Weaponizing Plain Text - ANSI Escape Sequences as a Forensic Nightmare

Explore the dark side of log manipulation in this 49-minute conference talk from Ekoparty 2023. Dive into the world of ANSI escape sequences and their potential for injecting, vandalizing, and weaponizing plaintext logfiles in modern applications. Revisit a dormant vulnerability class, examining old terminal injection research and log tampering techniques from the 80s and 90s, while combining them with new features to create chaos in cloud CLIs, mobile devices, and DevOps terminal emulators. Learn about the consequences of malicious escape sequences in logfiles and discover preventive measures to ensure log data integrity. Join hacker and creative STÖK on this colorful ANSI adventure to understand the importance of trustworthy log data and how to avoid a potential forensic nightmare in application security.