vrijdag 9 april 2010

Unpatchable PDF hack

A Belgian researcher, Didier Stevens has published an unpatchable PDF hack.
Well, in most security related websites this hack has been published as an unpachable PDF leak. Assuming the pdf format is containing a hole that’s unfixable. Pretending it is possible to make up an unpatchable leak in any kind of file format is a myth off course. Delete the software and the leak is fixed...
Anyway, the hack is interesting by itself because Foxit reader launches the application without any warning! Adobe it self pops-up a warning.
And since most PDF users are of the "OK"-click generation this provides great opportunities for bad willing people.
Didier himself didn't publish a prove of concept of the launch action and the embedded executable combined, but instead only showed a prove of concept of the launch action. Taking a closer look at this prove of concept and Didier’s explanation it won't be that hard to make use of this hack. Below is an image of the prove of concept PDF file with the launch action and the cmd.exe executable highlighted. Basically you will only have to find out how to embed an executable to a PDF file and, then launch it. Off course hex-editing the cmd.exe string in the PoC file makes you able to launch any application you want.

7 opmerkingen:

  1. Thanks very much blackhatthacker@gmail.com for helping me hack into my cheating husbands phone number, I was able to listen to his incoming and outgoing calls,text messages, facebook and whatsapp activities in real time to discover he was a cheating liar. Her hack services is top class. hit her up on blackhatthacker@gmail.com for any hack related issues I am very certain you have your problem solved because I'm a testimony to her great service

    BeantwoordenVerwijderen
  2. To everyone out there i want to openly thank blackhatservers@gmail.com for her service… She helped me from infidelity and lies of my cheating husband. She was able to hack his phone so i listen to every call he makes or receives, hacked his whatassp, email and Facebook …i know there are lots of people out there looking for proof and evidences about one thing or the other . Be open and confide in her so she can be at the best of her service to you. Do contact her via email blackhatservers@gmail.com

    BeantwoordenVerwijderen