Domaine : cours
Tag : langage c pdf
Aller à l'accueil


TAGS SPECIALISES :

langage c cours exercices
la langage c
ou en langage c
langage c et c
langage c &
le langage c
c langage
en langage c
langage c
exercices de programmation c
programmation c exercices
programmation en c exercices
exercices de programmation en c
exercice de programmation c
exercice programmation en c
exercice de programmation en c
exercices de c
exercices en c
c est courant
les exercices de langage c
langage c en pdf
le langage c pdf
programmer en c pdf
c est en cours
programmation en c pdf
cours et exercices c
c cours et exercices
programmer en langage c
programmer langage c
language c pdf
programme langage c
programme en langage c
programmation en c
programmation c
la programmation en c
la programmation c
cours langage c pdf
langage c cours pdf
cours de langage c en pdf
cours de langage c pdf



HITB SecConf 2009 Malaysia: PDF Origami Strikes Back 1/6





Clip 1/6
Speakers: Frédéric Raynal (Head of Research & Software Development, Sogeti/Cap Gemini), Guillaume Delugré (Sogeti) and Damien Aumaitre (Sogeti)

Last year, we presented at PacSec some risks related to the PDF format. Many samples were provided. In the end, we showed 2 real-life attacks focused on PDF language and Acrobat Reader [1].

Since the language has now well be studied, we will focus now on its environment:

- What with Adobe Reader and other products related to PDF? What are the links with the OS, the browser, ?
- How PDF files can help an attacker to improve his operations?

Regarding Adobe and PDF, we have mainly focused on the Reader, and Adobes plug-in. The Reader is a really big software (300Mb) with lots of dependencies (plug-ins, dll, executables) making it a mess to analyze. We have start to sort all that mess trying to isolate the various features.
One interesting feature is the usage made of the cryptography, either for ciphering or granting extended permissions based on signature (what Adobe calls certification and usage rights).

We are also focusing on Adobes plug-in to read PDF files. First, the now famous JavaScript engine will be studied. It is based on an old SpiderMonkey engine, modified to support PDF features. However, the most recent documentations are related to version 8 of Reader, whereas the current one is 9.
Many information are not reliable or even not at all in the documentation. So, we have extracted undocumented functions. But JavaScript is one action among many in PDF. So, we also have looked at how some others actions behave in the plug-in (mainly Launch, URI, SubmitForm and GoToR). The main feature for an attacker is that they dont throw an alert when connecting to a remote site since it is a normal behavior in a browser (conversely to what happen when these actions are called in the standalone reader).

For more information go to: http://bit.ly/ci3UfI

code pour embarquer la vidéo : >>>    http://www.youtube.com/embed/Yr72rLeQ_60    <<<






TAGS GENERAUX :

  cour de basse  cours galien  chimie organique cours  cours powerpoint  cours d electronique  cours de chimie  assistance scolaire  analyse financière cours  cours de biologie  cours word 2003