teaser brucon 2013 hacking pdf training

Post on 29-May-2015






Click to see full reader


  • 1. Hacking PDF Training Brucon 2013 Gent didier@DidierStevensLabs.com

2. Didier Stevens Renowned Malicious PDF Expert Author Of Popular Free PDF Tools 30+ Years Of Hacking 3. 2 Days Training Day 1: PDF Language & Analysis Day 2: PDF Creation 4. Day 1: PDF Language Intro 5. Example of PDF Language Intro String obfuscation /JS (app.alert({cMsg: 'Hello from PDF JavaScript'});) /JS 6. Day 1: Simple Analysis Exercises 20 simple exercises with benign PDFs* Understanding malicious PDFs Getting familiar with PDF analysis tools: pdfid pdf-parser *You also get my screencasts for these simple exercises 7. Day 1: Simple Analysis Exercises Example: extracting payload from PDF pdf-parser.py -s /EmbeddedFile ex013.pdf pdf-parser.py -o 8 -f -d file.exe ex013.pdf 8. Day 1: Complex Analysis Exercises The Real Deal Analyzing in the wild PDF malware 5+ exercises 9. Day 1: Complex Analysis Exercises Example: 3-The Obama Administration and the Middle East.pdf.zip Learn to find the exploit, extract the shellcode and analyze it with shellcode simulator 10. Day 2: PDF Creation A full day learning how to create PDFs For Fun and Profit with Python tools 11. Day 2: PDF Creation You receive my Private PDF Creation Tools 12. Day 2: PDF Creation Receive private mPDF module + documentation Create New PDFs Modify Existing PDFs All from Python, no Adobe products required 13. Day 2: PDF Creation Receive many private PDF creation & modification tools Example: t-modify-pdf-incremental-update.py Learn to modify Mandiant_APT1_Report.pdf 14. Day 2: PDF Creation Example: PDF fuzzer to find vulnerabilities in PDF readers Smart Fuzzing of JPEG embedded in PDF 15. Creation Exercises Learn how to use my private shellcode for PDFs 16. Day 2: PDF Creation Learn how to bypass AV and IDS detection with PDF obfuscation 17. Day 2: PDF Creation Learn the internal details of my /Launch exploit and use the automated creation tool 18. Summary Learn how to analyze and create PDFs in 2 days from a malicious pdf expert Receive many of my private, unreleased tools No need to be a Python expert, just have basic skills to modify a Python script No shellcode skills needed 19. Questions? Contact me: didier@DidierStevensLabs.com @DidierStevens

top related