Abstract:
Document formats play a key role in storing and exchanging information across various domains and between parties. Their widespread use includes private users, businesses, and governments, with the latter two especially requiring authenticity and integrity to establish trust. However, these formats are verbose and intricate, resulting in a large attack surface of applications handling these files. Current research performs investigations either through intensive manual labor, which makes it challenging to achieve systematic completeness, or is bound to one format, in which case developed solutions are isolated. This thesis develops a novel security test generation and evaluation toolchain for the abstract Open Packaging Conventions (OPC) file format and proves its applicability to the well-known OOXML and 3MF formats. As an outcome, we present and discuss over 500 test cases executed against 12 different applications in both of these formats. The results reveal that processing applications of both formats accept an alarmingly high rate of malformed documents, ranging from 40% to 82%. This non-conformity poses a significant risk. We demonstrate that an attacker can create different processing flows that lead to UI Spoofing attacks by abusing this non-conformity behavior.