Speaker: Deral Heiland “PercX” and Pete Arzamendi “Bokojan” In this presentation we go beyond the common printer issues and focus on harvesting data from multifunction printer (MFP) that can be leveraged to gain access to other core network systems. By taking advantage of poor printer security and vulnerabilities during penetration testing we are able to harvest a wealth of information from MFP devices including usernames, email addresses, authentication information including SMB, Email, LDAP passwords. Leveraging this information we have successful gained administrative access into core systems including email servers, file servers and Active directory domains on multiple occasions. We will also explore MFP device vulnerabilities including authentication bypass, information leakage flaws, and XSS flaws. Tying this altogether we will discuss the development of an automated process for harvesting the information from MFP devices with the beta release of our new tool ‘PRAEDA’. For more information visit: bit.ly To download the video visit: bit.ly
Subscribe to our NewsletterLoading...
Tag CloudAnti Virus Protection Backtrack Blackhat Blog Botnet Cisco Cloud Security Cracking Cyber Security cyber security conference Data Security Educational Purposes Exploit Free Anti Virus Google Hack Hacking Hard Drive Recovery Honey Pot Honeypot Internet Security Lessons Learned Linux Mainstream Malware Management Tools Metasploit Mitm Network Security Nmap Passwords Penetration Penetration Testing Remote Exploit Security Test Speakers Ssl Steganography Symantec Testing Tool Voip Testing Vulnerabilities Wireshark Zero Day Zeus