Explore a 41-minute DEF CON 31 conference talk that delves into the security implications of ANSI escape sequences in log files. Learn how these seemingly innocent plain text elements can be weaponized to inject malicious content, vandalize logs, and create forensic challenges in modern applications. Discover how combining historical terminal injection techniques from the 80s-90s with contemporary features can compromise cloud CLIs, mobile applications, and DevOps terminal emulators. Gain practical insights into preventing malicious escape sequence injection, ensuring log file integrity, and enabling security teams to conduct efficient incident investigations without data reconstruction challenges. Master both offensive and defensive aspects of this colorful ANSI security adventure to better protect application logging systems and forensic analysis processes.
Overview
Syllabus
DEF CON 31 - Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - STÖK
Taught by
DEFCONConference