REGISTER
Cart

Exploiting the Lexmark PostScript Stack

REGISTER

Date

August 24, 2023

Time

10:30

Track

Track 1
Lexmark printers implement a custom closed source PostScript stack called `pagemaker` that NCC Group’s Exploit  Development Group exploited two different times during the Pwn2Own Toronto 2022 contest.
This talk will cover some internals of the Lexmark PostScript stack, an introduction to the PostScript language and related functionality required to understand exploitation of the discovered bugs, the mitigations implemented by the `pagemaker` service, how the  service is sandboxed, a brief overview of how the bugs were found, and how we were able to exploit it to achieve pre-auth remote code execution once using an out-of-bounds read and a second time using a type confusion bug.

Aaron Adams

Exploit Development

NCC Group

I’ve been working in the industry and interested in exploit development for over 20 years. I currently work for the Exploit Development Group (EDG) at NCC Group. In the past I also worked for BlackBerry and Symantec (previously SecurityFocus). I’ve published previous research blogs on exploiting Xen, Windows kernel, Cisco devices, Android, etc. Lately I’ve been focusing on exploiting embedded devices and the Linux kernel.

SUPPORTING ORGANIZATION

COMMSEC TRACK SPONSOR

CTF & CTF PRIZE SPONSOR

TCP/IP RECEPTION SPONSOR

SPEAKERS DINNER BY

POST CONFERENCE RECEPTION SPONSOR

EXHIBITOR

CRESTnew-logo-2

VILLAGES

RRG-Logo.png
hardwareninja.png

FRIENDS OF HITB

HACK IN THE BOX PTE LTD

Level 36, Menara Maxis,

Kuala Lumpur City Center,

50088 Kuala Lumpur,

Malaysia

Facebook Twitter Youtube