Announcement

Collapse
No announcement yet.

Adobe PDF Back Doors

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adobe PDF Back Doors

    "A British security researcher has figured out a way to manipulate legitimate features in Adobe PDF files to open back doors for computer attacks. "

    This is very neat -

    Full Article
    ..::800xl::..

  • #2
    Re: Adobe PDF Back Doors

    looks like a lot of these vulnerabilities involve the PDF reader tool opening a browser window or triggering some other HTML-based code. if someone is running Mozilla instead of Internet Explorer i'd imagine that would cut down on the risk a great deal. personally, i never deploy windows computers anymore for anyone with internet explorer on the system.
    "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
    - Trent Reznor

    Comment


    • #3
      Re: Adobe PDF Back Doors

      This does not state what version of Adobe is effected. There has long been knowlege of Adobe 5 having these problems.
      "Never Underestimate the Power of Stupid People in Large Groups"

      Comment


      • #4
        Re: Adobe PDF Back Doors

        There is a test PDF on the HackLouisville.com forums, and it worked with my newest fully patched version of Adobe Reader...if you use FoxIt on Windows however, you are immune.


        Web Hosting --

        Comment


        • #5
          Re: Adobe PDF Back Doors

          Originally posted by enigma
          There is a test PDF on the HackLouisville.com forums, and it worked with my newest fully patched version of Adobe Reader...if you use FoxIt on Windows however, you are immune.
          since i assume none of us want to go throug the hassle of registering for anohter forum, care to post the direct link to the file here so we can have a go at the exploit on a test box?
          "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
          - Trent Reznor

          Comment


          • #6
            Re: Adobe PDF Back Doors

            http://mono.hacklouisville.com/BackdoorFUN.pdf

            not sure how long he'll have it up...this file is harmless...but it shows the potential.


            Web Hosting --

            Comment


            • #7
              Re: Adobe PDF Back Doors

              Originally posted by enigma
              http://mono.hacklouisville.com/BackdoorFUN.pdf

              not sure how long he'll have it up...this file is harmless...but it shows the potential.
              my firewall generated a message saying that acroread.exe was trying to connect to the internet. after that, all i get is a page from google.co.uk inside of my PDF reader. does acrobat itself render code, etc? if it has its own internal rendering engine capable of launching an exploit i can understand the threat. otherwise, it seems like those old web pages where one frame was coded in the HTML to load "file:\\c:\" thus showing you a list of your own files and directories underneath a large font message saying "your computer is not secure!!!1!" with the <blink> tag.
              "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
              - Trent Reznor

              Comment

              Working...
              X