-
September 16th, 2006, 07:28 PM
#1
Hacker Finds Multiple PDF Backdoors
Via Slashdot: http://it.slashdot.org/article.pl?si...39205&from=rss
Via EWeek: http://www.eweek.com/article2/0,1895,2016606,00.asp
PoC: http://michaeldaw.org/projects/backdoored1.pdf
Source: http://michaeldaw.org
This article will give two practical examples of how Adobe Professional and Adobe Reader can be backdoored. There are 7 or more points where an attacker can launch malicious code. Both of the attacks discussed below are attached to the “Page Open” event
By malicious code, the author doesn't mean execution of arbitrary code, but instead the execution of some Adobe flavored javascript. The author "accesses the Windows ODBC, enumerates available databases" with a javascript file, which is interesting but not really a big deal... and I don't see how this is a backdoor at all.
-
September 18th, 2006, 03:42 AM
#2
Isnt this about exploiting a feature for bad reasons/uses or am did I read it wrong? I didn't see any 'backdoors' in here either.
-
September 18th, 2006, 03:43 PM
#3
EDIT: woops posted in the wrong thread. Nothing to see here, move along
-
September 18th, 2006, 03:55 PM
#4
Hey Hey,
I'd have to agree with Soda that I don't quite see the backdoor here... I suppose in a very out-dated sense of the word, it would make slighly more sense...
The question here is how is any of this malicious...
1) You tell a pdf to open a webpage it opens a webpage
2) You embed javascript to enhance your document, it executes the javascript...
My response to this would be... IE has a vuln.. it executes Javascript... I've discovered the same vuln in Safari, Netscape, Firefox, Konqueror and others..
Also the Windows RUN command has a vulnerability... if you type in an URL it will open it in a browser window..
I looked this guys blog over... I don't see anything that impresses me.. and eWeek picks up and publishes anything and everything...
Peace,
HT
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|