Crafting PDF Readers with Floating Points

Presented at ekoparty 14 (2018), Sept. 26, 2018, 2:40 p.m. (50 minutes)

In this talk, it will be explained how to craft javascript objects from a OOBW bug found in an images parser (information about the bug will not be provided, but the exploitation technique). Then, we will make that our data crafted in memory, be taken as valid by the adobe reader javascript engine and by using this, the execution flow to take control will be modified.

Presenters:

• Javier Aguinaga
  Javier Aguinaga cuenta con 10 años de experiencia trabajando con binarios, actualmente se desempeña como señor Security Researcher en Faraday-Labs. Tiene pasión por el hardware en general y por entender cómo funcionan las cosas, fan de comprar y de acumular gagdets, también conocido como mal de Diógenes de la tecnología.

Links:

• http://ekoparty.org/charla-crafting-pdf-readers-with-floating-points.php
• https://infocon.org/cons/Ekoparty/Ekoparty 14 2018/Crafting PDF Readers with Floating Points Javier A.mp4

Similar Presentations:

• Black Hat Asia 2017 / Dig Into the Attack Surface of PDF and Gain 100+ CVEs in 1 Year
• Black Hat USA 2011 / Playing In The Reader X Sandbox
• DEF CON 23 (2015) / Abusing Adobe Reader's JavaScript APIs