Let's explore the risks of data leaks via PDF with examples in the wild and also small hand-crafted PoCs.
This stream is based on the slide deck:
https://speakerdeck.com/ange/an-overview-of-pdf-potential-leaks
Do you know how text can be stored in PDF files?
How censorship rectangles can be removed?
How pictures can be extracted?
0:0 Setup
0:30 Let's start!
2:00 Censored unclassified military report
3:32 Text renderings
6:06 Vector drawing
8:14 Image display
13:33 Cropping
19:12 Incremental updates
21:55 Form leaks
25:31 Conclusion
31:00 Metadata information (unblurred)