[ Ivan Dimkovic @ 06.04.2010. 16:23 ] @
|
| Posle proslog hita, poznatijeg kao "PDF koji se izvrsava" sada imamo i novi hit: PDF koji inficira druge PDF-ove
http://www.theregister.co.uk/2010/04/06/wormable_pdfs/
Citat:
The security perils of PDF files have been further highlighted by new research illustrating how a manipulated file might be used to infect other PDF files on a system.
Jeremy Conway, an application security researcher at NitroSecurity, said the attack scenario he has discovered shows PDFs are "wormable". Computer viruses are capable, by definition, of overwriting other files to spread. Conway's research is chiefly notable for illustrating how a benign PDF file might become infected using features supported by PDF specification, not a software vulnerability as such, and without the use of external binaries or JavaScript.
The "wormable PDF" research comes days after another security researcher, Didier Stevens, showed how it was possible to both embed malicious executables in PDFs and manipulate pop-up dialog boxes to trick victims into running a malicious payload. Both Adobe and FoxIT are working on a fix against the security shortcomings in their respective PDF viewing packages illustrated by the research.
...
"I chose to infect the benign PDF with another, and launch a hack that redirected a user to my website, but this could have just as easily been an exploit pack and or embedded Trojan binary," Conway explains. "Worse yet this dynamic infection vector could be utilised to populate all PDFs for some new O-day attack, thereby multiplying an attackers infection vehicles while still exploiting user systems ('worm-able')."
Epic fail :)
Kolicina idiotizama koji dolaze iz PDF formata kao i najpopularnije aplikacije za renderovanje istih je prilicno zabrinjavajuca.
|
[ combuster @ 06.04.2010. 17:35 ] @
A-a, ja ne citam vise to, malo malo pa mi na RSS-u iskoci Adobe PDF FAIL, Adobe PDF 0wned, Adobe PDF 0wning other pdf's i te fore... Dakle ima da ubacim filter na rec Adobe - od njih nema prijatnog nekog iznenadjenja :)
[ Ivan.Markovic @ 06.04.2010. 22:23 ] @
Ovo i nije tako novo, ja sam za proslu Sinergiju pravio nesto slicno ... fora je u tome da Adobe izbaci poruku u kojoj pise tacno sta ce da se izvrsi ali nije uvek ceo text vidljiv.
E sad zasto PDF ima opciju da izvrsava fajlove to je drugo pitanje ;)
[ Ivan Dimkovic @ 06.04.2010. 22:44 ] @
Sumatra PDF ftw:
http://blog.kowalczyk.info/software/sumatrapdf/index.html
Moram priznati, nesto najjace sto sam video u proteklih nekoliko meseci sto se softvera tice.
http://en.wikipedia.org/wiki/Sumatra_PDF
Citat:
Sumatra was designed for portable use, as it consists of one single file with no external dependencies, making it usable from an external USB drive.[3] This classifies it as a portable application.[1] As is characteristic of many portable applications, Sumatra takes up little disk space.[1] It has a 1.2 MB setup file, compared to Adobe Reader's 26.1 MB, for Windows.[4] Installed size is also 1.2MB, whereas Adobe Reader requires 335 MB of available disk space.[5]
1.2 MB, a radi isto sto i skrndelj od 335 MB... a takodje, nema JavaScript... [ Srđan Pavlović @ 07.04.2010. 00:51 ] @
-Evo i malo price o izboru za nas Linux-ovce sto se PDF citanja tice...
http://bbs.archlinux.org/viewtopic.php?id=55050
Sad sam stavio novu Arch Linux instalaciju na net-book,
i razmisljam sta da stavim za citanje PDF-a, na gnome.
Voleo bih da..
- je lagan (manji program)
- brz
- pamti stranu kad zatvoris PDF
- ne trazi gnome-keyring
[ combuster @ 07.04.2010. 01:29 ] @
Zezas nas a? :D
[ Srđan Pavlović @ 07.04.2010. 01:57 ] @
Hehe, ne zezam. Instalirao sam samo gnome
metapaket (ne i gnome-extra), tako da mi nije
doslo nista za citanje PDF-a :)
Anywayz, odlucio sam se za evince :)
[ combuster @ 07.04.2010. 09:31 ] @
Hahaha, ma pogledao sam onu temu pa se svi na kraju odlucili ipak za evince koji ima gtk dep-ove a ovo cudo od sumatre ima jedan lib kao dep i to je staticki ulinkovan. Evince ipak rule na linuxu, xpdf me je nekad sekirao mnogo a nisam ga probao odavno da bi znao da li se nesto promenilo :) Dobar je i okular za KDE...
