Seems-to-be Last Step to Become a Hacker - Haaga-Helia assignment

Assignment 6

Task X + Y - All Reports

1. Assignment 1 - Become A Hacker

2. Assignment 2 - Oh, wasp!

3. Assignment 3 - Tricks, Tips and Playbooks

4. Assignment 4 - Intelligence Gap

5. Assignment 5 - Cryptography

   • Create Your Own Cryptosystem Using Javascript Presentation

   • My Cryptosystem Demo

6. Assignment 6 - Free Ticket

Sub-Task X - How To Break PDF Encryption

• PDF has become very popular in recent year. It’s used by ~99% companies and governmental institutions worldwide
• Supports AES encryption which claims that nothing can go wrong
• An attacker can break the PDF encryption, modify its structure and sent the malicious PDF to the receiver –> The receiver doesn’t know that the PDF has been tampered with –> He/she opens the PDF with a password and the attacker gets the password –> Information is leaked into the internet.
• PDF encryption looks like this. We can see that not the whole structure of the PDF is encrypted

• Document structure is unecrypted, only strings and streams are –> Reveals a lot of information such as numbers, size of pages, objects, links etc.
• These are the methods to break the PDF encryption:
  • Direct Exfiltration - putting malicious code into the PDF, when the target opens the PDF, the attacker will get the data from the file. This method can be used with PDF form, hyperlinks, Javascript etc.
  • Malleability Gadgets - this method can be used by knowing a part of ciphertext, known plaintext or exfiltration channel
• Vunerable PDF reader application analysis

• Signed PDF doesn’t prevent the file from being attacked
• To prevent a PDF from being broken into, we should
  • Remove Javascript from the file
  • Try to close all exfiltration channels
  • Ask the user before connecting to a server
  • Deprecate partial encryption
  • Disallow access from unencrypted to encrypted objects
  • Use authenticated encryption