Go to Qiita Advent Calendar 2024 Top
LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@orangehouse

oletools

Posted at

[oletools][oleid][olemeta][olevba]

Kali linuxへのインストール

  • 以下のコマンドを入力
    sudo -H pip install -U oletools[full]

oleid & olemeta

  • OLEファイルの情報を確認
    oleid {FilePath}
    olemeta {FilePath}

olevba

  • VBAコードおよび解析結果の表示
    olevba {FilePath}
  • VBAコードの表示(-c --code)
    olevba -c {FilePath}
  • 解析結果の表示(-a --analysis)
    olevba -a {FilePath}
  • パスワード付きの場合(-p --password)
    olevba -p PASSWORD {FilePath}
  • 難読化された文字(Hex, Base64, StrReverse, Dridex, VBA)を復号
    olevba --decode {FilePath}
  • 難読化された文字を復号して、VBAコードを表示
    olevba --reveal {FilePath}

参考

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?