamental elements used in the analyzed file. It will not render a PDF document. The code of the parser is quick-and-dirty, I’m not recommending this as text book case for PDF parsers, but it gets the job done.

You can see the parser in action in this screencast.

The stats option display statistics of the objects found in the PDF document. Use this to identify PDF documents with unusual/unexpected objects, or to classify PDF documents. For example, I generated statistics for 2 malicious PDF files, and although they were very different in content and size, the statistics were identical, proving that they used the same attack vector and shared the same origin.

The search option searches for a string in indirect objects (not inside the stream of indirect objects). The search is not case-sensitive, and is susceptible to the obfuscation techniques I documented (as I’ve yet to encounter these obfuscation techniques in the wild, I decided no to resort to canonicalization).

filter option applies the filter(s) to the stream. For the moment, only FlateDecode is supported (e.g. zlib decompression).

The raw option makes pdf-parser output raw data (e.g. not the printable Python representation).

objects outputs the data of the indirect object which ID was specified. This ID is not version dependent. If more than one object have the same ID (disregarding the version), all these objects will be outputted.

reference allows you to select all objects referencing the specified indirect object. This ID is not version dependent.

type alows you to select all objects of a given type. The type is a Name and as such is case-sensitive and must start with a slash-character (/).

Download:

pdf-parser_V0_3_1.zip (https)

MD5: 07CDA54844CD6567473CBF2B0DFC601C

SHA256: 7614AEC453502EEF43F9EA04A82092C4ACDD32AB86D1C4D744B7B590C74152EC

make-pdf tools
make-pdf-javascript.py allows one to create a simple PDF document with embedded JavaScript that will execute upon opening of the PDF document. It’s essentially glue-code for the mPDF.py module which contains a class with methods to create headers, indirect objects, stream objects, trailers and XREFs.

20081109-134003

If you execute it without options, it will generate a PDF document with JavaScript to display a message box (calling app.alert).

To provide your own JavaScript, use option –javascript for a script on the command line, or –javascriptfile for a script contained in a file.

Download:

make-pdf_V0_1_1.zip (https)

MD5: 9AF2E343B78553021C989E8E22355531

SHA256: C604679ABEB0469C1463159E02E74F12487B2755A6096B416A8F4F638DEB8AA9

pdfid.py
This tool is not a PDF parser, but it will scan a file to look for certain PDF keywords, allowing you to identify PDF documents that contain (for example) JavaScript or execute an action when opened. PDFiD will also handle name obfuscation.

The idea is to use this tool first to triage PDF documents, and then analyze the suspicious ones with my pdf-parser.

An important design criterium for this program is simplicity. Parsing a PDF document completely requires a very complex program, and hence it is bound to contain many (security) bugs. To avoid the risk of getting exploited, I decided to keep this program very simple (it is even simpler than pdf-parser.py).

20090330-214223

PDFiD will scan a PDF document for a given list of strings and count the occurrences (total and obfuscated) of each word:

  • obj
  • endobj
  • stream
  • endstream
  • xref
  • trailer
  • startxref
  • /Page
  • /Encrypt
  • /ObjStm
  • /JS
  • /JavaScript
  • /AA
  • /OpenAction
  • /JBIG2Decode

Almost every PDF documents will contain the first 7 words (obj through startxref), and to a lesser extent stream and endstream. I’ve found a couple of PDF documents without xref or trailer, but these are rare (BTW, this is not an indication of a malicious PDF document).

/Page gives an indication of the number of pages in the PDF document. Most malicious PDF document have only one page.

/Encrypt indicates that the PDF document has DRM or needs a password to be read.

/ObjStm counts the number of object streams. An object stream is a stream object that can contain other objects, and can therefor be used to obfuscate objects (by using different filters).

/JS and /JavaScript indicate that the PDF document contains JavaScript. Almost all malicious PDF documents that I’ve found in the wild contain JavaScript (to exploit a JavaScript vulnerability and/or to execute a heap spray). Of course, you can also find JavaScript in PDF documents without malicious intend.

/AA and /OpenAction indicate an automatic action to be performed when the page/document is viewed. All malicious PDF documents with JavaScript I’ve seen in the wild had an automatic action to launch the JavaScript without user interaction.

The combination of automatic action  and JavaScript makes a PDF document very suspicious.

/JBIG2Decode indicates if the PDF document uses JBIG2 compression. This is not necessarily and indication of a malicious PDF document, but requires further investigation.

A number that appears between parentheses after the counter represents the number of obfuscated occurrences. For example, /JBIG2Decode 1(1) tells you that the PDF document contains the name /JBIG2Decode and that it was obfuscated (using hexcodes, e.g. /JBIG#32Decode).

BTW, all the counters can be skewed if the PDF document is saved with incremental updates.

Because PDFiD is just a string scanner (supporting name obfuscation), it will also generate false positives. For example, a simple text file starting with %PDF-1.1 and containing words from the list will also be identified as a PDF document.

Download:

pdfid_v0_0_9.zip (https)

MD5: 1C731D6204C09AAFF219876A8FB5E834

SHA256: 24A9B16E67A84E85488A16879CB611128B2E5921044E48EFB60D784BD785CBD0

October 19, 2009 Posted by | Linux, Open Source, Software, Tutorials, Windows | , , , | Leave a Comment

« Previous Entries    

Follow

Get every new post delivered to your Inbox.