The year is 2023 and we’re still finding very basic vulnerabilities in enterprise software.

In this presentation, we detail how the hacker mindset can be applied to seemingly daunting tasks to make them more approachable. We will show how we approached our first Pwn2Own contest and how we discovered a command injection RCE vulnerability affecting nearly every Lexmark printer. We’ll take a look at why we think it went unnoticed in previous research and why current open-source static analysis tools miss this simple bug.

Finally we’ll release the exploit POC and an additional POC to dump credentials during engagements.

DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.

New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too

Conference: Defcon 31

Authors: James Horseman Vulnerability Researcher at Horizon3.ai, Zach Hanley Vulnerability Researcher at Horizon3.ai

Abstract

Post a comment

Related work