Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Exploiting the Lexmark PostScript Stack

Hack In The Box Security Conference via YouTube

Overview

Dive into the intricacies of exploiting Lexmark printers' custom PostScript stack in this 49-minute conference talk from Hack In The Box Security Conference. Explore the internals of Lexmark's closed-source 'pagemaker' service, gain an introduction to the PostScript language, and understand the functionality crucial for exploiting discovered vulnerabilities. Learn about the mitigations implemented by the 'pagemaker' service, its sandboxing techniques, and how bugs were identified. Discover how pre-auth remote code execution was achieved using out-of-bounds read and type confusion bugs during the Pwn2Own Toronto 2022 contest. Benefit from the speaker's 20+ years of industry experience in exploit development, including work with the Exploit Development Group at NCC Group, BlackBerry, and Symantec.

Syllabus

#HITB2023HKT D1T1 - Exploiting The Lexmark PostScript Stack - Aaron Adams

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Exploiting the Lexmark PostScript Stack

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.