aboutsummaryrefslogtreecommitdiffstats
path: root/website/index.html
diff options
context:
space:
mode:
Diffstat (limited to 'website/index.html')
-rw-r--r--website/index.html249
1 files changed, 249 insertions, 0 deletions
diff --git a/website/index.html b/website/index.html
new file mode 100644
index 0000000..c19a2ab
--- /dev/null
+++ b/website/index.html
@@ -0,0 +1,249 @@
+<!doctype html>
+
+<html lang="fr">
+<head>
+ <meta charset="utf-8">
+
+ <title>TruePolyglot</title>
+ <meta name="description" content="TruePolyglot project website">
+ <meta name="author" content="hackade">
+ <link rel="stylesheet" href="css/styles.css">
+ <link rel="shortcut icon" href="/favicon.ico">
+
+
+</head>
+
+<body>
+ <h1>TruePolyglot</h1>
+Truepolyglot is polyglot file generator project.
+This means that the generated file is composed of several file formats. The same file can be opened as a ZIP file and as a PDF file for example.
+The idea of this project comes from work of <a href="https://github.com/corkami">Ange Albertini</a>, <a href="https://www.alchemistowl.org/pocorgtfo/pocorgtfo07.pdf">International Journal of Proof-of-Concept or Get The Fuck Out</a> and <a href="https://www.troopers.de/wp-content/uploads/2011/04/TR11_Wolf_OMG_PDF.pdf">Julia Wolf</a> that explain how we can build a polyglot file.<br>
+Polyglot file can be fastidious to build, even more if you want to respect correctly file format. That's why I decided to build a tool to generate them.<br>
+My main motivation was the technical challenge.
+<br>
+
+ <h2>Features and changelog</h2>
+ <div class="font_reduce">
+ <table>
+ <tr>
+ <th>Description</th>
+ <th>Version</th>
+ </tr>
+ <tr>
+ <td>Build a polyglot file valid as PDF and ZIP format and that can be opened with 7Zip and Windows Explorer</td>
+ <td>POC</td>
+ </tr>
+ <tr>
+ <td>Add a stream object in PDF part</td>
+ <td>POC</td>
+ </tr>
+ <tr>
+ <td>Polyglot file checked without warning with <a href="https://poppler.freedesktop.org/">pdftocairo</a></td>
+ <td> &gt;= 1.0</td>
+ </tr>
+ <tr>
+ <td>Polyglot file checked without warning with <a href="https://github.com/ANSSI-FR/caradoc">caradoc</a></td>
+ <td> &gt;= 1.0</td>
+ </tr>
+ <tr>
+ <td>Rebuild PDF Xref Table</td>
+ <td>&gt;= 1.0</td>
+ </tr>
+ <tr>
+ <td>Stream object with correct length header value</td>
+ <td>&gt;= 1.0</td>
+ </tr>
+ <tr>
+ <td>Format "zippdf", file without offset after Zip data</td>
+ <td>&gt;= 1.1</td>
+ </tr>
+ <tr>
+ <td>Polyglot file keep original PDF version</td>
+ <td>&gt;= 1.1.1</td>
+ </tr>
+ <tr>
+ <td>Add "szippdf" format without offset before and after Zip data</td>
+ <td>&gt;= 1.2</td>
+ </tr>
+ <tr>
+ <td>Fix /Length stream object value and PDF offset for szippdf format</td>
+ <td>&gt;= 1.2.1</td>
+ </tr>
+ <tr>
+ <td>PDF object numbers reorder after insertion</td>
+ <td>&gt;= 1.3</td>
+ </tr>
+ </table>
+ </div>
+
+ <h2>Polyglot file compatibility</h2>
+ <div class="font_reduce">
+ <table>
+ <tr>
+ <th>Software</th>
+ <th>Formats</th>
+ <th>status</th>
+ </tr>
+ <tr>
+ <td>Acrobat Reader</td>
+ <td>pdfzip, zippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Acrobat Reader</td>
+ <td>szippdf</td>
+ <td><span class="warning">KO</span></td>
+ </tr>
+ <tr>
+ <td>Sumatra PDF</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Edge</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Firefox</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>7zip</td>
+ <td>pdfzip, zippdf</td>
+ <td><span class="warning">OK with warning</span></td>
+ </tr>
+ <tr>
+ <td>7zip</td>
+ <td>szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Explorer Windows</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Info-ZIP (unzip)</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>Evince</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>pdftocairo -pdf</td>
