v5.1.0

What's Changed

• prevent from changing object's value by @orbisvicis in #35

New Contributors

• @orbisvicis made their first contribution in #35

Full Changelog: v5.0.0...v5.1.0

v5.0.0

What's Changed

• Add main.py for command line module implementation by @digitalsleuth in #27
• fix deprecation warnings identified by @doomedraven
• Code cleanup and modifications by @digitalsleuth in #28
• Update pyproject to include STPyV8, change py ver by @digitalsleuth in #29
• Sort search objects by @digitalsleuth in #31
• Fix embed by @digitalsleuth in #34

New Contributors

• @doomedraven made their first contribution in #26

Full Changelog: v4.1.0...v5.0.0

v4.1.0

• Fixes:
  - Merged PR 23 from @certxlm to fix an issue encountered when using -s SCRIPTFILE.

v4.0.0

peepdf 4.0.0, 2024-07-30

* Fixes:

    - Fixed issue with analysis of RC4 encrypted pdf - [Issue 17](https://github.com/digitalsleuth/peepdf-3/issues/17)
    - Identified and corrected issue with deciphering JavaScript entries and reporting detected JS - [Issue 18](https://github.com/digitalsleuth/peepdf-3/issues/18)
    - Correction of JSON output displaying incorrect version and ID entry - [Issue 20](https://github.com/digitalsleuth/peepdf-3/issues/20)
    - Linted to correct import issues and expedite analysis
    - Re-mapped variables from builtins to properly named variables
    - Corrected JSAnalysis detection and analysis of JS code to more accurately detect JS and not send it for analysis unnecessarily
    - Standardized logging output filenames
    - Fixed an issue with detecting a `not found` error on VirusTotal both in the interactive console and on command line

* Changes:

    - Added a confirmation prompt when viewing large objects (greater-than 10000 bytes in size)

v3.0.3

peepdf 3.0.3, 2024-01-10

* Fixes:

    - Layout of table from vtcheck now better formatted

* Changes:

    - New requirement (prettytable) added to pyproject.toml
    - Reorganized the code surrounding the vtcheck and do_vtcheck functions

v3.0.2

peepdf 3.0.2, 2024-01-04

* Fixes:

    - Fixes incorrect version number

v3.0.1

This release is a combination of 3.0.0 and a hotfix included in 3.0.1

peepdf 3.0.1, 2024-01-04

* Fixes:

    - Fixed an issue where the json output wasn't formulated properly based on the differences in CRLF and blanks in the "IDs" field

peepdf 3.0.0, 2024-01-04

* Fixes:

    - AES decryption inaccurately determines the default password is incorrect
    - When supplying a file name, previous versions wouldn't check to see if the file existed before attempting actions
    - Parsing of rawobjects only returned identical information instead of actual raw data
    - Fixed an error whereby the ID did not parse correctly when using the `info trailer` command (when the ID is present)
    - Fixed the URL for the VT report, was previously directing to the API call, not the actual standard web location

* Changes:

    - **NOTE** Removed pylibemu as a requirement to allow an installation on Windows systems. All libemu/pylibemu/sctest functions will still work on linux, provided libemu and pylibemu are installed.
    - Moved the lzw, jjdecode, and ccitt modules to their own encode/decode module, PDFEnDec.py
    - Moved the aes module into PDFCrypto.py
    - Renamed main.py to peepdf.py (to fit better naming structure and usage)
    - Added clarity to the interactive console commands and their outputs (modified help menus, explained outputs)
    - Added feedback to the redirect functions of the interactive console to confirm success / failure of action
    - Modified the error handling and argument parsing on initial launch to better handle multiple arguments

* New Features:

    - Added a `json` and `xml` option in the interactive console to print the xml and json output of the currently loaded file
    - Added `objects` and `streams` options to the interactive console to show all objects and streams without having to resend the `info` command
    - Added a `clear` command to the interactive console to clear the screen
    - Not previously documented, but an `ocr` command has been added to the command line and interactive shells to extract text from the PDF
    - Added the document "ID" to the XML and JSON outputs

v2.3.0

peepdf 2.3.0, 2024-01-02

* Fixes:

    - Fixed an issue whereby a race condition was caused which failed to "decrypt" hexadecimal JS objects when ID values were set to True too soon.

v2.2.0

* Fixes:

    - Fixed an error introduced when streamTrailer is None

v2.1.0

v2.1.0

• Fixes:

  • AES decryption had several type errors (as indicated in Issue #5). These have been fixed.
  • The string for the ID was getting unintentionally decoded from string to hex, leaving an illegible ID string
  • Added error handling for the missing ID from the Trailer

• Changes:

  • Updated PDFVulns.py to contain the Elements and Actions to be watched
  • The "title" of the document sometimes would contain unusable characters if decryption failed. Now will check for ascii content before outputting title.