Hacker News new | past | comments | ask | show | jobs | submit login
PoC||GTFO-18 [pdf] (alchemistowl.org)
134 points by signa11 9 months ago | hide | past | web | favorite | 9 comments

There are five different files in this wonderful polyglot PDF. Spoilers ahead:

    - The PDF you see when you open the file normally, with a big REJECTED stamp on the front page.
    - An HTML file, which is what you get if you open the file with extension .html or MIME-type text/html. This contains an SVG representation of the first page.
    - A ZIP file, which you can unpack by just running `unzip` over the file. This contains the various PoC code and other materials.
And, two more extra-special files which you can get by swapping the first 320 bytes with the other prefix of the SHAttered collision pair (this changes the file contents but not the SHA-1 hash!):

    - A PDF which shows ACCEPTED and a coffee stain on the first page instead of REJECTED
    - An HTML file which contains a nice CHIP8 emulator.

Since they ask for mirroring, I mirrored the PDF on IPFS. If you have IPFS running locally:


Otherwise you can access it via a public gateway here:


It bugs me probably more than it should, but I find it strange that issue 0x09 was followed by 0x10 instead of 0x0a...

If it makes you feel better, binary-coded decimal has a rich tradition.

"Technical Note: This file, pocorgtfo18.pdf , is valid as a PDF, ZIP, and HTML. It is available in two different variants, but they have the same SHA-1 hash"

Where do I find the second version? Couldn't find the link on the alchemistowl.org webpage, but they are mentioning two different MD5 and SHA256 Hashes.

The hashes are on this [0] page... But I don't see any variant. Maybe it was distributed on one of the mirrors?

[0] https://www.alchemistowl.org/pocorgtfo/

The variant has the same SHA-1 hash - you're meant to build it yourself. See https://shattered.io/.

Ah, so variant referred to the puzzle. Sorry, my PDF reader rejected the mag as invalid so I haven't quite read anything yet.

Following the call for new mirrors, I created another one: https://mirror.oldsql.cc/pocorgtfo/

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact