27C3 – OMG WTF PDF

I just came across the slides for a presentation given by Julia Wolf, a senior researcher with FireEye. I only have the slides, unfortunately, but they are a fairly good technical summary of the basic details of PDF format and how it can be hacked.

From the summary:

PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader.

You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.

If this presentation doesn't scare you then trust me, it should.

slides (PDF)

27C3 Update: The video of the presentation has been uploaded to Youtube.

P.S. Note that the slides are a PDF and the presentation is on PDF hacking. I find that amusing, don't you?

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

5 Comments

  1. fjtorres2 January, 2011

    Essentially it means that not only are PDFs not really ebooks, they have long since stopped being documents and are properly seen as self-executing software targetting the Acrobat runtime environment. (Or equivalents.)
    And people routinely execute these things on their computers and printers with nary a though of where they come and what’s in them.
    Maybe *that* is where Skynet comes from.
    We really *are* all doomed. 🙂

    Reply
  2. Zigwalski2 January, 2011

    I am building my firewall as we speak….that is right, a Wall of Fire to protect me from the machines!

    Reply
  3. Neeraj Rawat3 January, 2011

    great information even the google hack in china was done using a pdf vulnerability

    Reply
  4. Jakob3 January, 2011

    The video recording is now available and you can also view it at YouTube: http://www.youtube.com/watch?v=54XYqsf4JEY

    Reply
    1. Nate the great3 January, 2011

      Thanks!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top