What is this?
Metagoofil is a tool for written in Python for extracting the metadata from public documents (pdf,doc,xls,ppt) available in the target websites. This information could be useful because you can get valid usernames, or people names, for using later in brute force password attacks (vpn, ftp, webapps etc.)
How it works?
The tool first queries Google for different filetypes that can have useful metadata (pdf, doc, xls,ppt,etc), then it downloads those documents to the disk and run the program “extract” on every file.
This program take advantages from the “extract” program, so you need to install it in order to work.
In Debian is easy as:
apt-get install libextractor
OS X using Darwin ports:
port install libextractor
For Windows you can download it here:
Make sure ‘extract’ binary is on your path, if not you can modify extcommand variable inside program to suite your needs.
You can download Metagoofil here:
Or read more here.
- HoneyDrive 3 Released – The Premier Honeypot Bundle Distro
- Sysdig – Linux System Troubleshooting Tool
- HoneyDrive Desktop v0.2 Released – Honeypot LiveCD
- The Revisionist – Metadata Retrieval Tool
- Metagoofil v1.4 Released – Metadata and Information Gathering Tool
- Collar Bomber Gets Owned By Word Metadata & USB Drive
Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 65,672 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 29,731 views
- sslsniff v0.6 Released – SSL MITM Tool - 26,902 views