I am not a PS guru. All of that is gibberish to me. I think this is what is going on:
1) There is a single source file foo.ps
2) Since PS is interpreted, there is a statement like:
if(filename=="recommendation.ps") { show_recommendation(); }
else { show_give_security_clearance(); }
This attack will work on no matter what hash you use because it uses social engineering (i.e., laziness - no one looks inside their PS files)
Just RTFA'd. Their attack is much more involved than I describe. However, it should be trivial to do the same thing for an OpenOffice document or Word document. Maybe I will try it...
1) There is a single source file foo.ps 2) Since PS is interpreted, there is a statement like: if(filename=="recommendation.ps") { show_recommendation(); } else { show_give_security_clearance(); }
This attack will work on no matter what hash you use because it uses social engineering (i.e., laziness - no one looks inside their PS files)
I think so anyway...