Difference between revisions of "Bibliography"
(6 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
== Research by date == | == Research by date == | ||
+ | |||
+ | === 2017 === | ||
+ | |||
+ | '''SoK: Exploiting Network Printers''' ([https://www.nds.rub.de/media/ei/veroeffentlichungen/2018/07/11/printer-security.pdf PDF]) | ||
+ | <br>by Jens Müller, Juraj Somorovsky, Vladislav Mladenov | Blogpost: [http://web-in-security.blogspot.de/2017/01/printer-security.html] | ||
=== 2016 === | === 2016 === | ||
− | '''Exploiting Network Printers: A Survey of Security Flaws in Laser Printers and Multi-Function Devices''' ([ | + | '''Exploiting Network Printers: A Survey of Security Flaws in Laser Printers and Multi-Function Devices''' ([https://www.nds.rub.de/media/ei/arbeiten/2017/01/30/exploiting-printers.pdf PDF]) |
− | <br>by Jens Müller | Proof-of-concept code: [https://github.com/RUB-NDS/PRET] | + | <br>by Jens Müller, Juraj Somorovsky, Vladislav Mladenov | Proof-of-concept code: [https://github.com/RUB-NDS/PRET] |
− | '''PWN Xerox Printers (...again): About Hardware Attacks and Insecure Cloning | + | '''PWN Xerox Printers (...again): About Hardware Attacks and Insecure Cloning''' ([https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf PDF]) |
− | <br>by Peter Weidenbach, Raphael Ernst | + | <br>by Peter Weidenbach, Raphael Ernst |
=== 2014 === | === 2014 === | ||
'''A Large-Scale Analysis of the Security of Embedded Firmwares''' ([https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-costin.pdf PDF]) | '''A Large-Scale Analysis of the Security of Embedded Firmwares''' ([https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-costin.pdf PDF]) | ||
− | <br>by Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti | + | <br>by Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti | Video: [https://www.youtube.com/watch?v=5gf6mFz1rPM] |
− | '''Hacking Canon Pixma Printers - Doomed Encryption''' ([http://www.contextis.com/resources/blog/hacking-canon-pixma-printers-doomed-encryption/ | + | '''Hacking Canon Pixma Printers - Doomed Encryption''' ([http://www.contextis.com/resources/blog/hacking-canon-pixma-printers-doomed-encryption/ HTML]) |
<br>by Michael Jordon | <br>by Michael Jordon | ||
Line 25: | Line 30: | ||
<br>by IPA Information-technology Promotion Agency, Japan | <br>by IPA Information-technology Promotion Agency, Japan | ||
− | === | + | === 2012 === |
− | '''PostScript | + | '''PostScript: Danger Ahead?!''' |
− | <br>by Andrei Costin | + | <br>by Andrei Costin | Slides: [https://infocon.org/cons/Hack%20In%20Paris/Hack%20In%20Paris%202012/Slides/Andrei-PostScript%20Danger%20Ahead.pdf] | Video: [https://www.youtube.com/watch?v=ygcs0m5C9ZI] |
+ | |||
+ | === 2011 === | ||
'''Print Me If You Dare: Firmware Modification Attacks and the Rise of Printer Malware''' | '''Print Me If You Dare: Firmware Modification Attacks and the Rise of Printer Malware''' | ||
Line 36: | Line 43: | ||
<br>by Ben Smith | Video: [http://www.securitytube.net/video/1395] | Proof-of-concept code: [http://www.remote-exploit.org/articles/printfs/index.html] | <br>by Ben Smith | Video: [http://www.securitytube.net/video/1395] | Proof-of-concept code: [http://www.remote-exploit.org/articles/printfs/index.html] | ||
− | '''From Printer to Pwnd''' | + | '''From Printer to Pwnd: Leveraging Multifunction Printers During Penetration Testing''' |
