2024-11-23 –, Ngaio Marsh Theatre
There are trillions of PDFs in the world, and their very ubiquity makes them a file type where 'bad people' might store malicious code. The ability to quickly identify malicious files is essential and tools such as Remnux, peepdf and RUPS will be discussed, along with some examples of other things that can be hidden within the PDF file format.
PDFs are ubiquitous, and a relatively simple format. However that simplicity supports multiple places where code, or other information can be stored. We will have a quick overview of the overall structure of PDFs, and see three places (if there is time) where code can potentially be stored. We will also look at some tools that can be help to identify the presence of such code.
After years of dabbling in a wide range of subjects, I've been working with PDFs for the last seven years. I've written code, created bugs, and probably a few vulnerabilities. These days I'm paid to be a technical writer, and find other people's bugs, but I hide things in PDFs just for fun.
I also play button accordion, Morris dance and often wear a pirate hat.