SQL Database Design For Developers at php[tek] 2024
PDF Sec
1. Hiding Malicious Content in PDF Documents Sabin Popescu, InfoSec, MTA, RO Coordinating Professor: Lect. Dr. Mihai Togan • Contact: sabin.popescu@yahoo.com • http://www.mta.ro
2. Outline Objectives: Proof-of-concept for digital signatures vulnerability… that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept. In other words: Make your victim sign a malicious document, by hiding it in a legitimate document.
3. Outline Objectives: Proof-of-concept for digital signatures vulnerability… that shows the ineffectiveness of the WYSIWYS (What You See Is What You Sign) concept. In other words: Make your victim sign a malicious document, by hiding it in a legitimate document. Methodology: Generate 2 different types of content: Text > PDF (legit); Image > TIFF (malicious); Embed the PDF document inside the TIFF image; Give the victim the “PDF” (actually a polymorphic file) and obtain the signature; Change the extension to the other file format.
4.
5. The destructive potential is considerable, as PDF is widely used in e-government and e-business contexts.
6.
7. Difficulties > TIFF Structure: Recalculating the offsets of the TIFF image parameters that got shifted upon inserting the PDF document. TIFFs are organized in Image File Directories (IFD) which contain 12 byte sequences that define parameters like resolution, dimensions, compression etc.