Challenge 6 of the Forensic Challenge 2010 - Analyzing Malicious Portable Destructive Files
(英文網頁說明)
https://www.honeynet.org/challenges/2010_6_malicious_pdf
鑑識分析挑戰 6:分析惡意編碼 PDF 檔案
(中文網頁說明)
http://www.honeynet.org/node/584
開wireshark File>Export>Objects>HTTP 把全部物件Export出來
會得到惡意PDF文件"fcexploit.pdf"和其他一些東西
--
1.
惡意文檔分析技巧及工具快速參考(Cheat Sheet)
http://jay-fva.blogspot.com/2011/05/cheat-sheet.html
2.
神父神棍
http://wordintoro.wordpress.com/2011/08/
3.
010 Editor
4.
http://blog.didierstevens.com/2008/04/09/quickpost-about-the-physical-and-logical-structure-of-pdf-files/
0 意見:
張貼留言