堆栈内存溢出
  简体   繁体   English

如何在.NET Core的PDF文档中找到Java脚本?

[英]How to find Java Script in PDF document in .NET Core?

 原文  2022-12-30 12:11:06       javascript/ c#/ .net/ pdf

问题描述

I need to implement on the server side(.NET Core) the ability to check the PDF document for the presence of Java Scripts.我需要在服务器端(.NET Core)实现检查 PDF 文档是否存在 Java 脚本的能力。 If there is a script there, then I need to inform user about it.如果那里有脚本,那么我需要通知用户。 Is it possible to do this without using paid libraries?是否可以在不使用付费图书馆的情况下做到这一点? I will be grateful for any ideas.我将不胜感激任何想法。

2 个解决方案

解决方案1
 0  2022-12-31 02:37:47

Cross platform poppler utils is the simplest to use, There is no guarantee any means will find deliberately obscured JavaScript跨平台 poppler utils 是最简单易用的,不保证任何手段都会发现故意遮挡 JavaScript

pdfinfo -js filename.pdf

will output as plain text any standard embedded JavaScript, thus if the text looks obscured you can be forewarned of an oddity.将 output 作为纯文本嵌入任何标准 JavaScript,因此如果文本看起来模糊不清,您可以预先警告有异常。

A common PDF with normal /JavaScript entry will show up by simple plain text search.带有普通/JavaScript条目的常见 PDF 将通过简单的纯文本搜索显示。

for suspect or compressed file objects a simple extension is to use a pdf decompressor (Internal streams must be decompressed if required to show up any content as plain text) and text search for the /JavaScript marker as here for example:-对于可疑或压缩的文件对象,一个简单的扩展是使用 pdf 解压缩器(如果需要将任何内容显示为纯文本,则必须解压缩内部流)和文本搜索/JavaScript标记,例如:-

<</S/JavaScript/JS(\n\r\n\r\n// T

However an article about say PDF exploitation could legitimately contain this text然而,一篇关于 PDF 漏洞利用的文章可以合法地包含此文本
Td [(/JavaScript)]TJ

and it is easy for JS to self-edit at run time so this would not be detected in such a simple manner /JavaScr##69pt并且 JS 很容易在运行时进行自我编辑,因此不会以这种简单的方式检测到/JavaScr##69pt

You may find of interest page 4 of https://web.archive.org/web/20150421225342if_/http://cs.gmu.edu:80/~astavrou/research/Daiping_dsn14.pdf您可能会发现感兴趣的第 4 页https://web.archive.org/web/20150421225342if_/http://cs.gmu.edu:80/~astavrou/research/Daiping_dsn14.pdf

For a similar question (aimed at PHP) with variable answers see Find malicious PDF files using PHP validation?对于具有可变答案的类似问题(针对 PHP),请参阅Find malicious PDF files using PHP validation?

解决方案2
 0  2023-01-09 11:43:03

use PDFsharp and MigraDoc, it is free to use as it is open source ( http://www.pdfsharp.net/Licensing.ashx )使用 PDFsharp 和 MigraDoc,可以免费使用,因为它是开源的 ( http://www.pdfsharp.net/Licensing.ashx )

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 .NET Core 从 PDF 文档中删除 Javascript - Remove Javascript from PDF document using .NET Core 与PDF文档关联的Java脚本在网页中不起作用 - Java script associated with the PDF document not working in a web page Google 脚本 - 将文档导出到 PDF - Google Script - Export a document to PDF Java 脚本模块(导入/导出)与 Asp.net Core Mvc - Java Script Module(Import/Export) with Asp.net Core Mvc 如何在ASP.NET AJAX或Java脚本中查找页面状态是否已更改 - How to find Page state is changed or not in ASP.NET AJAX or Java Script 如何在使用asp.net创建的Java脚本中查找动态控件 - How to find Dynamic control in Java Script created using asp.net 如何在Apps脚本中的文档中查找和选择表格? - How to find and select table from Document in Apps Script? 如何在Angular Java脚本中查找内存泄漏 - How to find Memory leak in Angular Java script 如何在 Java Script 中从 InsertItemTemplate 中找到控件 - How to find control from InsertItemTemplate in Java Script 如何通过java脚本编程生成html页面的pdf文件 - how to generate a pdf file of an html page through java script programming
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM