Explore the often overlooked security vulnerabilities of networked printers in this 45-minute conference talk from Nullcon Berlin 2024. Dive deep into the inner workings of office printers, examining their underlying Linux or proprietary real-time operating systems. Learn techniques for accessing and debugging closed, undocumented printer firmware. Examine three detailed exploit chains for various printer models, including memory corruption exploits for CANON ImageCLASS and logic bug chains for Lexmark printers, both leading to full device compromise. Gain insights into exploits submitted as part of the annual Pwn2Own competition, with a thorough breakdown of the bugs and exploitation methods. Enhance your understanding of network security, firmware exploits, and cybersecurity challenges in commonly overlooked office equipment.
Printer Hacking Adventures - Exploiting Network Vulnerabilities
Overview
Syllabus
Nullcon Berlin 2024 | Printer Hacking Adventures - Peter Geissler
Taught by
nullcon
Related Courses
-
New Isn't Always Novel - Finding Basic Vulnerabilities in Enterprise Software
-
Plunder, Pillage and Print - Exploiting Network Printers
-
Hacking Trains - Remote Access Vulnerabilities in Railway Systems
-
Exploiting the Lexmark PostScript Stack
-
PWN2OWN Austin 2021 - Phones, Printers, NAS, and More
-
PWN2OWN Austin 2021 - Phones, Printers, NAS, and More