[ musicmaster @ 07.04.2010. 09:53 ] @
Sumatra je odlična.
Foxit je upravo otišao u penziju.
Od svih alata u pdf readerima, jedini potreban je samo "copy text" a to ovo sitno maleno programče - ima.
Thnx.
[ akiko1 @ 07.04.2010. 10:25 ] @
Foxit Reader Portable
Sta fali ovome? 4MB i nije neka velika kradja!
[ musicmaster @ 07.04.2010. 10:35 ] @
A što si ti nama sada linkovao Foxit? :D
Znaju ljudi kako da ga nađu. Poznato je to divno parče softvera samo tako. :)
Inače, ne fali mu ništa.
Bez obzira, penzionisan je.
Sumatra je bolja.
[ staticInt @ 07.04.2010. 11:37 ] @
Bas sam u prosloj temi rekao da je meni i foxit bloated, skinuo sam sumatru i to je to, vrhunski software ko da sam ga ja pisao :)
[ Shadowed @ 07.04.2010. 11:38 ] @
E, pamti li ta sumatra stranu za odredjeni fajl kada se zatvori?
[ icobh @ 07.04.2010. 12:00 ] @
Sumatra je OK, ali je definitivno daleko od vrhunskog! Evo par stvari za koje ja mislim da su mu nedostatci:
1. Sporiji rendering of Foxit
2. Nema tabove kao Foxit, a navikao sam se
3. Nema kvalitetnih mehanizama za kopiranje sadržaja
4. Dostupnost nekih opcija samo kroz meni
5. Print je nula bambija
[ Majestic @ 07.04.2010. 12:09 ] @
Citat: Shadowed: E, pamti li ta sumatra stranu za odredjeni fajl kada se zatvori?
Jep.
Ali sporo renderira slike. Bas ono sporo. Inace odlican program.
EDIT: Sve sto je icobh naveo je tocno. [ saneldz @ 07.04.2010. 14:12 ] @
A sta fali PDF XChange Viewer-u. Koliko je on "siguran" po tom pitanju?
I da, pmati stranicu kad zatvoris pdf dokument; jos sam iskljucio u opcijama Javascript support.
[ malikarlo @ 07.04.2010. 14:25 ] @
Ako hocete na linuxu nesto samo za citanje PDF-ova s malo depova pogledajte apvlv i zathura.
[ HeYoo @ 07.04.2010. 23:28 ] @
Ima Evince i za Win http://live.gnome.org/Evince/Downloads
Probajte.. mozda valja :) [ combuster @ 07.04.2010. 23:33 ] @
Hehehe, izgleda da sve sto lezi na gtk-u ima i na windows-u, al' smo dobri, GIMP, Pidgin, Evince itd... :)
[ Ivan Dimkovic @ 07.04.2010. 23:34 ] @
Neka... ja se ipak drzim Sumatre.
[ maksvel @ 08.04.2010. 08:08 ] @
Je l' ta Sumatra pisana u Javi? :-P
Ovaj Foxit je OK, mada mi se čini da će tek da ga bloatuju.
Za Adobeov Reader (Adobe Memory LeecherTM) beše onaj programčić, što mu olakšava pluginove - umeo je da ga ljudski ubrza.
[ icobh @ 08.04.2010. 10:22 ] @
Xexexe, Evince za Windows 30 MB installer, a koliko će tek da bude kad se raspakuje...
[ combuster @ 08.04.2010. 19:03 ] @
Ako vec imas instaliran pidgin ili gimp onda samo par mb, ako ne onda jedno 50-tak :D (gtk installer)
[ Ivan.Markovic @ 09.04.2010. 10:18 ] @
Copyright (C) 2001-2025 by www.elitesecurity.org. All rights reserved.
|