So here we are, summing up 1.5 years of research of “Hacking MFPs Part1″ and opening dawns of “Hacking MFPs Part2″.

This post will present the videos that accompanied the presentations. Source code to follow in the upcoming days.

NOTE: the videos are subtitled - use CC button in the players window to turn them on

Hacking MPFs/printers Part1 - Printer map, geolocation, public-exposure, data-harvesting

Hacking MFPs Part1 - Locally-Initiated PPE (Printing Payload Exploit)

Hacking MPFs Part1 - Remote-Initiated PPE (Printing Payload Exploit)

Hacking MFPs Part2 (soon to come) - Printer code execution - Shell, Memory dumper, Printer connections

Thanks to the great organisers of the conferences where these were presented, as well as big thank for the nice and patient audiences !

Hacking printers MFPs part1 for fun and profit andrei costin #days EuSecWest hack.lu HackCon phNeutral SEC-T SyScan T2

Harvesting Boarding Passes

It’s clear that personal and sensitive data should be protected by all means.
However it’s trully sad to see that people deliberately or unconsciously reveal very sensitive details about them, despite the fact that society is very concerned with “big brother” actions of 3rd-parties in the first place.

Following are just few (ab)use scenarios which I quickly came up with - the sky is the limit (in all it’s meanings !) when playing with someone’s flight…

I am not saying that every everage Joe kind of person will be tracked by these means in “a la” agent 007 style, but imagine an important science person/professor (dealing with sensitive issues, like for example nuclear R & D) being a target of such attack. And yes, I have seen interesting university&academia related boarding passes exposed…

Person identification

- learn sensitive details
- learn (airline) preferences and Frequent Traveller (FT) (to put the importance of this kind of information, let me remind you about WhiteHouse directive leaked thru WikiLeaks suggesting FT data harvesting by US embassies worldwide)
- learn susceptability to “Frequent Traveller Customer Service” impersonation/social engineering attacks
- learn travelling habits (departure hours, taken routes, etc.)

Person (location) tracking

Read more! »

Hybrid++ car concept - fuel, electric and bicycles/dynamos

During a coffee break, this idea came to my mind. Thought to post rather than throw it to brain-garbage.

Here is the concept of a hybrid car concept - fuel, electric and bicycles/dynamos - all in the name of so pushed greener and healthier tomorrow…

Idea is simple - why not having “pluginable” seats for electric cars, where bicycles/dynamo machines can be used with a two-fold purpose - get yourself fit (while husband/wife drives you to work) and at the same time charge your car so that you burn your green electricity later when needed?

Read more! »

Idling my mind on some out-of-band thoughts, I started realizing that we (as humans, as participants of the virtual social networks, as participants of real-life social networks having a virtual space representation) are in the process of training the most impressive AI yet to come. The technology and the hardware brains are almost there, spreaded around the globe and our orbital space. It lacks the outmust AI.

Just thinking on the meaning of giving a like/dislike on one of the following combination (youtube/facebook/buzz/tweeter/etc)x(video/photo/comment/text/article/etc) is mostly equivalent on training a huge neural network with AI node-weight (one can view the weights as simply 1/-1, or one can view the nodes’ weights as a more complex formula - for example, given a specific user/node, AI calculates the weight of his/her like/dislike voting based on the familiarity of AI with that user, etc.)

The nodes are contextually aware (eg. text which is easily parseable, video/photo which is at least parseable by the means of meta-information and yet content analysis by audio/video level algorithms are growing) and basically the AI is becoming more and more trained not just about social interactions (which it is already and mostly is), but also about our emotions (eg. when these is a comment fight with a lot of slang and cursing and dislikes and likes going around), our way of thinking and taking decision whether we like/dislike a given piece of information in a given context.

Combine that with the HAD (Human Aided Design&Decision taking, which is exactly opposite to CAD) (eg. people aiding the AI by manually correcting wrongly detected and/or recognized faces/objects in photos/videos)…

…and you pick your result.

Just my threaded thought.

Finally got some time to put all the papers in one place.

Papers’ content overlap, but each one has something specific to the given conference, so feel free to explore.

Here is my papers archive.

Feel free to:

• point out errors (and yes, we accept constructive criticism )
• suggest corrections
• suggest improvements

More to come, stay tuned…

Cheers,
zveriu

Tags: Hacking Printers MFPs for fun profit and (anti)warfare Andrei Costin hack.lu syscan eusecwest t2 sec-t

Since I have posted the original “Comprehensive list of security and hackers conferences and conventions 2010″, I have been thinking that maintaining that excel sucks.

So I have created a shared google calendar.

You can has XML RSS or HMTL.

If you need to integrate into your blog/page, here is the code snippet:

Code:

Feel free to:

• share the calendar
• suggest corrections and additions

Cheers,
zveriu

Tags: BlackHat DC, ShmooCon, RFIDsec, NDSS Symposium, RSA Conference, WiSec, CanSecWest, Easterhegg, Security Conference, BlackHat, Notacon, Infosec, HITB HITBSecConf Hack In the Box, SIGINT, CONfidence, LockCon, HAR, FIRST, REcon, H.O.P.E HOPE Hacker On Planet Earth 2600, Secrypt, DEF CON DEFCON, SEC-T, ToorCon, Hack.lu, DeepSec, CCC 27C3, LayerOne, BruCON, Xcon (Xfocus), Kiwicon, mrmcd, ShakaCon, АПроБИТ, list security hacker conferences