+ <td>pdfzip, zippdf, szippdf</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>caradoc stats</td>
+ <td>pdfzip</td>
+ <td>OK</td>
+ </tr>
+ <tr>
+ <td>java</td>
+ <td>szippdf</td>
+ <td>OK</td>
+ </tr>
+
+ </table>
+ </div>
+
+
+ <h2>Examples</h2>
+ <ul>
+ <li><a href="/samples/">Polyglot files repository</a></li>
+ </ul>
+ <div class="font_reduce">
+ <table>
+ <tr>
+ <th>PDF input file</th>
+ <th>Zip input file</th>
+ <th>Format</th>
+ <th>Polyglot</th>
+ <th>Comment</th>
+ </tr>
+ <tr>
+ <td><a href="/samples/pdfzip/poc1/doc.pdf">doc.pdf</a></td>
+ <td><a href="/samples/pdfzip/poc1/archive.zip">archive.zip</a></td>
+ <td>pdfzip</td>
+ <td><a href="/samples/pdfzip/poc1/polyglot.pdf">polyglot.pdf</a></td>
+ <td>PDF/ZIP polyglot - 122 Ko</td>
+ </tr>
+ <tr>
+ <td><a href="/samples/pdfzip/poc2/orwell_1984.pdf">orwell_1984.pdf</a></td>
+ <td><a href="/samples/pdfzip/poc2/file-FILE5_32.zip">file-FILE5_32.zip</a></td>
+ <td>pdfzip</td>
+ <td><a href="/samples/pdfzip/poc2/polyglot.pdf">polyglot.pdf</a></td>
+ <td>PDF/ZIP polyglot - 1.3 Mo</td>
+ </tr>
+ <tr>
+ <td><a href="/samples/pdfzip/poc3/x86asm.pdf">x86asm.pdf</a></td>
+ <td><a href="/samples/pdfzip/poc3/fasmw17304.zip">fasmw17304.zip</a></td>
+ <td>pdfzip</td>
+ <td><a href="/samples/pdfzip/poc3/polyglot.pdf">polyglot.pdf</a></td>
+ <td>PDF/ZIP polyglot - 1.8 Mo</td>
+ </tr>
+ <tr>
+ <td><a href="/samples/zippdf/poc4/doc.pdf">doc.pdf</a></td>
+ <td><a href="/samples/zippdf/poc4/archive.zip">archive.zip</a></td>
+ <td>zippdf</td>
+ <td><a href="/samples/zippdf/poc4/polyglot.pdf">polyglot.pdf</a></td>
+ <td>PDF/ZIP polyglot - 112 Ko</td>
+ </tr>
+ <tr>
+ <td><a href="/samples/szippdf/poc5/electronics.pdf">electronics.pdf</a></td>
+ <td><a href="/samples/szippdf/poc5/hello_world.jar">hello_world.jar</a></td>
+ <td>szippdf</td>
+ <td><a href="/samples/szippdf/poc5/polyglot.pdf">polyglot.pdf</a></td>
+ <td>PDF/JAR polyglot - 778 Ko</td>
+ </tr>
+ <tr>
+ <td><a href="/samples/pdfzip/poc6/hexinator.pdf">hexinator.pdf</a></td>
+ <td><a href="/samples/pdfzip/poc6/eicar.zip">eicar.zip</a>&nbsp;(<a href="https://www.virustotal.com/#/file/2174e17e6b03bb398666c128e6ab0a27d4ad6f7d7922127fe828e07aa94ab79d/detection">scan virustotal.com</a>)</td>
+ <td>pdfzip</td>
+ <td><a href="/samples/pdfzip/poc6/polyglot.pdf">polyglot.pdf</a>&nbsp;(<a href="https://www.virustotal.com/#/file/883d08efc14e0cacc9a260d84fdef285b383cc9a9125366dfb0bf676ddeb0f98/detection">scan virustotal.com</a>)</td>
+ <td>PDF/ZIP polyglot with Eicar test in Zip - 2.9 Mo</td>
+ </tr>
+ </table>
+ </div>
+
+ <h2>Manual</h2>
+<pre>
+usage: truepolyglot format [options] output-file
+
+Generate a polyglot file.
+
+Formats availables:
+* pdfzip: Generate a file valid as PDF and ZIP. The format is closest to PDF.
+* zippdf: Generate a file valid as ZIP and PDF. The format is closest to ZIP.
+* szippdf: Generate a file valid as ZIP and PDF. The format is strictly a ZIP. Archive is modified.
+
+positional arguments:
+ {pdfzip,zippdf,szippdf}
+ Output polyglot format
+ output_file Output polyglot file path
+
+optional arguments:
+ -h, --help show this help message and exit
+ --pdffile PDFFILE PDF input file
+ --zipfile ZIPFILE ZIP input file
+ --verbose {none,error,info,debug}
+ Verbosity level (default: debug)
+
+TruePolyglot v1.3
+</pre>
+
+ <h2>Code</h2>
+
+<a href="https://git.hackade.org/truepolyglot.git/">Project Git repository</a>
+
+ <h2>Contact</h2>
+On <a href="https://webchat.freenode.net/">IRC Freenode</a> my nickname is hackade or by mail at <a href="mailtp:truepolyglot@hackade.org">truepolyglot@hackade.org</a>.
+
+</body>
+</html>