Didier Stevens

Sunday 6 May 2018

Update: oledump.py Version 0.0.34

Filed under: My Software,Update — Didier Stevens @ 17:05

Often when I provide training, I get new ideas. This week’s private maldoc training was no different: here’s a new version of oledump with changes inspired by this training.

When you select a stream with a prefix, like A3, you no longer have to type the prefix if it’s A (e.g. the first embedded OLE file).

And I have a new plugin for encrypted documents (plugin_office_crypto.py), more on this in an upcoming blogpost.

oledump_V0_0_34.zip (https)
MD5: 1BE4E08DE1B1E73D5808AECE1BD09852
SHA256: 74F1B05E50D2AF8072505587438BB8959F174BAF76ED6255116E806642E6C4B0

4 Comments »

  1. Didier, can you comment about the plugin plugin_office_crypto.py? Is this going to be a replacement for msoffice-crypt.exe? DB

    Comment by DB — Monday 7 May 2018 @ 13:35

  2. No. I’ll provide more details in the upcoming blog post I announced.

    Comment by Didier Stevens — Monday 7 May 2018 @ 21:22

  3. […] Update: oledump.py Version 0.0.34 […]

    Pingback by Week 19 – 2018 – This Week In 4n6 — Sunday 13 May 2018 @ 11:52

  4. […] Update: oledump.py Version 0.0.34 […]

    Pingback by Overview of Content Published In May | Didier Stevens — Tuesday 5 June 2018 @ 0:01


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.