aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--PdfFileTransformer/pdf.py27
-rw-r--r--PolyglotFile/__init__.py1
-rw-r--r--PolyglotFile/polyglotpdfany.py27
-rw-r--r--PolyglotFile/polyglotpdfzip.py27
-rw-r--r--PolyglotFile/polyglotszippdf.py27
-rw-r--r--PolyglotFile/polyglotzipany.py27
-rw-r--r--PolyglotFile/polyglotzippdf.py27
-rw-r--r--README.md223
-rw-r--r--ZipFileTransformer/zip.py27
-rwxr-xr-xtruepolyglot35
10 files changed, 441 insertions, 7 deletions
diff --git a/PdfFileTransformer/pdf.py b/PdfFileTransformer/pdf.py
index c93fb61..c662042 100644
--- a/PdfFileTransformer/pdf.py
+++ b/PdfFileTransformer/pdf.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import logging
import re
import tempfile
diff --git a/PolyglotFile/__init__.py b/PolyglotFile/__init__.py
index 4ece820..69044ee 100644
--- a/PolyglotFile/__init__.py
+++ b/PolyglotFile/__init__.py
@@ -1,5 +1,4 @@
# -*- coding: utf-8 -*-
-# -*- coding: utf-8 -*-
from .polyglotpdfzip import PolyglotPdfZip
from .polyglotpdfany import PolyglotPdfAny
diff --git a/PolyglotFile/polyglotpdfany.py b/PolyglotFile/polyglotpdfany.py
index a441f2c..e144b0b 100644
--- a/PolyglotFile/polyglotpdfany.py
+++ b/PolyglotFile/polyglotpdfany.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import logging
'''
diff --git a/PolyglotFile/polyglotpdfzip.py b/PolyglotFile/polyglotpdfzip.py
index 81c3f06..4d7e3bc 100644
--- a/PolyglotFile/polyglotpdfzip.py
+++ b/PolyglotFile/polyglotpdfzip.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import logging
'''
diff --git a/PolyglotFile/polyglotszippdf.py b/PolyglotFile/polyglotszippdf.py
index 4725a74..1fc258f 100644
--- a/PolyglotFile/polyglotszippdf.py
+++ b/PolyglotFile/polyglotszippdf.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
from .polyglotpdfzip import PolyglotPdfZip
import logging
import tempfile
diff --git a/PolyglotFile/polyglotzipany.py b/PolyglotFile/polyglotzipany.py
index 133db4a..af08ba8 100644
--- a/PolyglotFile/polyglotzipany.py
+++ b/PolyglotFile/polyglotzipany.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import logging
'''
diff --git a/PolyglotFile/polyglotzippdf.py b/PolyglotFile/polyglotzippdf.py
index 2493663..8c666ff 100644
--- a/PolyglotFile/polyglotzippdf.py
+++ b/PolyglotFile/polyglotzippdf.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
from .polyglotpdfzip import PolyglotPdfZip
diff --git a/README.md b/README.md
index 582bf06..19ecff3 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,222 @@
-# TruePolyglot #
+Truepolyglot is polyglot file generator project. It means the generated file is composed of several file formats. The same file can be opened as a ZIP file and as a PDF file for example. The idea of this project comes from the work of [Ange Albertini](https://github.com/corkami), [International Journal of Proof-of-Concept or Get The Fuck Out](https://www.alchemistowl.org/pocorgtfo/pocorgtfo07.pdf) and [Julia Wolf](https://www.troopers.de/wp-content/uploads/2011/04/TR11_Wolf_OMG_PDF.pdf) that explain how we can build a polyglot file.\
+Polyglot file can be boring to build, even more if you want to respect the file format correctly.\
+That's why I decided to build a tool to generate them.\
+My main motivation was the technical challenge.
+
+## Features and versions ##
+
+| Description | Version |
+| ----------- | ------- |
+| Build a polyglot file valid as PDF and ZIP format and that can be opened with 7Zip and Windows Explorer | POC |
+| Add a stream object in the PDF part | POC |
+| Polyglot file checked without warning with [pdftocairo](https://poppler.freedesktop.org/) | >= 1.0 |
+| Polyglot file checked without warning with [caradoc](https://github.com/ANSSI-FR/caradoc) | >= 1.0 |
+| Rebuild the PDF Xref Table | >= 1.0 |
+| Stream object with the correct length header value | >= 1.0 |
+| Add the format "zippdf", file without offset after the Zip data | >= 1.1 |
+| Polyglot file keeps the original PDF version | >= 1.1.1 |
+| Add the "szippdf" format without offset before and after the Zip data | >= 1.2 |
+| Fix /Length stream object value and the PDF offset for the szippdf format | >= 1.2.1 |
+| PDF object numbers reorder after insertion | >= 1.3 |
+| Add the format "pdfany" a valid PDF with custom payload content in the first and the last objet | >= 1.5.2 |
+| Add "acrobat-compatibility" option to allow szippdf to be read with Acrobat Reader (thanks Ange Albertini)| >= 1.5.3 |
+| Add the format "zipany" a valid ZIP with custom payload content at the start and between LHF and CD | >= 1.6 |
+
+## Polyglot file compatibility ##
+
+| Software | Formats | status |
+| -------- | ------- | ------ |
+| Acrobat Reader | pdfzip, zippdf, szippdf, pdfany | OK |
+| Sumatra PDF | pdfzip, zippdf, szippdf, pdfany | OK |
+| Foxit PDF Reader | pdfzip, zippdf, szippdf, pdfany | OK |
+| Edge | pdfzip, zippdf, szippdf, pdfany | OK |
+| Firefox | pdfzip, zippdf, szippdf, pdfany | OK |
+| 7zip | pdfzip, zippdf, zipany | OK with warning |
+| 7zip | szippdf | OK |
+| Explorer Windows | pdfzip, zippdf, szippdf, pdfany, zipany | OK |
+| Info-ZIP (unzip) | pdfzip, zippdf, szippdf, pdfany, zipany | OK |
+| Evince | pdfzip, zippdf, szippdf, pdfany | OK |
+| pdftocairo -pdf | pdfzip, zippdf, szippdf, pdfany | OK |
+| caradoc stats | pdfzip, pdfany | OK |
+| java -jar | szippdf | OK |
+
+## Examples ##
+
+| First input file | Second input file | Format | Polyglot | Comment |
+| ---------------- | ----------------- | ------ | -------- | ------- |
+| [doc.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc1/doc.pdf) | [archive.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc1/archive.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc1/polyglot.pdf) | PDF/ZIP polyglot - 122 Ko |
+| [orwell\_1984.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc2/orwell_1984.pdf) | [file-FILE5\_32.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc2/file-FILE5_32.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc2/polyglot.pdf) | PDF/ZIP polyglot - 1.3 Mo |
+| [x86asm.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc3/x86asm.pdf) | [fasmw17304.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc3/fasmw17304.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc3/polyglot.pdf) | PDF/ZIP polyglot - 1.8 Mo |
+| [doc.pdf](/samples/zippdf/poc4/doc.pdf) | [archive.zip](/samples/zippdf/poc4/archive.zip) | zippdf | [polyglot.pdf](/samples/zippdf/poc4/polyglot.pdf) | PDF/ZIP polyglot - 112 Ko |
+| [electronics.pdf](https://truepolyglot.hackade.org/samples/szippdf/poc5/electronics.pdf) | [hello\_world.jar](https://truepolyglot.hackade.org/samples/szippdf/poc5/hello_world.jar) | szippdf | [polyglot.pdf](https://truepolyglot.hackade.org/samples/szippdf/poc5/polyglot.pdf) | PDF/JAR polyglot - 778 Ko |
+| [hexinator.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc6/hexinator.pdf) | [eicar.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc6/eicar.zip) ([scan virustotal.com](https://www.virustotal.com/#/file/2174e17e6b03bb398666c128e6ab0a27d4ad6f7d7922127fe828e07aa94ab79d/detection)) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc6/polyglot.pdf) ([scan virustotal.com](https://www.virustotal.com/#/file/f6fef31e3b03164bb3bdf35af0521f9fc0c518a9e0f1aa9f8b60ac936201591a/detection)) | PDF/ZIP polyglot with the Eicar test in Zip - 2.9 Mo |
+| [doc.pdf](https://truepolyglot.hackade.org/samples/pdfany/poc7/doc.pdf) | [page.html](https://truepolyglot.hackade.org/samples/pdfany/poc7/page.html) | pdfany | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfany/poc7/polyglot.pdf) | PDF/HTML polyglot - 26 Ko |
+| [logo.zip](https://truepolyglot.hackade.org/samples/zipany/poc8/logo.zip) | [nc.exe](https://truepolyglot.hackade.org/samples/zipany/poc8/nc.exe) | zipany | [polyglot.zip](https://truepolyglot.hackade.org/samples/zipany/poc8/polyglot.zip) | PDF/PE polyglot - 96 Ko |
+
+## Usage ##
+
+```
+usage: truepolyglot format [options] output-file
+
+Generate a polyglot file.
