A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


File Polyglottery; or, This Proof of Concept is Also a Picture of Cats - Evan Sultanik BSides Philadelphia 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

File Polyglottery; or, This Proof of Concept is Also a Picture of Cats
Evan Sultanik
@ESultanik
BSides Philadelphia 2017

A polyglot is a file that can be interpreted as multiple different filetypes depending on how it is parsed. While polyglots serve the noble purpose of being a nifty parlor trick, they also have much more nefarious uses, e.g., hiding malicious printer firmware inside a document that subverts a printer when printed, or a document that displays completely different content depending on which viewer opens it. This talk does a deep dive into the technical details of how to create such special files, using examples from some of the recent issues of the International Journal of PoC||GTFO. Learn how we made a PDF that is also a valid NES ROM that, when emulated, displays the MD5 sum of the PDF. Learn how we created a PDF that is also a valid PostScript document that, when printed to a PostScript printer, produces a completely different document. Oh, and the PostScript also prints your /etc/passwd file, for good measure. Learn how to create a PDF that is also a valid Git repository containing its own LaTeX source code and a copy of itself. And many more!

Evan Sultanik is a computer security researcher with a diverse background in automated static analysis, taint analysis, distributed artificial intelligence, and combinatorial optimization. He is a frequent contributor to and editor of the International Journal of PoC||GTFO, and also helped typeset and edit the recently published book/bible of the same name. Prior to joining Trail of Bits, he was the Chief Scientist of Digital Operatives and, prior to that, a Senior Research Scientist at The Johns Hopkins University APL. He earned a Ph.D. in Computer Science from Drexel University, and also holds three other degrees in Computer Science and Mathematics. In a life prior to all of that, Evan was a code monkey working on document databases and OCR. Except for when he writes in a biographical format, Evan does not often refer to himself in the third person.

Recorded at BSides Philly 2017

Back to BSides Philly video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast