Security Basics
Manipulate PDFs with Malware Jan 20 2013 05:59AM
Andre Silaghi (andre silaghi googlemail com) (3 replies)
AW: Manipulate PDFs with Malware Jan 23 2013 10:32AM
Booth, Daryl (Daryl Booth mobil-isc de) (1 replies)
Re: Manipulate PDFs with Malware Jan 29 2013 07:58AM
Andre Silaghi (andre silaghi googlemail com)
RE: Manipulate PDFs with Malware Jan 23 2013 07:20AM
Simon Thornton (simon thornton info)
Re: Manipulate PDFs with Malware Jan 21 2013 06:55AM
Nick Clark (nick clark-clan com) (2 replies)
RE: Manipulate PDFs with Malware Jan 22 2013 05:42PM
David Gillett (gillettdavid fhda edu)
Re: Manipulate PDFs with Malware Jan 21 2013 09:31AM
Adam Pal (carpathin wolf gmx net) (1 replies)
AW: Manipulate PDFs with Malware Jan 21 2013 06:06PM
Günther, Sebastian (guenther sebastian googlemail com)
Helle Together,

i think you can only send an infected PDF Document in name of a trusted people or company.

Regards
Sebastian

-----Ursprüngliche Nachricht-----
Von: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] Im Auftrag von Adam Pal
Gesendet: Montag, 21. Januar 2013 10:31
An: andre.silaghi (at) googlemail (dot) com [email concealed]
Cc: security-basics (at) securityfocus (dot) com [email concealed]
Betreff: Re: Manipulate PDFs with Malware

Hi Andre,

could you specify the context of the question or the risk you are refering to?
Given the facts below, no i cannot think at any easy way to modify this information, at all it would not realy make sense to modify it during the opening process (process could be detected). Also it should be one of the next steps to verify the payment data (validation) before process it.

Best regards,

Adam Pal
-------- Original-Nachricht --------
> Datum: Sun, 20 Jan 2013 23:55:14 -0700
> Von: Nick Clark <nick (at) clark-clan (dot) com [email concealed]>
> An: Andre Silaghi <andre.silaghi (at) googlemail (dot) com [email concealed]>
> CC: "security-basics (at) securityfocus (dot) com [email concealed]"
> <security-basics (at) securityfocus (dot) com [email concealed]>
> Betreff: Re: Manipulate PDFs with Malware

> Depends on how the PDF is formed. If they are just using an image or
> flat text, I cannot think of any easy way to do this. If they are
> using a form, and this barcode has a set attribute field, then you
> could probably search for the field and replace it with whatever you'd like to.
>
> ---
> Nick Clark
>
> On Jan 19, 2013, at 10:59 PM, Andre Silaghi
> <andre.silaghi (at) googlemail (dot) com [email concealed]>
> wrote:
>
> > Hello everybody,
> >
> > Let me just explain to you a scenario before I ask my question about
> > it. You are starting to download a PDF file including a barcode
> > which is used to identify some payment information like the ammount
> > of money you have to pay and the receiver, maybe identified by
> > another sequence which is included.
> >
> > Would it be possible to manipulate this barcode easily before or
> > during the opening process of the PDF in order to change the payment
> > information in a way that the attacker's information is encoded there?
> >
> > Have you any experience with malware like this?
> >
> > Best regards,
> > André
> >
> > --------------------------------------------------------------------
> > ---- Securing Apache Web Server with thawte Digital Certificate In
> > this guide we examine the importance of Apache-SSL and who needs an
> SSL certificate. We look at how SSL works, how it benefits your
> company and how your customers can tell if a site is secure. You will
> find out how to test, purchase, install and use a thawte Digital
> Certificate on your Apache web server. Throughout, best practices for
> set-up are highlighted to help you ensure efficient ongoing management
> of your encryption keys and digital certificates.
> >
> >
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
> 42f727d1
> > --------------------------------------------------------------------
> > ----
> >
>
> ----------------------------------------------------------------------
> -- Securing Apache Web Server with thawte Digital Certificate In this
> guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company
> and how your customers can tell if a site is secure. You will find out
> how to test, purchase, install and use a thawte Digital Certificate on
> your Apache web server. Throughout, best practices for set-up are
> highlighted to help you ensure efficient ongoing management of your
> encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
> 42f727d1
> ----------------------------------------------------------------------
> --
>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus