Looking for ways to unlock and read the content of an encrypted PDF without knowing the password?
Well, that's now possible, sort of—thanks to a novel set of attacking techniques that could allow attackers to access the entire content of a password-protected or encrypted PDF file, but under some specific circumstances.
Dubbed PDFex, the new set of techniques includes two classes of attacks that take advantage of security weaknesses in the standard encryption protection built into the Portable Document Format, better known as PDF.
To be noted, the PDFex attacks don't allow an attacker to know or remove the password for an encrypted PDF; instead, enable attackers to remotely exfiltrate content once a legitimate user opens that document.
In other words, PDFex allows attackers to modify a protected PDF document, without having the corresponding password, in a way that when opened by someone with the right password, the file will automatically send out a copy of the decrypted content to a remote attacker-controlled server on the Internet.
The researchers tested their PDFex attacks against 27 widely-used PDF viewers, both for desktop and browser-based, and found all of them vulnerable to at least one of the two attacks, though the majority were found vulnerable to both attacks.
The affected PDF viewers include popular software for Windows, macOS and Linux desktop operating systems such as:
...as well as PDF viewer that comes built into web browsers:
PDFex Attacks Exploit Two PDF Vulnerabilities
Discovered by a team of German security researchers, PDFex works because of the two major weaknesses in the PDF encryption, as described below:
1) Partial Encryption — Standard PDF specification by design supports partial encryption that allows only strings and streams to be encrypted, while objects defining the PDF document's structure remains unencrypted.
Thus, support for mixing of ciphertexts with plaintexts leaves an opportunity for attackers to easily manipulate the document structure and inject malicious payload into it.
2.) Ciphertext Malleability — PDF encryption uses the Cipher Block Chaining (CBC) encryption mode with no integrity checks, which can be exploited by attackers to create self-exfiltrating ciphertext parts.
PoC Exploit Released for PDFex Attacks
The team of researchers, which includes six German academics from Ruhr-University Bochum and Münster University, has reported their findings to all affected vendors and also released proof-of-concept exploits for PDFex attacks to the public.
For more technical details of the PDFex attacks, you can head on to this dedicated website released by the researchers and the research paper [PDF] titled, "Practical Decryption exFiltration: Breaking PDF Encryption."