[Esd-l] macro scanning...
Agung Kuswanto NCS
kagung at ncs.com.sg
Thu Oct 30 21:06:55 PST 2003
Hi
I am trying to make a script (perl) to detect office macro inside an
attachment
as an illustration, the script will be called like :
myscript <office_attachment>
result :
1. if contains macro
0. if not
Can I make use part of code of the sanitizer.pl to achive my purpose.
below is part of the code I'd like to use.
open(ATTCH,"< $destf"); #\
while (<ATTCH>) { #\
if (/\023 (INCLUDE(PICTURE|TEXT)[^\000-\037]+)/i) { #\
$why .= " " . $ENV{"SC_MBD"} . " for $1\n"; #\
$score+= $ENV{"SC_MBD"}; #\
} #\
if (/(\000|\001|\004)(VirusProtection)/i) { #\
$why .= " 99 for $&\n"; #\
$score+= 99; #\
} #\
[deleted]
Has anyone tried before?
Regards
Agung
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ga.impsec.org/pipermail/esd-l/attachments/20031030/a9cd4323/attachment.html
More information about the esd-l
mailing list