Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Finds Multiple PDF Backdoors

Posted by ryuzaki0 on from the watch-where-you-put-that dept.

Gungadin writes "Eweek.com has a story about a British security researcher figuring out a way to manipulate legitimate features in Adobe PDF files to open backdoors for computer attacks. David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and two sample PDF files to demonstrate how the Adobe Reader program can be rigged to launch Web-based attacks without any user action. He claims there are least seven different ways to backdoor a PDF."

10 of 147 comments (clear)

  1. Heh by Shawn+is+an+Asshole · · Score: 4, Funny


    Huh huh, penetration.
    </beavis_and_butthead>

    Who started giving this title?

    --
    "It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
    1. Re:Heh by SanityInAnarchy · · Score: 3, Funny

      Speaking of buttheads, probably the same person who decided to call it a "backdoor".

      --
      Don't thank God, thank a doctor!
  2. pr0n by User+956 · · Score: 5, Funny

    He claims there are least seven different ways to backdoor a PDF.

    I've seen quite a bit of pr0n. There's way more than seven ways.

    --
    The theory of relativity doesn't work right in Arkansas.
  3. Sources claim... by Mikachu · · Score: 5, Funny

    Sources claim the exploits would have been found sooner if any other hackers had the patience to wait for PDFs to load.

  4. clarification by User+956 · · Score: 2, Funny

    that's assuming that by "PDF", he means "Pretty Drunk Female"....

    --
    The theory of relativity doesn't work right in Arkansas.
  5. Penetration by SauroNlord · · Score: 2, Funny

    David Kierznowski, a penetration testing expert I wish I was a penetration test expert!

  6. Re:Evince, etc. by Anonymous Coward · · Score: 5, Funny

    Did you file a bug to let them know they didn't support the exploit? This is free software, they should get right on it.

  7. Re:Doesn't work on Linux by flyingfsck · · Score: 5, Funny

    Hmm, Linux just isn't ready for the desktop yet.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  8. da ladies... by ScottyMcScott · · Score: 2, Funny

    future mother-in-law: so, what do you do?
    guy: i'm a penetration tester.
    ....fill in rest.....

  9. Load PDFs in milliseconds by this+great+guy · · Score: 2, Funny

    Even faster !