− | <br>by Deral Heiland | Slides: [http://foofus.net/goons/percx/defcon/P2PWND.pdf] | Video: [https://www.youtube.com/watch?v= | + | <br>by Deral Heiland | Slides: [http://foofus.net/goons/percx/defcon/P2PWND.pdf] | Video: [https://www.youtube.com/watch?v=PH4pTCmKgOg] | Proof-of-concept code: [https://github.com/percx/Praeda] |
− | '''From Patched to Pwned | + | '''From Patched to Pwned: Attacking Xerox's Multifunction Printers Patch Process''' ([http://foofus.net/goons/percx/Xerox_hack.pdf PDF]) |
<br>by Deral Heiland | <br>by Deral Heiland | ||
Line 45: | Line 52: | ||
'''Hacking Printers for Fun and Profit''' | '''Hacking Printers for Fun and Profit''' | ||
− | <br>by Andrei Costin | Video: [https://www.youtube.com/watch?v=R56ZXErKCeE] | + | <br>by Andrei Costin | Slides: [http://andreicostin.com/papers/Conf%20-%20Hack.lu%20-%202010%20-%20Luxembourg%20-%20AndreiCostin_HackingPrintersForFunAndProfit.pdf] | Video: [https://www.youtube.com/watch?v=R56ZXErKCeE] |
− | '''Juste une imprimant? | + | '''Juste une imprimant?''' |
<br>by NBS System | Slides: [http://www.ossir.org/jssi/jssi2010/1A.pdf] | <br>by NBS System | Slides: [http://www.ossir.org/jssi/jssi2010/1A.pdf] | ||
Line 53: | Line 60: | ||
'''Hacking Network Printers''' ([http://www.irongeek.com/i.php?page=security/networkprinterhacking HTML]) | '''Hacking Network Printers''' ([http://www.irongeek.com/i.php?page=security/networkprinterhacking HTML]) | ||
− | <br>by Irongeek | + | <br>by Adrian Crenshaw (Irongeek) |
=== 2002 === | === 2002 === |
Latest revision as of 12:05, 11 July 2018
Contents
Research by date
2017
SoK: Exploiting Network Printers (PDF)
by Jens Müller, Juraj Somorovsky, Vladislav Mladenov | Blogpost: [1]
2016
Exploiting Network Printers: A Survey of Security Flaws in Laser Printers and Multi-Function Devices (PDF)
by Jens Müller, Juraj Somorovsky, Vladislav Mladenov | Proof-of-concept code: [2]
PWN Xerox Printers (...again): About Hardware Attacks and Insecure Cloning (PDF)
by Peter Weidenbach, Raphael Ernst
2014
A Large-Scale Analysis of the Security of Embedded Firmwares (PDF)
by Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti | Video: [3]
Hacking Canon Pixma Printers - Doomed Encryption (HTML)
by Michael Jordon
2013
Embedded Devices Security and Firmware Reverse Engineering (PDF)
by Jonas Zaddach, Andrei Costin
Research Report on the Security of MFPs ([4])
by IPA Information-technology Promotion Agency, Japan
2012
PostScript: Danger Ahead?!
by Andrei Costin | Slides: [5] | Video: [6]
2011
Print Me If You Dare: Firmware Modification Attacks and the Rise of Printer Malware
by Ang Cui, Salvatore Stolfo | Slides: [7] | Video: [8]
Printers gone Wild (PrintFS PJL filesystem)
by Ben Smith | Video: [9] | Proof-of-concept code: [10]
From Printer to Pwnd: Leveraging Multifunction Printers During Penetration Testing
by Deral Heiland | Slides: [11] | Video: [12] | Proof-of-concept code: [13]
From Patched to Pwned: Attacking Xerox's Multifunction Printers Patch Process (PDF)
by Deral Heiland
2010
Hacking Printers for Fun and Profit
by Andrei Costin | Slides: [14] | Video: [15]
Juste une imprimant?
by NBS System | Slides: [16]
2006
Hacking Network Printers (HTML)
by Adrian Crenshaw (Irongeek)
2002
Understanding, Reversing, and Hacking HP Printers (HTML)
by Slobotron
Printer Exploration (PFT and Hijetter, libPJL, ChaiPortScan, ChaiCrack)
FtR of Phenoelit, FX of Phenoelit | Proof-of-concept code: [17]