YoVDO

Exploiting the Lexmark PostScript Stack

Offered By: Hack In The Box Security Conference via YouTube

Tags

Exploit Development Courses Vulnerability Analysis Courses Sandboxing Courses Bug Hunting Courses Remote Code Execution Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Dive into the intricacies of exploiting Lexmark printers' custom PostScript stack in this 49-minute conference talk from Hack In The Box Security Conference. Explore the internals of Lexmark's closed-source 'pagemaker' service, gain an introduction to the PostScript language, and understand the functionality crucial for exploiting discovered vulnerabilities. Learn about the mitigations implemented by the 'pagemaker' service, its sandboxing techniques, and how bugs were identified. Discover how pre-auth remote code execution was achieved using out-of-bounds read and type confusion bugs during the Pwn2Own Toronto 2022 contest. Benefit from the speaker's 20+ years of industry experience in exploit development, including work with the Exploit Development Group at NCC Group, BlackBerry, and Symantec.

Syllabus

#HITB2023HKT D1T1 - Exploiting The Lexmark PostScript Stack - Aaron Adams


Taught by

Hack In The Box Security Conference

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent Reverse Engineering and Exploit Development
Udemy Penetration Testing: Advanced Kali Linux
LinkedIn Learning Linux x86 Assembly and Shellcoding
Udemy Python : Sıfırdan İleri Seviyeye - Etik Hacker Örnekleriyle
Udemy