Didier Stevens

Tuesday 29 September 2015

Dump Tools: Cut Cut Cut …

Filed under: My Software,Update — Didier Stevens @ 0:00

I added a new option to my different dump tools (oledump, emldump, base64dump, zipdump and the new rtfdump): the cut option. And I will also release a standalone cut tool.

This option allows you to cut out a part of a data stream. For example to extract a PE file hidden in a byte stream.

The first updated tool to get published is oledump:

oledump_V0_0_18.zip (https)
MD5: 88C9999726C0157267E2FF31E137D66C
SHA256: 1FC9EE7A0BB5A016339C73CBE5DE2F2C0A9C006BC924A5F9346F9F4EDE060939

Here I demo the –cut option in a new video:

3 Comments »

  1. […] This new version of base64dump comes with the new –cut option. […]

    Pingback by Update: base64dump.py Version 0.0.3 | Didier Stevens — Monday 12 October 2015 @ 0:00

  2. […] new version of emldump comes with the new –cut option. And with support for YARA. Take a look at the man page (emldump.py […]

    Pingback by Release: emldump.py Version 0.0.3 | Didier Stevens — Tuesday 13 October 2015 @ 0:00

  3. […] is a stand-alone program that implements the –cut option found in my dump […]

    Pingback by cut-bytes.py | Didier Stevens — Wednesday 14 October 2015 @ 0:00


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.