← Pli Aĝa Enskribigo
So, you’re thinking about getting a Ph.D.

Novega Enskribigo →
What does your code use, and is it vulnerable?

PDF is Broken: a justCTF Challenge

In which a PDF is a webserver, serving copies of itself

Tagged: Software Security

I recently created a challenge for the justCTF competition titled PDF is broken, and so is this file. It demonstrates some of the PDF file format’s idiosyncrasies in a bit of an unusual steganographic puzzle. CTF challenges that amount to finding a steganographic needle in a haystack are rarely enlightening, let alone enjoyable. LiveOverflow recently had an excellent video on file format tricks and concludes with a similar sentiment. Therefore, I designed this challenge to teach justCTF participants some PDF tricks and how some of the open source tools I’ve helped develop can make easy work of these forensic challenges.

Read the full post on the Trail of Bits blog for spoilers on how to solve the puzzle.

This is an excerpt from the Trail of Bits blog. You can read the full post here.
Atom Feed

© Evan A. Sultanik 2003–2024

← Pli Aĝa Enskribigo Blog Archive Novega Enskribigo →