OMG WTF PDF
- Type
- Audio
- Tags
- Authors
- Julia Wolf
- Event
- Chaos Communication Congress 27th (27C3) 2010
- Indexed on
- Mar 27, 2013
- URL
- http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-4221-en-omg_wtf_pdf.mp3
- File name
- 27c3-4221-en-omg_wtf_pdf.mp3
- File size
- 26.1 MB
- MD5
- e5019c92c88c80f8f83627e425ad090f
- SHA1
- 313cddb4780f65b9781212ae93ff406e88086d74
Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation. PDFs are currently the greatest vector for drive-by (malware installing) attacks and targeted attacks on business and government. A/V technology is extraordinarily poor at detecting these. The PDF format itself is so diverse and vague, that an A/V would need to be 100% bug-compatible with the parser in the vulnerable PDF reader. You can also do cool tricks like make a single PDF file that displays completely differently in several different readers.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
