I’m a big fan of Didier Stevens’s tool called PDFiD. But, like a lot of IT people, I’m also a lazy guy: less manipulations required makes me more happy!
My professional environment is mainly based on Linux/Gnome but I also use virtualized Windows XP instances. As everybody I’m manipulating a lot of PDF files coming from a lot of (untrusted) sources. That’s why I regularly scan my received PDF’s with PDFiD. Here is a small tutorial to add a new action to Nautilus, the default file browser in Gnome. I assume that PDFiD is already installed in your environment. If it’s not the case (shame on you! ;-), just grab the archive here. The installation is pretty straight forward.
First, you need to install the package “nautilus-actions” (it was not installed by default on my Ubuntu). The package is available for almost all Linux distributions, check out with your favorite package manager. Once installed, a new menu is available under “Gnome -> System -> Preferences -> nautilus Actions Configuration“:
The configuration tool allow you to create new options which will be available in the context menu when clicking on a file with the right-mouse button:
Click on “Add” and a new window pops up to help you to create the new menu: Select a label (what will be displayed), a tool-tip (some contextual help) and optionally an icon:
Next step is the profile edition. It is a three-steps process. The first tab “Action” allows you to specify the command to be launched against the selected files and/or directories. Please note that, like all console tools, PDFiD must be executed in a terminal to display the scan results. That’s why the command is launched through a classic xterm. The “-hold” flag keeps the window open once the command completed, otherwise we will have no time to read the command results. The parameter “%M” will be replaced by the full path of the selected file:
The second tab restricts the action menu to specific files or directories. The Nautilus context menu is dynamic and adapts itself depending on the selected item (some menus will only be displayed if conditions are matched). Conditions can be defined via a wildcard (ex: “*.pdf“) or a MIME type (ex: “application/pdf“). It’s also possible to restrict the option to a single file or directory:
Finally, the third tab restrict the new option usage based on the files location:
Once all parameters defined, save the new menu and restart Nautilus via “nautilus -q” (it was always needed in my environment). Now open a directory which contains some PDF files, select one and open the context menu. You should see the new option “Scan with PDFiD”! Enjoy and keep malicious PDF files away!
Great idea Xavier! I could to the same in Windows Explorer.