Didier Stevens

Saturday 22 July 2017

oledump.py *.vir

Filed under: My Software — Didier Stevens @ 22:17

I was asked if oledump.py can “scan” multiple files: it can not, it can only analyze a single file at a time.

However, you can use it in a loop (bash, cmd, …) and call it each time with a different file. oledump.py will return 0 if there were no errors, 1 if there were, and 2 if the analyzed file contains VBA code.

My process-command.py tool can also be used to run a tool on many files. Here is an example with oledump:

process-command.py -r “oledump.py %f%” *.vir

While doing the analysis on all *.vir files in the current directory, 2 log files will be created in the current directory, one being a CSV file with the return value of the command (e.g. oledump):

0;sample1.vir
0;sample2.vir
2;sample3.vir
2;sample4.vir
0;sample5.vir
2;sample6.vir
2;sample7.vir
2;sample8.vir
0;sample9.vir
0;sample10.vir

Blog at WordPress.com.