Bugged Files: Is Your Document Telling on You? presented at SourceBoston 2015

by Daniel Crowley, Damon Smith,

Summary : Certain file formats, like Microsoft Word and PDF, are known to have features that allow for outbound requests to be made when the file opens. Other file formats allow for similar interactions but are not well-known for allowing such functionality. In this talk, we explore various file formats and their ability to make outbound requests, as well as what that means from a security and privacy perspective. Most interestingly, these techniques are not built on mistakes, but intentional design decisions, meaning that they will not be fixed as bugs. From data loss prevention to de-anonymization to request forgery to NTLM credential capture, this presentation will explore what it means to have files that communicate to various endpoints when opened.

Daniel Crowley: Daniel does pen testing, research, training, and various other things for Core Security Technologies. In his spare time, he plays around mostly with Web-based technologies and locks. Being an entertainer by nature, Daniel likes combining art with technology and his presentations are designed to inform AND entertain. Daniel was a speaker at Shmoocon VI and won the Gringo Warrior competition at Shmoocon V.