I just came across the slides for a presentation given by Julia Wolf, a senior researcher with FireEye. I only have the slides, unfortunately, but they are a fairly good technical summary of the basic details of PDF format and how it can be hacked.

From the summary:

PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader.

You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.

If this presentation doesn't scare you then trust me, it should.

slides (PDF)

27C3 Update: The video of the presentation has been uploaded to Youtube.

P.S. Note that the slides are a PDF and the presentation is on PDF hacking. I find that amusing, don't you?

About Nate Hoffelder (10074 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

5 Comments on 27C3 – OMG WTF PDF

  1. Essentially it means that not only are PDFs not really ebooks, they have long since stopped being documents and are properly seen as self-executing software targetting the Acrobat runtime environment. (Or equivalents.)
    And people routinely execute these things on their computers and printers with nary a though of where they come and what’s in them.
    Maybe *that* is where Skynet comes from.
    We really *are* all doomed. đŸ™‚

  2. I am building my firewall as we speak….that is right, a Wall of Fire to protect me from the machines!

  3. great information even the google hack in china was done using a pdf vulnerability

  4. The video recording is now available and you can also view it at YouTube: http://www.youtube.com/watch?v=54XYqsf4JEY

Leave a comment

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: