In response to Bruce Schneier’s latest post, let me explain how you can corrupt your own PDF documents for free. Open your PDF document with a binary editor, search for references to the root object (/Root), and overwrite the reference (36 in my example) with a non-existing reference, like 00.
Of course, be careful and make backups first.
Tested on several PDF readers:
Didier Stevens 
Quiz: which not-executable file format be opened as non admin can leads to BSOD?
Comment by unary — Tuesday 9 June 2009 @ 17:39
Hi,
This is all nice, but PDFs aren’t really things that people use everyday to create something. Is there a way to make a corrupted Word file?
wow, i sound like a grownup…. sorry, if this was sorta brief.
peace
Comment by Max — Wednesday 10 June 2009 @ 3:52
For Office 2007, that is simple. The fileformat is a ZIP file containing XML files. XML files are trivial to corrupt, just unbalance the tags.
Comment by Didier Stevens — Wednesday 10 June 2009 @ 8:00
[…] Stevens reagiert und empfiehlt:Make Your Own Corrupted PDFs For Free. Alles was Sie tun müssen: Die PDF-Datei mit einem Hex-Editor öffnenund das root-Object (/Root) […]
Pingback by ψ² = Ps(i)² » Blog Archive » Wer hat an der Uhr gedreht… — Wednesday 10 June 2009 @ 9:20
The problem is that any professor/employer with *nix awareness may very well spot the subterfuge using the ‘strings’ command line tool on corrupted MSWord or PDF. Just because the binary header/containing elements of these files is munged doesn’t mean the ASCII text is irretrievable.
Comment by Ben — Wednesday 10 June 2009 @ 15:46
Of course, if you’ve the skills you can uncover any subterfuge.
Comment by Didier Stevens — Wednesday 10 June 2009 @ 20:24
@unary As nobody has answered yet: http://kb2.adobe.com/cps/324/324073.html
Comment by Didier Stevens — Thursday 11 June 2009 @ 21:07
you should have mentioned that there could be more than one instance of /Root and give a hint how to find the recent one 😉
Comment by Roman Toda — Friday 12 June 2009 @ 21:22
Wouldn’t it be easier to simply change the file extension of some non-PDF file such as a .exe file to .pdf?
Comment by George329 — Monday 15 June 2009 @ 17:56
Yes, there is so much to tell about this, but then again, this is just for entertainment 😉
Comment by Didier Stevens — Saturday 27 June 2009 @ 21:35
Of course, but why do it the easy way? 😉
Comment by Didier Stevens — Saturday 27 June 2009 @ 22:01
by using “tail” etc *nix commands, one can also replace any X bytes with random bytes.
Comment by vr000m — Monday 29 June 2009 @ 19:10
Interesting. Would you mind sharing an example of your shell-fu?
Comment by Didier Stevens — Monday 29 June 2009 @ 19:26
Auto corrupting your PDF files…
A few weeks ago I cam across a blog post which showed you how to corrupt your own pdf files. That post was in response to the interweb ate my homework post from Bruce Schneier.
Anyhows, Didier’s method is fairly simple. So lets automate it.
He …
Trackback by Gl.ib.ly — Tuesday 30 June 2009 @ 16:37
[…] Hiding Files in PDF Documents Filed under: My Software, PDF — Didier Stevens @ 6:28 My corrupted PDF quip inspired me to program another steganography trick: embed a file in a PDF document and corrupt the […]
Pingback by Embedding and Hiding Files in PDF Documents « Didier Stevens — Wednesday 1 July 2009 @ 6:28
[…] corrupted PDF quip inspired me to program another steganography trick: embed a file in a PDF document and corrupt the […]
Pingback by Embedding and Hiding Files in PDF Documents - Opsec — Wednesday 1 July 2009 @ 17:22
[…] extraordinaire Didier Stevens recently posted this entry all about hiding data in PDF files. My corrupted PDF quip inspired me to program another steganography trick: embed a file in a PDF document and corrupt the […]
Pingback by Abusing PDFs « Security For All — Wednesday 8 July 2009 @ 21:03
Hey i found this article fucking awesome and useful!
lots of thanks! you saved my ass today hahahahah
Comment by A-lazy-spanish-guy — Friday 30 April 2010 @ 16:41