Blackhat Europe 2010: Uncovering Hidden Data & Vulnerabilities in Archive Formats 🔍
Join experts Mario Vuksan, Tomislav Pericin, and Brian Karney as they explore how archive formats can hide steganographic data and reveal processing vulnerabilities, enhancing your cybersecurity knowledge.
Christiaan008
1.8K views • May 15, 2010
About this video
Clip 1/8
Speakers: Mario Vuksan, Tomislav Pericin & Brian Karney
Exploiting archive formats can lead to steganographic data hiding and to processing errors with serious forensic consequences. These formats are very interesting as they are commonly found on every PC, Apple or Linux machine, and it is popularly believed that they are well understood and trusted. Can exploits ever be present in file formats that have been in use for over ten or even twenty years?
Through deep format analysis, beyond fuzzing, we look at what goes wrong when the format specifications are interpreted differently. Can you trust programs that work with archives? Can you even trust your antivirus? We will answer these questions and disclose for the first time 15 newly discovered vulnerabilities in ZIP, 7ZIP, RAR, CAB and GZIP file formats revealing the impact they have on anti-malware scanners, digital forensic, security gateways and IPS appliances.
This talk will include demo of ArchiveInsider, a new forensics tool that detects and extracts hidden data and fully validates vulnerable file formats. We will demonstrate file format steganography, file malformation, and even data "self destruction," all with tools that you use and trust.
For more information or presentation slides go to the Blackhat site (http://bit.ly/ddWYic)
Speakers: Mario Vuksan, Tomislav Pericin & Brian Karney
Exploiting archive formats can lead to steganographic data hiding and to processing errors with serious forensic consequences. These formats are very interesting as they are commonly found on every PC, Apple or Linux machine, and it is popularly believed that they are well understood and trusted. Can exploits ever be present in file formats that have been in use for over ten or even twenty years?
Through deep format analysis, beyond fuzzing, we look at what goes wrong when the format specifications are interpreted differently. Can you trust programs that work with archives? Can you even trust your antivirus? We will answer these questions and disclose for the first time 15 newly discovered vulnerabilities in ZIP, 7ZIP, RAR, CAB and GZIP file formats revealing the impact they have on anti-malware scanners, digital forensic, security gateways and IPS appliances.
This talk will include demo of ArchiveInsider, a new forensics tool that detects and extracts hidden data and fully validates vulnerable file formats. We will demonstrate file format steganography, file malformation, and even data "self destruction," all with tools that you use and trust.
For more information or presentation slides go to the Blackhat site (http://bit.ly/ddWYic)
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
1.8K
Likes
4
Duration
10:01
Published
May 15, 2010
User Reviews
3.8
(1) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.