Posted on by and filed under CSAW 2014.

For this challenge, we are given a PDF file named pdf.pdf.

The challenge

We check out the printable characters of the PDF file and notice that streams are being used. We attempt to decode the stream objects but shifted toward another approach when we realize that document objects (images, textboxes, etc.) could be stacked.

Using Adobe Acrobat Professional, we are able to quickly export the PDF document to Microsoft Word’s DOCX format. Microsoft Word allows us to move the overlaying image in hopes that we find our flag as an image or some sort of formatted text.

Microsoft Word shows the same view as the PDFMicrosoft Word allows us to move the overlaying image

We locate our flag: flag{security_through_obscurity}.

We are able to achieve the same result using Adobe Acrobat’s Edit Object feature, effectively enabling us to freely move about objects in the PDF. Additionally, we could use Google Docs’ automatic PDF-to-Doc conversion feature (when opening the PDF) to convert the document into an easily editable form.

This challenge was solved in collaboration with Joe Pate.