That's apparently how 4chan got hacked a while back. They were letting users upload PDFs and were using ghostscript to generate thumbnails. From what I understand, the hackers uploaded a PDF which contained PostScript which exploited a ghostscript bug.
Yes but the primary issue was that 4chan was using over a decade old version of the library that contained a vulnerability first disclosed in 2012: https://nvd.nist.gov/vuln/detail/CVE-2012-4405
In one of my penetration testing training classes, in one of the lessons, we generated a malicious PDF file that would give us a shell when the victim opened it in Adobe.
Granted, it relied on a specific bug in the JavaScript engine of Adobe Reader, so unless they're using a version that's 15 years old, it wouldn't work today, but you can't be too cautious. 0-days can always exist.
True, I just considered that once you handle a PDF with so much care like if it was poisoned, it's perhaps better to send this poison to someone else to handle.
Good looking typesetting from markdown is surprisingly hard. Played with it a while myself, and it's really not fun.
.... is what I was going to say until I went and hit the print button and 10% of the text was missing and everything was right aligned in the top right corner.
Yikes. You may find it worthwhile to clone the repo, iterate over it with pandoc to make A Big HTML File and then use your browsers print feature or pandocs converter. That's about as good as you'll get without a lot of pain ime.
If you hide the left sidebar, and then print, then it is aligned correctly. Each H1 is on a separate page, which is certainly a choice, but on cursory inspection, it would seem as if all the content is there.
Ah, good catch. At work so didn't play with it too much.
Tbh, would probably still recommend rendering it with pandoc because the h1's being split that way does annoy me, but at least it gets the content right.
Location: Grand Forks, ND
Remote: No preference
Willing to relocate: Not currently, but am willing to travel as required
Technologies: Linux, Docker, Ansible, Python, Bash, Git, BSD, HTML, JS, VMWare, ProxMox, OpenStack
Resume: https://a-shared-404.com/hire-me/resume/Evan_Hoose_Resume.pdf
Email: Direct email is on my resume, or hnmail@a-shared-404.com
I'm looking for an SRE/DevOps role. Currently located in Grand Forks for my partners graduate degree, so am unable to leave for the next several years.
Hi all! I have deep experience with Linux, and especially automation using Ansible and Python, and my most recent work has involved me supporting an in house application across a wide variety of environments.
I've had no issue picking up and learning new programming languages as required, and spin up rapidly to new tasks and environments.
Thanks for reading, I look forward to the chance to work with your team!
Location: Central US.
Remote: Yes, travel ok, flexible timezone
Willing to relocate: No
Technologies: Linux, *BSD, Docker, Ansible, Technical Writing, Scripting (Bash, Python)
Resume/CV: https://a-shared-404.com/hire-me/resume/Evan_Hoose_Resume.pdf
Email: Available on my resume.
I'm a Systems Engineer with six years of experience managing Linux and UNIX boxes. I am open to any work not involving generative AI, and would love to work with a non-profit or a purpose driven company that I believe in.
