Remote Code Execution via Fax Machine Interface - Security Exploit Analysis
media.ccc.de via YouTube
Overview
Explore a fascinating conference talk from the 38th Chaos Communication Congress (38C3) that delves into exploiting printer security vulnerabilities through fax interfaces. Learn how researchers Rick de Jager and Carlo Meijer discovered and leveraged a printer bug at Pwn2Own Ireland to achieve remote code execution through an often-overlooked fax feature. Discover the surprising relevance of this vintage technology in modern security contexts, particularly in institutions like municipalities, banks, and courts that still rely on fax communications. Watch live demonstrations showcasing practical exploits, including running Doom on compromised devices, while gaining technical insights into printer security vulnerabilities. Understand the implications of these security findings for organizations still utilizing fax-enabled devices, presented with a blend of technical depth and entertaining demonstrations.
Syllabus
38C3 - Dialing into the Past: RCE via the Fax Machine – Because Why Not?
Taught by
media.ccc.de