Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker Finds Multiple PDF Backdoors

Posted by ryuzaki0 on from the watch-where-you-put-that dept.

Gungadin writes "Eweek.com has a story about a British security researcher figuring out a way to manipulate legitimate features in Adobe PDF files to open backdoors for computer attacks. David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and two sample PDF files to demonstrate how the Adobe Reader program can be rigged to launch Web-based attacks without any user action. He claims there are least seven different ways to backdoor a PDF."

4 of 147 comments (clear)

  1. Linux version of acroread seems fine by Noksagt · · Score: 4, Interesting

    The article has two testcases. The second uses Windows ODBC so, unsurprisingly, fails. The first is supposed to open a web page automatically, but I'm presented with a dialogue asking me if I really want to open it (and the URL is identified in the dialogue). This seems to be good behavior. Did Adobe get things right on Linux & not on Windows? That's got to be a first.

  2. Evince, etc. by Noksagt · · Score: 4, Interesting

    I also mostly use evince. Neither test worked. They triggered this message:
    "** (evince:18185): WARNING **: Unimplemented action: POPPLER_ACTION_UNKNOWN, please post a bug report with a testcase."

    Note that a different implementation only gives you DIFFERENT bugs and holes, as anyone who has followed exploits in xpdf knows.

  3. "Hacker"?! by coyote-san · · Score: 4, Interesting

    Since when is a respected security researcher a "HACKER"?!

    Seriously. I know the old definition of "hacker" and have been proud to be called one (in that sense) in the past, but the headline clearly refers to the malicious definition of hacker. This headline seems to serve no purpose other than deliberately blurring the line between legitimate researchers and the jerks who exploit weaknesses.

    --
    For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
  4. Windoze and IE implicated, again. by twitter · · Score: 4, Interesting

    Evince and gPDF, since these lack support for a lot of the additional features of PDF am i any safer?

    From the Fine Article:

    the target's browser is automatically launched and loads the embedded link. "At this point, it is obvious that any malicious code [can] be launched," Kierznowski said.

    That looks like a lot of auto magic nonsense that most free software would not do. The only thing that's obvious to me is that any malicious w32 code is going to bounce off my browser. My pdf reader, kpdf, did not take the first step of automatically launching a browser and my browser would not take any of the dozens of brain dead and spam friendly automatic steps that makes IE a dissaster. A computer that's not internet safe but is connected to a network is always at risk.

    Note that it's not a "lack of features" that makes kpdf work right. Kpdf has links that work when you press them, table of content browsing, keyword searches, text and image cut and paste, and prints flawless copy. Those are the features you want in a pdf viewer. Automatically popping up a browser is a feature you don't want.

    --

    Friends don't help friends install M$ junk.