{"version":"1.0","provider_name":"HITBSecConf2023 - Phuket","provider_url":"https:\/\/conference.hitb.org\/hitbsecconf2023hkt","title":"Exploiting the Lexmark PostScript Stack - HITBSecConf2023 - Phuket","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"TYYnf3KveS\"><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2023hkt\/session\/exploiting-the-lexmark-postscript-stack\/\">Exploiting the Lexmark PostScript Stack<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/conference.hitb.org\/hitbsecconf2023hkt\/session\/exploiting-the-lexmark-postscript-stack\/embed\/#?secret=TYYnf3KveS\" width=\"600\" height=\"338\" title=\"&#8220;Exploiting the Lexmark PostScript Stack&#8221; &#8212; HITBSecConf2023 - Phuket\" data-secret=\"TYYnf3KveS\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script>\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n<\/script>\n","description":"Lexmark printers implement a custom closed source PostScript stack called `pagemaker` that NCC Group&#8217;s Exploit\u00a0 Development Group exploited two different times during the Pwn2Own Toronto 2022 contest. This talk will cover some internals of the Lexmark PostScript stack, an introduction to the PostScript language and related functionality required to understand exploitation of the discovered bugs, [&hellip;]"}