MORE ZERO-DAY Adobe Acrobat and VOAT Targeted! : Why are possibly MALWARE INFESTED PDFS being posted by new accounts, sourced on Proven FBI computers, and URL tagged as voat-oriented request? Why? (technology)

submitted ago by yob

The Mod of the subverse hosting the possible malware AND ATTACKING MY WARNINGs is Crensch, oddly. I do not know why Crensch is stopping warnings.

WHY ARE POSSIBLE EXPLOITS LIKE CVE-2019-7835 BEING POSTED ON VOAT TODAY?!

https://www.cvedetails.com/cve/CVE-2019-7835/

I am talking about THIS example first post by a new account that leads to a FBI computer and fetches a special payload seasoned PDF if the URL contains a URL attribute flag on it:

https://voat.co/v/GreatAwakening/3319004

URL (Don't open the PDF!) in his link, it's :

https://vault.fbi.gov/nikola-tesla?kek=top

fbi.gov is indeed actually fbi.gov, and the URL response is reveals a list of special PDFs you can download that may or may not be different , but the IP address will be tracked differently, due to attribute : "?kek=top"

Who is @Rondiggity and why is he testing the waters?

How many downvoats will his 20 other Fed voat accounts slam on my warning post?

Goats : avoid Using the insecure Adobe Acrobat Reader!!!

OVER 1000 backdoors tracked by security researchers!!!: Proof list :

https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&product_id=497

OMG!!! Click on "Score Descending" or force sort "Score Descending", and look at RED COLOR exploits!

Over 400 different severe backdoor EXPLOITS, out of 1000 total over the last 20 years, used by many evil people and LEA (Law Enforcement Agencies).

To see the 400 severe backdoor exploits, click on in sort area " CVSS Score Descending".

Competitors to Adobe Acrobat reader, have had at most ,10 severe exploits, for the most common competitor: Foxit Reader (for windows), mac products are typically even a little safer.

I used to use https://www.foxitsoftware.com/pdf-reader/ all the time to open up "free" ebooks tamperred with by russians (25% of free technical books on http://gen.lib.rus.ec/ are infested with malware backdoors that only work in standard "all options on" Adobe Acrobat reader.

You can cripple and remove most plugin features of the pro Acrobat reader, to make it have no javascript, scripting, flash, movies, java, links to outside payloads, and then instead of 1000 backdoors into your operating system when opening up a document in Adobe Acrobat, only 50 backdoors, historically.

Every couple weeks a new serious exploit is discovered, moslty written by NSA/CIA/FBI/DIA/NRO/HomeLand Security/StateDepartment 5Eyes, and every large nation state.

Foxit is so popular it too is attacked :

Foxit PDF fresh list of historic backdoors :

https://www.cvedetails.com/vulnerability-list/vendor_id-7654/product_id-16993/

Click on "Score Descending", and look at RED COLOR exploits!

10, just 10 for foxit in list, versus over 400 red critical backdoors in Adobe Acrobat. You can count them both yourself.

Some security researchers have TWO airgapped machines on their desk, one for technical PDFs and company email and browsing, the other machine for their security programming and pen-testing.

I Do not know why so many sudden downvotes by Crensch and FBI shills on my v/AskVoat/3319513 warning to voat users?!?

My warning : https://voat.co/v/AskVoat/3319513

LOOK AT THE FBI ACTIVITY AGAINST v/AskVoat/3319513 !*

TL;DR : THERE IS NO SAFE WAY TO EVER OPEN A SINGLE PDF , EVER! And voat users need to be very wary of using the same computer they use on voat, with machines they open PDFs!!!

WHY is this Happening Here On Voat?!

You are viewing a single comment's thread.

view the rest of the comments →

eye-bean-around ago

Can pdf be archived or similar?

yob ago

great question! great solution

A Classic PDF can be printed in a public domain "GhostScript" Postscript renderer, enhanced for page break control. This stream meant to be sent to a PostScript capable printer can be considered EXTREMELY SAFE.

Think of it as PRINTING A PDF to a new SAVED PDF.

The problem? Weird obfuscation for line speed in Apple's operating system to use a large token database lookup table sent with the document to APPLE postscript devices.

Another problem... wierd DRM control that does no actual DRM other than DRM authentication itself, forcing some documents to be very nonstandard PDF. Ghostscript DOES support PDF passwords (used on self published ebooks).

How to Use Ghostscript

https://www.ghostscript.com/doc/current/Use.htm

Using Ghostscript with PDF files :

https://www.ghostscript.com/doc/current/Use.htm#PDF

Ghostscript has been around since 1986 as far as I recall. Now it is used by the security paranoid to "scrub" pdfs for use on their other devices.

You can even use it to actually render into PNG images, but that crap cannot be text searched.

pitenius ago

I tried to report this to GLP. Banned. Thanks, OP.

yob ago

Banned?

search for "GLP is a Tavistock honeypot" on internet. Or read sites discussing "Conspirators' Hierachy: The Story of The Committee of 300". Or parts of https://educate-yourself.org/nwo/nwotavistockbestkeptsecret.shtml

You can easily be banned on GLP ( https://www.godlikeproductions.com/ ) If you get too close to outing any Glow In the Dark methodologies.

Glow in the Dark : https://hooktube.com/watch?v=AbG6u86t4bA

pitenius ago

I know it's easy to get banned there. I'm not sure what the Tavistock connexion is to GLP. Full disclosure: I've spoken there a handful of times. The whole thing was creepy and compartmentalized. In better days... Now... I'm rather isolated and working for a religious cult.

I'll keep an eye out for you. You are a good one.

prairie ago

Couldn't there be GS exploits as well? Seems the safest approach is to use a pdf-to-png website.

yob ago

You are correct and bring up good points. Malformed embedded fonts, or png, in a PDF could be engineered to silently exploit common pre-compiled GhostScript on a specific OS such as windows, and still escape out of Ghostscript, and using other zero-day exploits leveraged to then install payload deep into an OS. The solution is to alter your ghostscript and compile non optimized, but the weakness could still be confined to the embedded fonts, or png library, and those too would need special care, plus the defect might survive recompiling.

Running ghostscript to create postscript (.ps) files inside a VM, and concatenating back to a ultra clean PDF file, and turning embedded fonts into system standard postscript default fonts, and re-rezzing PNG and JPEG to similar resolution replacements, would STERILIZE the PDF enough that you coiuld add it to your tech library, or distribute the file to your engineering team safely.

It would be semi simple to write a batch file to do all that and even shove it in and out of a VM.

The problem is that every VM ever written has been exploited and excaped out of, infecting the host os. Once main vector is by glitching the video driver seen by the VM.

I talk too much.