Difference between revisions of "Bibliography"
From Hacking Printers
(Created page with "[2014] Costin: "A Large-Scale Analysis of the Security of Embedded Firmwares" ----------------------------------- [2013] Zaddach: "Embedded Devices Security and Firmware Rev...") |
|||
| Line 1: | Line 1: | ||
| + | [2016] Müller: "Exploiting Network Printers" | ||
| + | |||
| + | * LINK: http://homepages.rub.de/jens.mueller-2/publications/2016-exploiting-network-printers.pdf | ||
| + | * CODE: https://github.com/RUB-NDS/PRET | ||
| + | |||
| + | ----------------------------------- | ||
| + | |||
[2014] Costin: "A Large-Scale Analysis of the Security of Embedded Firmwares" | [2014] Costin: "A Large-Scale Analysis of the Security of Embedded Firmwares" | ||
| Line 7: | Line 14: | ||
----------------------------------- | ----------------------------------- | ||
| − | + | [2014] Jordon: "ARM Wrestling a Printer" | Canon Firmware RCE | |
| − | * | + | * LINK: http://www.contextis.com/resources/blog/hacking-canon-pixma-printers-doomed-encryption/ |
----------------------------------- | ----------------------------------- | ||
| − | + | [2010] Costin: "Hacking Printers for Fun and Profit" | Use Word/JS/Java to deploy PostScript Payload | |
| − | + | ||
| − | + | * VIDEO: https://www.youtube.com/watch?v=R56ZXErKCeE | |
| − | * | + | |
| − | * | + | [2011] Costin: "PostScript(um): You’ve Been Hacked" | PS-Shell | Look into Firmware | API available to PS-Language | {Memory Dumper, BSD-Sockets}, Xerox Firmware Update via PS-File, MSF/Attacking Demo Toolkit |
| + | |||
| + | * LINK: https://www.corelan.be/index.php/2012/05/25/hitb2012ams-day-2-postscript-danger-ahead/ | ||
| + | * VIDEO: https://www.youtube.com/watch?v=PqL5P46m_zQ | ||
----------------------------------- | ----------------------------------- | ||
| − | + | [2011] Cui: "Print me if you Dare" | HP Firmware RCE | |
| − | * | + | * TALK: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html |
| − | * | + | * TALK: http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html |
| − | * | + | * VIDEO: https://www.youtube.com/watch?v=njVv7J2azY8 |
| − | * | + | * SLIDES: http://ids.cs.columbia.edu/sites/default/files/CuiPrintMeIfYouDare.pdf |
----------------------------------- | ----------------------------------- | ||
| − | + | [2011] Smith: "Printers gone Wild" | PrintFS PJL filesystem | |
| − | * | + | * LINK: http://blog.c22.cc/2011/01/29/shmoocon-2011-printers-gone-wild/ |
| − | * | + | * CODE: http://www.remote-exploit.org/articles/printfs/index.html |
----------------------------------- | ----------------------------------- | ||
| − | + | [2011] Heiland: "From Printer to Pwnd" | Praeda toolkit | |
| − | * | + | * CODE: https://github.com/percx/Praeda |
| − | * | + | * VIDEO: https://www.youtube.com/watch?v=HMSLMsPJ010 |
| − | * | + | * SLIDES: http://www.slideshare.net/403Labs/exploiting-vulnerabilities-in-multifunction-printersa |
| − | + | [2011] Heiland: "From Patched to Pwned" | Xerox DLM RCE | |
| − | * | + | * LINK: http://foofus.net/goons/percx/Xerox_hack.pdf |
| − | * | + | * LINK: http://www.xerox.com/download/security/security-bulletin/1284332-2ddc5-4baa79b70ac40/cert_XRX12-003_v1.1.pdf |
----------------------------------- | ----------------------------------- | ||
| − | + | [2010] NBS: "Juste une imprimant?" | Lexmark/generic attacks | |
| − | * | + | * SLIDES: http://www.ossir.org/jssi/jssi2010/1A.pdf |
----------------------------------- | ----------------------------------- | ||
| − | + | [2006] Irongeek: "Hacking Network Printers" | HP/generic tricks | |
| − | * | + | * LINK: http://www.irongeek.com/i.php?page=security/networkprinterhacking |
----------------------------------- | ----------------------------------- | ||
