PDF=Problematic Document Format

Posted March 31st, 2010. Filed under Security Stuff

This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability!

I use a launch action triggered by the opening of my PoC PDF. With Adobe Reader, the user gets a warning asking for approval to launch the action, but I can (partially) control the message displayed by the dialog. Foxit Reader displays no warning at all, the action gets executed without user interaction.

Din ce in ce mai multe stiri despre PDF si problemele lui , din ce in ce mai multi se intrec in a gasi ceva nou.
Cam asa arata un post de a lui Didier Stevens .Gasiti pe blog-ul lui video + more info
Link : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/

Leave a Comment

Powered by HaxTor | CopyWrong © 2011