Didier Stevens

Sunday 9 November 2008

Creating PDF Test-Files

Filed under: My Software,PDF — Didier Stevens @ 12:56

As promised, I’m releasing a couple of my PDF tools as a warm-up to my ISSA Belgium and OWASP Belgium talk.

After having manually created some PDF test-files (just using a text editor), I stepped up to the next level and wrote a quick-and-dirty Python module to generate PDF documents by assembling fundamental PDF elements.

My mPDF.py module contains a class with methods to create headers, indirect objects, stream objects, trailers and XREFs. One of the programs I wrote based on this module is make-pdf-javascript.py. This Python program allows me to create a simple PDF document with embedded JavaScript that will execute upon opening of the PDF document. Program details and download here.

An example: to create a PDF document exploiting the util.printf Adobe Reader vulnerability in its simplest form (e.g. no shellcode and no heap spray), issue the following command:


Here it crashes Adobe Reader 8.1.2 on Windows XP SP2:


Picture Puzzle

Filed under: Puzzle — Didier Stevens @ 7:41

As I announced via Twitter, here’s a new puzzle. Find the message I’ve hidden in this picture.

First one to post a comment with the correct answer can get a sticker. For those who don’t know, comments are moderated.

Blog at WordPress.com.