Pdf Exploits
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Pdf Exploits as PDF for free.
More details
- Words: 136
- Pages: 24
Risky PDF! https://DidierStevens.com
2
Portable Document Format Risk associated with PDF usage Risk Mitigation
Intro...
Physical Structure
Logical Structure
Risks
Spam
Phishing FDF - Forms Data Format
Demo time!
Information disclosure Metadata
Information disclosure Incremental Updates
Demo time!
Information disclosure Malware Author at Work
Information disclosure Malware Author at Work
06/11/2008 00:56:42
Start
06/11/2008 01:54:14 06/11/2008 01:54:58 06/11/2008 01:59:10 06/11/2008 02:00:40 06/11/2008 02:01:25
00:57:32 00:00:44 00:04:12 00:01:30 00:00:45
\r\n app.setTimeOut(“main()”, 3000); setTimeOut(“main()”, 3000); app.setTimeOut(“main()”, 5000); Gave up: no delayed activation
Copyright Infringement / Confidentiality
Demo time!
PDF Malware
Demo time!
Mitigation
Mitigation
Don't allow PDF! Scan PDF Patch / Upgrade Reduce / Change attack surface Sandbox PDF Reader Block generic malware − − −
LUA Application whitelisting AV / HIPS
PDF Malware
Questions? And hopefully some answers...
Thank you http://blog.DidierStevens.com
2
Portable Document Format Risk associated with PDF usage Risk Mitigation
Intro...
Physical Structure
Logical Structure
Risks
Spam
Phishing FDF - Forms Data Format
Demo time!
Information disclosure Metadata
Information disclosure Incremental Updates
Demo time!
Information disclosure Malware Author at Work
Information disclosure Malware Author at Work
06/11/2008 00:56:42
Start
06/11/2008 01:54:14 06/11/2008 01:54:58 06/11/2008 01:59:10 06/11/2008 02:00:40 06/11/2008 02:01:25
00:57:32 00:00:44 00:04:12 00:01:30 00:00:45
\r\n app.setTimeOut(“main()”, 3000); setTimeOut(“main()”, 3000); app.setTimeOut(“main()”, 5000); Gave up: no delayed activation
Copyright Infringement / Confidentiality
Demo time!
PDF Malware
Demo time!
Mitigation
Mitigation
Don't allow PDF! Scan PDF Patch / Upgrade Reduce / Change attack surface Sandbox PDF Reader Block generic malware − − −
LUA Application whitelisting AV / HIPS
PDF Malware
Questions? And hopefully some answers...
Thank you http://blog.DidierStevens.com
Related Documents
Pdf Exploits
December 2019 6
Challenges For Exploits
June 2020 5
Passwords+backdoors+cracks+exploits.09
June 2020 1
Client Side Exploits
June 2020 3
Advanced Buffer Overflow Exploits
June 2020 3
Beyond Front-line Exploits
October 2019 13More Documents from ""