sponnusa / opendlp

Automatically exported from code.google.com/p/opendlp
0 stars 0 forks source link

OpenDLP file extebsion #105

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1.Install opendlp vm and set the profile to scan the target machine using agent
2.Establish smb and sharing to the target machine from OpenDLP server
3. put a few text document and office document in a selected folder in target 
machine c$

What is the expected output? What do you see instead?
When start scanning on only on single directory in c$ folder target machine, 
opendlp managed to deploy the agent and scan the files in that directory. In 
the scan result i managed to see the text document and some of the compresses 
zip and rar contain that text document. However the scan result did not have 
findings related to words document or office document as well as pdf. It also 
can scan the compress zip and rar files that contain the office document
Can tell me if the opendlp capable of scanning the office document and pdf 
document? If so, how to do it?

What version of the product are you using? On what operating system?
0.5.1. Deploy OpenDLP on window 7

Please provide any additional information below.
I choose all the regex in order to determine if opendlp is capable of scanning 
and detecting the specific file extensions

Original issue reported on code.google.com by jonathan...@gmail.com on 12 Nov 2013 at 8:16

Attachments:

GoogleCodeExporter commented 8 years ago
Hi all,

i don understand how the mastercard and regex works?

when i put in the document files and text contain the fake mastercard and visa 
PAN number in the single directory, OpenDLP somehow were unable to grep some of 
those documents But some documents however were able to be grep by OpenDLP as 
shown in above screenshot. When i scan the server on all the c$ directory and 
look for only office document using visa and mastercard regex, it was able to 
grep the random office documents but i identified it to be false positives.

Very funny, by right the default regex mastercard and visa should be able to 
grep the PAN number inside the office document and yet OpenDLP seems to be 
unable to grep the PAN number i put directly in the documents and instead it 
grep other documents that are false positives

anyone please answer help me on this matter.

Original comment by jonathan...@gmail.com on 13 Nov 2013 at 5:43

GoogleCodeExporter commented 8 years ago
Can you attach the files containing the data you are looking for? OpenDLP does 
not scan inside RAR archives, so you do not need to attach that file.

Original comment by andrew.O...@gmail.com on 13 Nov 2013 at 3:22

GoogleCodeExporter commented 8 years ago
hi here is the pdf file i intended to be scan by opendlp but opendlp seems to 
be unable to grep it. I already try with office document and opendlp managed to 
grep the credit card data in office documents. It looks like i need to put in 
the correct format of the credit card data or else opendlp will not be able to 
discovered it. I then convert it into PDF in order to see if opendlp can 
discovered the credit card inside of pdf file but seems to be it cannot.

Please be noted that mastercard is faked

Original comment by jonathan...@gmail.com on 14 Nov 2013 at 10:37

GoogleCodeExporter commented 8 years ago
hi andrew,

can opendlp also scan email container and tmp?

Can it be able to scan .pst outlook extension?

Original comment by jonathan...@gmail.com on 14 Nov 2013 at 10:38

GoogleCodeExporter commented 8 years ago
I cannot see the Mastercard number in plaintext when opening that PDF in a text 
editor, such as vi. OpenDLP will be unable to see this credit card as well. I 
will need to investigate how to convert PDFs to normal text.

OpenDLP currently cannot scan PST files, but that is definitely something I 
want to implement in a future release.

Original comment by andrew.O...@gmail.com on 20 Nov 2013 at 2:16