Leaderboard

pyxswf pyxswf is a script to detect, extract and analyze Flash objects (SWF files) that may be embedded in files such as MS Office documents (e.g. Word, Excel), which is especially useful for malware analysis. It is part of the python-oletools package. pyxswf is an extension to xxxswf.py published by Alexander Hanel. Compared to xxxswf, it can extract streams from MS Office documents by parsing their OLE structure properly, which is necessary when streams are fragmented. Stream fragmentation is a known obfuscation technique, as explained on Ixia It can also extract Flash objects from RTF documents, by parsing embedded objects encoded in hexadecimal format (-f option). For this, simply add the -o option to work on OLE streams rather than raw files, or the -f option to work on RTF files. Usage Usage: pyxswf.py [options] <file.bad> Options: -o, --ole Parse an OLE file (e.g. Word, Excel) to look for SWF in each stream -f, --rtf Parse an RTF file to look for SWF in each embedded object -x, --extract Extracts the embedded SWF(s), names it MD5HASH.swf & saves it in the working dir. No addition args needed -h, --help show this help message and exit -y, --yara Scans the SWF(s) with yara. If the SWF(s) is compressed it will be deflated. No addition args needed -s, --md5scan Scans the SWF(s) for MD5 signatures. Please see func checkMD5 to define hashes. No addition args needed -H, --header Displays the SWFs file header. No addition args needed -d, --decompress Deflates compressed SWFS(s) -r PATH, --recdir=PATH Will recursively scan a directory for files that contain SWFs. Must provide path in quotes -c, --compress Compresses the SWF using Zlib Example 1 - detecting and extracting a SWF file from a Word document on Windows: C:\oletools>pyxswf.py -o word_flash.doc OLE stream: 'Contents' [sUMMARY] 1 SWF(s) in MD5:993664cc86f60d52d671b6610813cfd1:Contents [ADDR] SWF 1 at 0x8 - FWS Header C:\oletools>pyxswf.py -xo word_flash.doc OLE stream: 'Contents' [sUMMARY] 1 SWF(s) in MD5:993664cc86f60d52d671b6610813cfd1:Contents [ADDR] SWF 1 at 0x8 - FWS Header [FILE] Carved SWF MD5: 2498e9c0701dc0e461ab4358f9102bc5.swf Example 2 - detecting and extracting a SWF file from a RTF document on Windows: C:\oletools>pyxswf.py -xf "rtf_flash.rtf" RTF embedded object size 1498557 at index 000036DD [sUMMARY] 1 SWF(s) in MD5:46a110548007e04f4043785ac4184558:RTF_embedded_object_0 00036DD [ADDR] SWF 1 at 0xc40 - FWS Header [FILE] Carved SWF MD5: 2498e9c0701dc0e461ab4358f9102bc5.swf How to use pyxswf in Python applications TODO python-oletools documentation Home License Install Contribute, Suggest Improvements or Report Issues Tools: olebrowse oleid olemeta oletimes olevba pyxswf rtfobj Sursa: https://bitbucket.org/decalage/oletools/wiki/pyxswf

The Federal Bureau of Investigation is taking the position that court warrants are not required when deploying cell-site simulators in public places. Nicknamed "stingrays," the devices are decoy cell towers that capture locations and identities of mobile phone users and can intercept calls and texts. The FBI made its position known during private briefings with staff members of Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) and Sen. Chuck Grassley (R-Iowa). In response, the two lawmakers wrote Attorney General Eric Holder and Homeland Security chief Jeh Johnson, maintaining they were "concerned about whether the FBI and other law enforcement agencies have adequately considered the privacy interests" of Americans. According to the letter, which was released last week: The letter was prompted in part by a Wall Street Journal report in November that said the Justice Department was deploying small airplanes equipped with cell-site simulators that enabled "investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location." The bureau's position on Americans' privacy isn't surprising. The Obama Administration has repeatedly maintained that the public has no privacy in public places. It began making that argument as early as 2010, when it told a federal appeals court that the authorities should be allowed to affix GPS devices on vehicles and track a suspect's every move without court authorization. The Supreme Court, however, eventually ruled that warrants are required. What's more, the administration has argued that placing a webcam with pan-and-zoom capabilities on a utility pole to spy on a suspect at his or her residence was no different from a police officer's observation from the public right-of-way. A federal judge last month disagreed with the government's position, tossing evidence gathered by the webcam that was operated from afar. In their letter, Leahy and Grassley complained that little is known about how stingrays, also known as ISMI catchers, are used by law enforcement agencies. The Harris Corp., a maker of the devices from Florida, includes non-disclosure clauses with buyers. Baltimore authorities cited a non-disclosure agreement to a judge in November as their grounds for refusing to say how they tracked a suspect's mobile phone. They eventually dropped charges rather than disclose their techniques. Further, sometimes the authorities simply lie to judges about their use or undertake other underhanded methods to prevent the public from knowing that the cell-site simulators are being used. "The Judiciary Committee needs a broader understanding of the full range of law enforcement agencies that use this technology, the policies in place to protect the privacy interests of those whose information might be collected using these devices, and the legal process that DOJ and DHS entities seek prior to using them," Leahy and Grassley wrote in their letter to Holder and Johnson. Hanni Fakhoury, an attorney for the Electronic Frontier Foundation, said some states and judges are pushing back against stingrays. "In Tacoma, judges now require police (to) specifically note they plan to use an IMSI catcher and promise not to store data collected from people who are not investigation targets," he said. "The Florida and Massachusetts state supreme courts ruled warrants were necessary for real-time cell phone tracking. Nine states—Colorado, Illinois, Indiana, Maryland, Minnesota, Tennessee, Utah, Virginia, and Wisconsin—passed laws specifically requiring police to use a warrant to track a cell phone in real time." Source

Hi All, i'm sharing one free premium link generator for you generate your links and get more speed LINK: JUBA-GET.COM Support servers : 1fichier 2shared 4shared Asfile Depfile Extmatrix Filefactory Filemonkey Fileparadox Filepost Filesmonster Firedrive Hugefiles Mediafire Megashares Netload Oboom Rapidgator Ryushare Scribd Secureupload Sendspace Sockshare Soundcloud Uploaded Uploadhero Upstore Uptobox Xvideos Youtube Zippyshare 1 - Verify filehost is supported by Juba-get. 2 - Paste Your Link in the box " Enter Your Link Here " 3 - Click in " Leech " . 4 - Click in Result (Name and size of your file) 5 - Click in link and skip ads and Click in Download and Finish. Thanks.