A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


File Polyglottery; or, This Proof of Concept is Also a Picture of Cats - Evan Sultanik BSides Philadelphia 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

File Polyglottery; or, This Proof of Concept is Also a Picture of Cats
Evan Sultanik
@ESultanik
BSides Philadelphia 2017

A polyglot is a file that can be interpreted as multiple different filetypes depending on how it is parsed. While polyglots serve the noble purpose of being a nifty parlor trick, they also have much more nefarious uses, e.g., hiding malicious printer firmware inside a document that subverts a printer when printed, or a document that displays completely different content depending on which viewer opens it. This talk does a deep dive into the technical details of how to create such special files, using examples from some of the recent issues of the International Journal of PoC||GTFO. Learn how we made a PDF that is also a valid NES ROM that, when emulated, displays the MD5 sum of the PDF. Learn how we created a PDF that is also a valid PostScript document that, when printed to a PostScript printer, produces a completely different document. Oh, and the PostScript also prints your /etc/passwd file, for good measure. Learn how to create a PDF that is also a valid Git repository containing its own LaTeX source code and a copy of itself. And many more!

Evan Sultanik is a computer security researcher with a diverse background in automated static analysis, taint analysis, distributed artificial intelligence, and combinatorial optimization. He is a frequent contributor to and editor of the International Journal of PoC||GTFO, and also helped typeset and edit the recently published book/bible of the same name. Prior to joining Trail of Bits, he was the Chief Scientist of Digital Operatives and, prior to that, a Senior Research Scientist at The Johns Hopkins University APL. He earned a Ph.D. in Computer Science from Drexel University, and also holds three other degrees in Computer Science and Mathematics. In a life prior to all of that, Evan was a code monkey working on document databases and OCR. Except for when he writes in a biographical format, Evan does not often refer to himself in the third person.

Recorded at BSides Philly 2017

Back to BSides Philly video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast