There are five different files in this wonderful polyglot PDF. Spoilers ahead:
- The PDF you see when you open the file normally, with a big REJECTED stamp on the front page.
- An HTML file, which is what you get if you open the file with extension .html or MIME-type text/html. This contains an SVG representation of the first page.
- A ZIP file, which you can unpack by just running `unzip` over the file. This contains the various PoC code and other materials.
And, two more extra-special files which you can get by swapping the first 320 bytes with the other prefix of the SHAttered collision pair (this changes the file contents but not the SHA-1 hash!):
- A PDF which shows ACCEPTED and a coffee stain on the first page instead of REJECTED
- An HTML file which contains a nice CHIP8 emulator.
"Technical Note:
This file,
pocorgtfo18.pdf
, is valid as a PDF, ZIP, and HTML. It is available in two
different variants, but they have the same SHA-1 hash"
Where do I find the second version? Couldn't find the link on the alchemistowl.org webpage, but they are mentioning two different MD5 and SHA256 Hashes.