+
+Formats availables:
+* pdfzip: Generate a file valid as PDF and ZIP. The format is closest to PDF.
+* zippdf: Generate a file valid as ZIP and PDF. The format is closest to ZIP.
+* szippdf: Generate a file valid as ZIP and PDF. The format is strictly a ZIP. Archive is modified.
+* pdfany: Generate a valid PDF file with payload1 file content as the first object or/and payload2 file content as the last object.
+* zipany: Generate a valid ZIP file with payload1 file content at the start of the file or/and payload2 file content between LFH and CD.
+
+positional arguments: {pdfzip,zippdf,szippdf,pdfany,zipany}
+Output polyglot format
+output_file Output polyglot file path
+
+optional arguments:
+-h, --help show this help message and exit
+--pdffile PDFFILE PDF input file
+--zipfile ZIPFILE ZIP input file
+--payload1file PAYLOAD1FILE Payload 1 input file
+--payload2file PAYLOAD2FILE Payload 2 input file
+--acrobat-compatibility Add a byte at the start for Acrobat Reader compatibility with the szippdf format
+--verbose {none,error,info,debug} Verbosity level (default: info)
+
+TruePolyglot v1.6.1
+```
+
+## Code ##
+
+```
+git clone https://git.hackade.org/truepolyglot.git/
+```
+
+or download [truepolyglot-1.6.1.tar.gz](https://git.hackade.org/truepolyglot.git/snapshot/truepolyglot-1.6.1.tar.gz)
+
+## How to detect a polyglot file ? ##
+
+You can use [binwalk](https://github.com/ReFirmLabs/binwalk) on a file to see if composed of multiple files.
+
+## Contact ##
+
+[truepolyglot@hackade.org](mailto:truepolyglot@hackade.org)
+
+## Credits ##
+
+Copyright © 2018-2019 ben@hackade.org
+
+TruePolyglot is released under [Unlicence](https://unlicense.org/) except for the following libraries:
+
+* [PyPDF2](https://github.com/mstamy2/PyPDF2/blob/master/LICENSE)
+* [zipfile.py (cpython)](https://github.com/python/cpython/blob/master/LICENSE)
+
+
+Truepolyglot is polyglot file generator project. It means the generated file is composed of several file formats. The same file can be opened as a ZIP file and as a PDF file for example. The idea of this project comes from the work of [Ange Albertini](https://github.com/corkami), [International Journal of Proof-of-Concept or Get The Fuck Out](https://www.alchemistowl.org/pocorgtfo/pocorgtfo07.pdf) and [Julia Wolf](https://www.troopers.de/wp-content/uploads/2011/04/TR11_Wolf_OMG_PDF.pdf) that explain how we can build a polyglot file.\
+Polyglot file can be boring to build, even more if you want to respect the file format correctly.\
+That's why I decided to build a tool to generate them.\
+My main motivation was the technical challenge.
