27C3 – OMG WTF PDF
I just came across the slides for a presentation given by Julia Wolf, a senior researcher with FireEye. I only have the slides, unfortunately, but they are a fairly good technical summary of the basic details of PDF format and how it can be hacked.
From the summary:
PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader.
You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.
If this presentation doesn’t scare you then trust me, it should.
27C3 Update: The video of the presentation has been uploaded to Youtube.
P.S. Note that the slides are a PDF and the presentation is on PDF hacking. I find that amusing, don’t you?