Researchers in Germany have invented a new hack that can allow someone to break the encryption of PDF files and access their content — or even forge signed PDF files under certain circumstances.
A team from Ruhr University Bochum, FH Münster University of Applied Sciences and Hackmanit GmbH developed the attack, called PDFex, that can allow an attacker to view the content of a PDF file without the public key or password encrypting it.
The team published a report online detailing the attack, which encompasses two main techniques — one that can break PDF encryption and one that can break PDF signatures. They evaluated the hacks against two types of applications — commonly used desktop applications and online validation services that are more often used by businesses.
PDFex targets encryption supported by the PDF standard rather than protections applied to a PDF document by an external source, researchers said. In their tests, researchers successfully used at least one of their PDFex attacks to access PDF file content in 21 out of 22 desktop-viewer applications, and five out of seven validation services, they said. Popular PDF viewers vulnerable to attacks include Adobe Acrobat, and Chrome and Firefox’s built-in PDF readers.
“PDFex abuses weaknesses in the PDF encryption standard itself to perform targeted manipulations ‘through the encryption’,” said Jens Mueller, security researcher chair for network and data security at Ruhr University Bochum.
For password-protected files, researchers discovered that PDFex allows an attacker to manipulate parts of a PDF file without knowing the corresponding password. However, this can only be done after the person who has the password opens the file, researchers said.
“More precisely, the PDF specification allows the mixing of ciphertexts with plaintexts,” they wrote. “In combination with further PDF features which allow the loading of external resources via HTTP, the attacker can run direct exfiltration attacks once a victim opens the file.”
When a PDF file is encrypted — typically using the Cipher Block Chaining (CBC) encryption mode with no integrity checks, implying ciphertext malleability — researchers said they could create “self-exfiltrating ciphertext parts using CBC malleability gadgets.”
“We use this technique not only to modify existing plaintext but to construct entirely new encrypted objects,” researchers reported.
The second key technique of PDFex can “use any signed PDF document and create a document which contains arbitrary content in the name of the signing user, company, ministry or state,” researchers wrote. Nearly all PDF desktop viewers and online validation services are vulnerable to such an attack, they warned.
The company used an example of an existing document signed by firstname.lastname@example.org that had not been modified since the signature was applied to demonstrate how this attack works. They said they can take that signed document and change its content “arbitrarily without invalidating the signature.”
“Thus, we can forge a document signed by email@example.com to refund us one trillion dollars,” researchers wrote. Only a person who understands the PDF format in depth could detect such an attack, they added.
Researchers worked in collaboration with BSI-CERT to contact all vendors and provide them with proof-of-concept exploits to help them update readers to protect against PDFex. Users of desktop viewers analyzed by the team should already have received these updates, researchers said.
How can companies mitigate attacks using PDFex?
“There are currently no effective countermeasures, as the weaknesses lie in the PDF encryption standard itself,” Mueller told Threatpost via an email-based interview. “As a mitigation, companies can use additional layers of encryption such as TLS for data in-transfer and hard disk encryption for data at-rest instead of solely relying on PDF document encryption. Note that this is a good security practice anyway.”
What are the top cyber security issues associated with privileged account access and credential governance? Experts from Thycotic will discuss during our upcoming free Threatpost webinar, “Hackers and Security Pros: Where They Agree & Disagree When It Comes to Your Privileged Access Security.” Click here to register.