+
+## Features and versions ##
+
+| Description | Version |
+| ----------- | ------- |
+| Build a polyglot file valid as PDF and ZIP format and that can be opened with 7Zip and Windows Explorer | POC |
+| Add a stream object in the PDF part | POC |
+| Polyglot file checked without warning with [pdftocairo](https://poppler.freedesktop.org/) | >= 1.0 |
+| Polyglot file checked without warning with [caradoc](https://github.com/ANSSI-FR/caradoc) | >= 1.0 |
+| Rebuild the PDF Xref Table | >= 1.0 |
+| Stream object with the correct length header value | >= 1.0 |
+| Add the format "zippdf", file without offset after the Zip data | >= 1.1 |
+| Polyglot file keeps the original PDF version | >= 1.1.1 |
+| Add the "szippdf" format without offset before and after the Zip data | >= 1.2 |
+| Fix /Length stream object value and the PDF offset for the szippdf format | >= 1.2.1 |
+| PDF object numbers reorder after insertion | >= 1.3 |
+| Add the format "pdfany" a valid PDF with custom payload content in the first and the last objet | >= 1.5.2 |
+| Add "acrobat-compatibility" option to allow szippdf to be read with Acrobat Reader (thanks Ange Albertini)| >= 1.5.3 |
+| Add the format "zipany" a valid ZIP with custom payload content at the start and between LHF and CD | >= 1.6 |
+
+## Polyglot file compatibility ##
+
+| Software | Formats | status |
+| -------- | ------- | ------ |
+| Acrobat Reader | pdfzip, zippdf, szippdf, pdfany | OK |
+| Sumatra PDF | pdfzip, zippdf, szippdf, pdfany | OK |
+| Foxit PDF Reader | pdfzip, zippdf, szippdf, pdfany | OK |
+| Edge | pdfzip, zippdf, szippdf, pdfany | OK |
+| Firefox | pdfzip, zippdf, szippdf, pdfany | OK |
+| 7zip | pdfzip, zippdf, zipany | OK with warning |
+| 7zip | szippdf | OK |
+| Explorer Windows | pdfzip, zippdf, szippdf, pdfany, zipany | OK |
+| Info-ZIP (unzip) | pdfzip, zippdf, szippdf, pdfany, zipany | OK |
+| Evince | pdfzip, zippdf, szippdf, pdfany | OK |
+| pdftocairo -pdf | pdfzip, zippdf, szippdf, pdfany | OK |
+| caradoc stats | pdfzip, pdfany | OK |
+| java -jar | szippdf | OK |
+
+## Examples ##
+
+| First input file | Second input file | Format | Polyglot | Comment |
+| ---------------- | ----------------- | ------ | -------- | ------- |
+| [doc.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc1/doc.pdf) | [archive.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc1/archive.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc1/polyglot.pdf) | PDF/ZIP polyglot - 122 Ko |
+| [orwell\_1984.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc2/orwell_1984.pdf) | [file-FILE5\_32.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc2/file-FILE5_32.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc2/polyglot.pdf) | PDF/ZIP polyglot - 1.3 Mo |
+| [x86asm.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc3/x86asm.pdf) | [fasmw17304.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc3/fasmw17304.zip) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc3/polyglot.pdf) | PDF/ZIP polyglot - 1.8 Mo |
+| [doc.pdf](/samples/zippdf/poc4/doc.pdf) | [archive.zip](/samples/zippdf/poc4/archive.zip) | zippdf | [polyglot.pdf](/samples/zippdf/poc4/polyglot.pdf) | PDF/ZIP polyglot - 112 Ko |
+| [electronics.pdf](https://truepolyglot.hackade.org/samples/szippdf/poc5/electronics.pdf) | [hello\_world.jar](https://truepolyglot.hackade.org/samples/szippdf/poc5/hello_world.jar) | szippdf | [polyglot.pdf](https://truepolyglot.hackade.org/samples/szippdf/poc5/polyglot.pdf) | PDF/JAR polyglot - 778 Ko |
+| [hexinator.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc6/hexinator.pdf) | [eicar.zip](https://truepolyglot.hackade.org/samples/pdfzip/poc6/eicar.zip) ([scan virustotal.com](https://www.virustotal.com/#/file/2174e17e6b03bb398666c128e6ab0a27d4ad6f7d7922127fe828e07aa94ab79d/detection)) | pdfzip | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfzip/poc6/polyglot.pdf) ([scan virustotal.com](https://www.virustotal.com/#/file/f6fef31e3b03164bb3bdf35af0521f9fc0c518a9e0f1aa9f8b60ac936201591a/detection)) | PDF/ZIP polyglot with the Eicar test in Zip - 2.9 Mo |
+| [doc.pdf](https://truepolyglot.hackade.org/samples/pdfany/poc7/doc.pdf) | [page.html](https://truepolyglot.hackade.org/samples/pdfany/poc7/page.html) | pdfany | [polyglot.pdf](https://truepolyglot.hackade.org/samples/pdfany/poc7/polyglot.pdf) | PDF/HTML polyglot - 26 Ko |
+| [logo.zip](https://truepolyglot.hackade.org/samples/zipany/poc8/logo.zip) | [nc.exe](https://truepolyglot.hackade.org/samples/zipany/poc8/nc.exe) | zipany | [polyglot.zip](https://truepolyglot.hackade.org/samples/zipany/poc8/polyglot.zip) | PDF/PE polyglot - 96 Ko |
+
+## Usage ##
+
+```
+usage: truepolyglot format [options] output-file
+
+Generate a polyglot file.