| − | + | [2002] Slobotron: "Hacking HP Printers" | HP/generic tricks | |
| − | * | + | * LINK: http://search.lores.eu/realicra/hp_slobo.htm |
----------------------------------- | ----------------------------------- | ||
| − | + | [2002] Phenoelit: "Printer Exploration" | Hijetter PJL tool | |
| − | * | + | * LINK: http://www.phenoelit.org/hp/index.html |
| − | * | + | * CODE: PFT/Hijetter, libPJL, ChaiPortScan, ChaiCrack |
----------------------------------- | ----------------------------------- | ||
| − | + | [Miscellaneous] | |
| − | * | + | * https://www.altamiracorp.com/blog/employee-posts/hacking-hp-printers-for-fun-profit |
| − | * | + | * http://hackonadime.blogspot.com/2011/12/hacking-printers-pjl-basics.html |
| − | * | + | * https://www.ipa.go.jp/security/jisec/apdx/documents/20130312report_E.pdf |
| − | * | + | * http://www.darkreading.com/vulnerabilities-and-threats/corporate-espionages-new-friend-embedded-web-servers/d/d-id/1100343? |
| − | * | + | * https://homepages.laas.fr/matthieu/talks/secu-impression.pdf |
| − | + | ||
| − | + | ||
Revision as of 19:08, 22 December 2016
[2016] Müller: "Exploiting Network Printers"
- LINK: http://homepages.rub.de/jens.mueller-2/publications/2016-exploiting-network-printers.pdf
- CODE: https://github.com/RUB-NDS/PRET
[2014] Costin: "A Large-Scale Analysis of the Security of Embedded Firmwares"
[2013] Zaddach: "Embedded Devices Security and Firmware Reverse Engineering"
[2014] Jordon: "ARM Wrestling a Printer" | Canon Firmware RCE
[2010] Costin: "Hacking Printers for Fun and Profit" | Use Word/JS/Java to deploy PostScript Payload
[2011] Costin: "PostScript(um): You’ve Been Hacked" | PS-Shell | Look into Firmware | API available to PS-Language | {Memory Dumper, BSD-Sockets}, Xerox Firmware Update via PS-File, MSF/Attacking Demo Toolkit
- LINK: https://www.corelan.be/index.php/2012/05/25/hitb2012ams-day-2-postscript-danger-ahead/
- VIDEO: https://www.youtube.com/watch?v=PqL5P46m_zQ
[2011] Cui: "Print me if you Dare" | HP Firmware RCE
- TALK: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html
- TALK: http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html
- VIDEO: https://www.youtube.com/watch?v=njVv7J2azY8
- SLIDES: http://ids.cs.columbia.edu/sites/default/files/CuiPrintMeIfYouDare.pdf
[2011] Smith: "Printers gone Wild" | PrintFS PJL filesystem
- LINK: http://blog.c22.cc/2011/01/29/shmoocon-2011-printers-gone-wild/
- CODE: http://www.remote-exploit.org/articles/printfs/index.html
[2011] Heiland: "From Printer to Pwnd" | Praeda toolkit
- CODE: https://github.com/percx/Praeda
- VIDEO: https://www.youtube.com/watch?v=HMSLMsPJ010
- SLIDES: http://www.slideshare.net/403Labs/exploiting-vulnerabilities-in-multifunction-printersa
[2011] Heiland: "From Patched to Pwned" | Xerox DLM RCE
- LINK: http://foofus.net/goons/percx/Xerox_hack.pdf
- LINK: http://www.xerox.com/download/security/security-bulletin/1284332-2ddc5-4baa79b70ac40/cert_XRX12-003_v1.1.pdf
[2010] NBS: "Juste une imprimant?" | Lexmark/generic attacks
[2006] Irongeek: "Hacking Network Printers" | HP/generic tricks
[2002] Slobotron: "Hacking HP Printers" | HP/generic tricks
[2002] Phenoelit: "Printer Exploration" | Hijetter PJL tool
- LINK: http://www.phenoelit.org/hp/index.html
- CODE: PFT/Hijetter, libPJL, ChaiPortScan, ChaiCrack
[Miscellaneous]
- https://www.altamiracorp.com/blog/employee-posts/hacking-hp-printers-for-fun-profit
- http://hackonadime.blogspot.com/2011/12/hacking-printers-pjl-basics.html
- https://www.ipa.go.jp/security/jisec/apdx/documents/20130312report_E.pdf
- http://www.darkreading.com/vulnerabilities-and-threats/corporate-espionages-new-friend-embedded-web-servers/d/d-id/1100343?
- https://homepages.laas.fr/matthieu/talks/secu-impression.pdf
