> If you can own anyone reading this list with a PDF exploit then they deserve > it! > > Robin
I think this is a little unfair; how do you not get owned using Adobe Acrobat? I had a hard time writing up a mitigation recommendation for a customer recently. I owned the network with a HSRP MITM attack, followed by Ettercap+etterfilter injection to serve up malicious PDF's in 1x1 iframes*. The attack went great, but then I had to tell the customer what to do differently to prevent them from being compromised through Adobe Acrobat in the future. I don't believe Foxit Reader isn't in a better position than Adobe Acrobat reader from a security perspective. Online PDF rendering options returning funky JS+AJAX images wouldn't work due to the sensitive nature of the PDF content. I ended up recommending the use of Adobe Acrobat with the Microsoft Mitigation Experience Toolkit, but I thought that was kinda lame too. What recommendations are people making to customers who get owned through PDF exploits but require a local PDF reader? Thanks, -Josh * Ettercap+etterfilter, HSRP/VRRP exploits and more are all labs in the new SANS course I contributed to, Advanced Penetration Testing, Exploits and Ethical Hacking - http://bit.ly/aOwAnB _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