+
+Formats availables:
+* pdfzip: Generate a file valid as PDF and ZIP. The format is closest to PDF.
+* zippdf: Generate a file valid as ZIP and PDF. The format is closest to ZIP.
+* szippdf: Generate a file valid as ZIP and PDF. The format is strictly a ZIP. Archive is modified.
+* pdfany: Generate a valid PDF file with payload1 file content as the first object or/and payload2 file content as the last object.
+* zipany: Generate a valid ZIP file with payload1 file content at the start of the file or/and payload2 file content between LFH and CD.
+
+positional arguments: {pdfzip,zippdf,szippdf,pdfany,zipany}
+Output polyglot format
+output_file Output polyglot file path
+
+optional arguments:
+-h, --help show this help message and exit
+--pdffile PDFFILE PDF input file
+--zipfile ZIPFILE ZIP input file
+--payload1file PAYLOAD1FILE Payload 1 input file
+--payload2file PAYLOAD2FILE Payload 2 input file
+--acrobat-compatibility Add a byte at the start for Acrobat Reader compatibility with the szippdf format
+--verbose {none,error,info,debug} Verbosity level (default: info)
+
+TruePolyglot v1.6.1
+```
+
+## Code ##
+
+```
+git clone https://git.hackade.org/truepolyglot.git/
+```
+
+or download [truepolyglot-1.6.1.tar.gz](https://git.hackade.org/truepolyglot.git/snapshot/truepolyglot-1.6.1.tar.gz)
+
+## How to detect a polyglot file ? ##
+
+You can use [binwalk](https://github.com/ReFirmLabs/binwalk) on a file to see if composed of multiple files.
+
+## Contact ##
+
+[truepolyglot@hackade.org](mailto:truepolyglot@hackade.org)
+
+## Credits ##
+
+Copyright © 2018-2019 ben@hackade.org
+
+TruePolyglot is released under [Unlicence](https://unlicense.org/) except for the following libraries:
+
+* [PyPDF2](https://github.com/mstamy2/PyPDF2/blob/master/LICENSE)
+* [zipfile.py (cpython)](https://github.com/python/cpython/blob/master/LICENSE)
+
-[website](https://truepolyglot.hackade.org)
diff --git a/ZipFileTransformer/zip.py b/ZipFileTransformer/zip.py
index 91ff4c5..10fc4b1 100644
--- a/ZipFileTransformer/zip.py
+++ b/ZipFileTransformer/zip.py
@@ -1,5 +1,32 @@
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import logging
import re
diff --git a/truepolyglot b/truepolyglot
index 9f9facb..da175b1 100755
--- a/truepolyglot
+++ b/truepolyglot
@@ -1,6 +1,33 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
+"""
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org/>
+"""
+
import argparse
import logging
@@ -24,11 +51,11 @@ def main():
' The format is strictly a ZIP.\n' +
' Archive is modified.\n' +
'* pdfany: Generate a valid PDF file with payload1' +
- ' file content as first object\n' +
+ ' file content as the first object\n' +
' or/and payload2 file' +
- ' content as last oject.\n' +
+ ' content as the last oject.\n' +
'* zipany: Generate a valid ZIP file with payload1' +
- ' file content at start of file\n' +
+ ' file content at the start of the file\n' +
' or/and payload2 file content between' +
' LFH and CD.\n')
usage_str = '%(prog)s format [options] output-file'
@@ -54,7 +81,7 @@ def main():
help='Payload 2 input file')
parser.add_argument('--acrobat-compatibility',
dest='acrobat_compatibility',
- help='Add a byte at start for Acrobat Reader compatibility with szippdf format',
+ help='Add a byte at the start for Acrobat Reader compatibility with the szippdf format',
action='store_true')
parser.add_argument('--verbose', dest='verbose',
help='Verbosity level (default: info)',