Upload

Loading icon Loading...

This video is unavailable.

ShmooCon 2011: Printer to PWND: Leveraging Multifunction Printers During Penetration Testing

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like Christiaan008's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike Christiaan008's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add Christiaan008's video to your playlist.

Uploaded on Feb 5, 2011

Speaker: Deral Heiland "PercX" and Pete Arzamendi "Bokojan"
In this presentation we go beyond the common printer issues and focus on harvesting data from multifunction printer (MFP) that can be leveraged to gain access to other core network systems. By taking advantage of poor printer security and vulnerabilities during penetration testing we are able to harvest a wealth of information from MFP devices including usernames, email addresses, authentication information including SMB, Email, LDAP passwords. Leveraging this information we have successful gained administrative access into core systems including email servers, file servers and Active directory domains on multiple occasions. We will also explore MFP device vulnerabilities including authentication bypass, information leakage flaws, and XSS flaws. Tying this altogether we will discuss the development of an automated process for harvesting the information from MFP devices with the beta release of our new tool 'PRAEDA'.

For more information visit: http://bit.ly/shmoocon2011_information
To download the video visit: http://bit.ly/shmoocon2011_videos

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

The interactive transcript could not be loaded.

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Loading icon Loading...

Loading...
Working...
to add this to Watch Later

Add to