Rafiot
commented
7 years ago Are you already using a library to do so? We can definitely implement it.
Open alexandreborges opened 7 years ago
Rafiot
commented
7 years ago Are you already using a library to do so? We can definitely implement it.
alexandreborges
commented
7 years ago Rafiot, good evening.
I've used rtfobj tool ( https://github.com/decalage2/oletools/wiki/rtfobj) from Decalage's oletools and rtfdump from Didier Stevens (https://blog.didierstevens.com/2017/02/25/update-rtfdump-py-version-0-0-5/) for analyzing infect RTF documents (I prefer the second one).
Both are excellent tools, but in my opinion would be very interesting to see this feature in the Viper.
If you allow me to give you another suggestion, it would be nice to see (in the future) a module for trying to guess possible algorithms (and their constants) within PE files (something similar to findcrypt from IDA Pro).
I hope that Viper continue getting improved.
Thank you for your attention.
Alexandre.
Rafiot
commented
7 years ago Noted, we will see how we can implement rtfobj and/or rtfdump in viper (or if you want to give it a try, PRs are very welcome).
For the algorithms, that's also a good idea. Are you aware of a library that could be used?
Dear Developers,
Good afternoon. Is there any plan to include a module for analyzing RTF files?
Please, ignore this message whether this module has already created.
I hope you have a nice day and thank you for the attention.
Alexandre.