Follow us on Twitter!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 29
Guests Online: 28
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

pdf exploiting


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-04-10 17:22
I was wondering if it's possible to perform an attack similar to XSS or something but use a page of a pdf. At work we have people that can generate pdfs based on answers provided in an online form they fill out. Is it possible to put malicious code into an answer space on one of these forms so that malicious code will be executed when the pdf is viewed? If so, would the filters that PHP has be enough to fix this problem?

Thanks!
Author

RE: pdf exploiting


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-04-10 17:39
Doesn't sound like it would be possible since it is not parsed as html rather as a pdf file. If you take a look at a pdf in a hex editor you'll see that it is not human readable anyway, unlike a html/php file so it wouldn't be possible to even execute it as html/php. However, recently there have been a few vulnerabilities involving adobe pdf, if you google it I'm sure it'll come up with something. I could be wrong, just thinking out loud.


Author

RE: pdf exploiting


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-04-10 17:41
You might like this http://www.securi. . .video.aspx


Author

RE: pdf exploiting


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 01-04-10 17:53
cyb3rl0rd1867 wrote:
Doesn't sound like it would be possible since it is not parsed as html rather as a pdf file. If you take a look at a pdf in a hex editor you'll see that it is not human readable anyway, unlike a html/php file so it wouldn't be possible to even execute it as html/php. However, recently there have been a few vulnerabilities involving adobe pdf, if you google it I'm sure it'll come up with something. I could be wrong, just thinking out loud.


Thanks for your help! I wasn't thinking that the malicious code would be written in html or php. I was thinking more along the lines of some sort of "pdf code" would be used. So when the code is parsed by adobe or something it would execute the malicious code. Does that make sense?
Author

RE: pdf exploiting

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 01-04-10 19:41
This -was- possible but patched in recent versions of whatever. Check sla.ckers.org and/or ckers.org, there's some PoC on there.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: pdf exploiting

Futility
Member



Posts: 725
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 01-04-10 19:44
pdf files used to be able to run javascript without user permission, putting them in a security realm similar to that of a browser. I read this book a while back detailing the whole process, but everything talked about Adobe Acrobat Reader 7, which, unless I'm mistaken, is old. I don't currently use adobe (foxit owns pretty hard), so I can't really test things in a modern setting, but the book mentioned this whitepaper. You might like to take a look. (Note, it's pretty old) There's a ton more in the book, but I feel quoting 20 pages or so would be... bad?

If you feel like looking it up, it's called "XSS Attacks: Cross Site Scripting Exploits and Defense"


i252.photobucket.com/albums/hh11/zanimabean/Zim.png
Futility91@hotmail.com Futility91