Skip to main content

27C3 – OMG WTF PDF

I just came across the slides for a presentation given by Julia Wolf, a senior researcher with FireEye. I only have the slides, unfortunately, but they are a fairly good technical summary of the basic details of PDF format and how it can be hacked.

From the summary:

PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader.

You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.

If this presentation doesn’t scare you then trust me, it should.

slides (PDF)

27C3 Update: The video of the presentation has been uploaded to Youtube.

P.S. Note that the slides are a PDF and the presentation is on PDF hacking. I find that amusing, don’t you?

Similar Articles


Comments


fjtorres January 2, 2011 um 3:59 pm

Essentially it means that not only are PDFs not really ebooks, they have long since stopped being documents and are properly seen as self-executing software targetting the Acrobat runtime environment. (Or equivalents.)
And people routinely execute these things on their computers and printers with nary a though of where they come and what’s in them.
Maybe *that* is where Skynet comes from.
We really *are* all doomed. 🙂


Zigwalski January 2, 2011 um 11:08 pm

I am building my firewall as we speak….that is right, a Wall of Fire to protect me from the machines!


Neeraj Rawat January 3, 2011 um 5:25 am

great information even the google hack in china was done using a pdf vulnerability


Jakob January 3, 2011 um 5:32 pm

The video recording is now available and you can also view it at YouTube: http://www.youtube.com/watch?v=54XYqsf4JEY

Nate the great January 3, 2011 um 5:37 pm

Thanks!


Write a Comment