Explore the hidden vulnerabilities and steganographic techniques in popular archive formats during this Black Hat EU 2010 conference talk. Delve into the world of ZIP, 7ZIP, RAR, CAB, and GZIP file formats, uncovering 15 newly discovered vulnerabilities that impact anti-malware scanners, digital forensics, security gateways, and IPS appliances. Learn how exploiting archive formats can lead to data hiding and processing errors with serious forensic consequences. Discover the potential risks in file formats that have been trusted for decades. Witness demonstrations of file format steganography, file malformation, and data "self-destruction" using commonly trusted tools. Get introduced to ArchiveInsider, a new forensics tool for detecting and extracting hidden data and validating vulnerable file formats. Gain insights from experts Mario Vuksan, Tomislav Pericin, and Brian Karney as they challenge popular beliefs about the security of these ubiquitous file formats found on every PC, Apple, and Linux machine.
Overview
Syllabus
Black Hat EU 2010 - Hiding in the Familiar: Steganography & Vulnerabilities in Pop Archives Formats
Taught by
Black Hat