In one week I will be traveling to Las Vegas to show how peepdf works in the Black Hat USA Arsenal. My time slot will be on Wednesday the 5th from 15:30 to 18:00, so you are more than welcome to come by and say hi, ask questions or just talk to me. I will also be presenting some of the work Rohit Dua is doing during the Google Summer of Code (GSoC), adding a scoring system for peepdf.
I wanted to prepare a challenge before my presentation in the Arsenal, so I have been working on that these past days. It is ready now, so I am releasing it today. Download the PDF file and play with it! There is no malicious content inside so you can (and you must) open the document with no fear. It is more the classical challenge that you can find in a CTF. I would recommend using versions of Adobe Reader prior to XI to see what you have to see ;) The challenge will finish after my Black Hat presentation and I will publish the winners and the solutions (if they allow me) the days after it. This is how the PDF file looks like:
The idea behind the challenge is using peepdf for all the analysis if it is possible (grabbing the process memory is not allowed! ;)). You can send your solutions to peepdf at eternal-todo dot com. I don't need a really nice report but I would like to see the steps you followed to solve the challenge, the tools you used (less tools is better!), etc. You can also come to the Arsenal and tell me your solution ;)
I don't have any sponsor (be free to offer you as sponsor!) or impressive prizes so I will send a peepdf t-shirt to the three best and fastest reports/solutions. If you are one of the winners and you are at Black Hat I could even bring something nice for you from the tulip country. But challenges are not about the prizes but about the challenge itself, right? ;) Please, spread the word and I hope you enjoy it!!