A Flaw Of PDF Allows Hackers To Access Password-Protected Files

Saanvi Araav - Oct 12, 2019


A Flaw Of PDF Allows Hackers To Access Password-Protected Files

A group of researchers has found out a technique allowing hackers to access content from an encrypted or password-protected PDF document

A group of researchers has found out a technique that allows hackers to access content from an encrypted or password-protected PDF document under some conditions. From the published paper - German researchers from Münster University and Ruhr-University Bochum have disclosed two types of cyber attacks that exploit the vulnerability in 23 popular PDF viewers. The vulnerable list includes the PDF viewers built-in Firefox and Chrome, Evince, Adobe, and others.

PDFex

PDFex attack uses the security weaknesses within the built-in encryption protection of the PDF file.  This attack does not try to crack the encrypted PDF file's password, but rather, it takes advantage of the partial encryption of the PDF specs to exfiltrate the content remotely when the user opens the file. 

Vulnerable-Pdf-hacker
They have disclosed two types of cyber attacks that exploit the vulnerability in 23 popular PDF viewers.

According to the researchers, even without the password, the hacker could still manipulate some parts of the encrypted PDF document.  So the hacker would modify the encrypted PDF document. After that, when the document gets the correct password, it will send a copy of the protected content to a server (of the hacker) via JavaScript code, URL, or PDF form.

More troublesome is that the hacker does not need any user interaction to exfiltrate the document. They just needed to tampering the unencrypted data via the PDF form.

The 2nd Type

The 2nd type of attack is quite similar to the first one. However, it only uses the PDF file's encrypted bits. It takes advantage of the encrypting plaintext blocks' CBC mode to change part of ciphertext into another part of the ciphertext.

The CBC mode uses the chaining mechanism to protect data that means the encryption of each block depends on the previous block. So you need to know the  “plaintext segment” to manipulate the encrypted object directly.

hacker-Cbc-Mode
You need to know the  “plaintext segment” to manipulate the encrypted object directly.

The researchers have disclosed these findings to all impacted vendors and release to the general public a POC of the PDFex attacks. They suggest that to mitigate this type of attack, we should drop support for the partially encrypted PDF format. 

Tags
Next Story

Read More

Here's Why The Redmi 8 Comes With Snapdragon 439

Mobile- Oct 19, 2019

Here's Why The Redmi 8 Comes With Snapdragon 439

Snapdragon 439 SoC can perform as well as Snapdragon 625 since it is produced on the 12nm process, and with Mi Turbo, users will get a better experience.

Vivo V17 Pro Review: Immersive Display, Quad-Camera Setup

Review- Oct 21, 2019

Vivo V17 Pro Review: Immersive Display, Quad-Camera Setup

In a word, the Vivo V17 Pro owns a few but intriguing upgrades.

NASA's Attempt To Send Human To Mars May Bring Alien Diseases To The Earth

Features- Oct 21, 2019

NASA's Attempt To Send Human To Mars May Bring Alien Diseases To The Earth

Mars may have a kind of space germs that can eradicate all life on Earth if NASA sends astronauts to the red planet

OPPO Reno2 F Review: Amazing Quad Cameras, Panoramic Display, Affordable Price!

Review- Oct 19, 2019

OPPO Reno2 F Review: Amazing Quad Cameras, Panoramic Display, Affordable Price!

With 4 cameras, full-view Panoramic display, fast charging and an affordable price, the OPPO Reno2 F will become a better choice compared to the Reno2.

This Suitcase-Size Dock Will Allow Drones To Fly Continously All The Time

Features- Oct 21, 2019

This Suitcase-Size Dock Will Allow Drones To Fly Continously All The Time

As promoted, drones can be ready just in “minutes”, which is not far from ideal when it comes to field deployments.

Google To Patch A Flaw That Lets iPhone Users Have Free Storage On Google Photos

ICT News- Oct 21, 2019

Google To Patch A Flaw That Lets iPhone Users Have Free Storage On Google Photos

According to Android Police, the flaw of Google Photos allows iOS users to have images stored in their original quality without considering the 15GB limit