Bugged Files

Is Your Document Telling on You?

Daniel "unicornFurnace" Crowley

Playlists: 'camp2015' videos starting here / audio / related events

Certain file formats, like Microsoft Word and PDF, are known to have features that allow for outbound requests to be made when the file opens. Other file formats allow for similar interactions but are not well-known for allowing such functionality. In this talk, we explore various file formats and their ability to make outbound requests, as well as what that means from a security and privacy perspective. Most interestingly, these techniques are not built on mistakes, but intentional design decisions, meaning that they will not be fixed as bugs. From data loss prevention to de-anonymization to request forgery to NTLM credential capture, this presentation will explore what it means to have files that communicate to various endpoints when opened.