On Friday 14th of October 2022 Alex Plaskett (@alexjplaskett) and Cedric Halbronn (@saidelike) presented Toner Deaf - Printing your next persistence at Hexacon 2022. This talk demonstrated remote over the network exploitation of a Lexmark printer and persistence across both firmware updates and reboots. The video from this talk is now available here: https://www.youtube.com/watch?v=TUHcZptN6Jk The … Continue reading Toner Deaf – Printing your next persistence (Hexacon 2022)
Author: Alex Plaskett
NCC Con Europe 2022 – Pwn2Own Austin Presentations
Cedric Halbronn, Aaron Adams, Alex Plaskett and Catalin Visinescu presented two talks at NCC Con Europe 2022. NCC Con is NCC Group's annual private internal conference for employees. We have decided to publish these 2 internal presentations as it is expected that the wider security community could benefit from understanding both the approach and methodology … Continue reading NCC Con Europe 2022 – Pwn2Own Austin Presentations
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.
BrokenPrint: A Netgear stack overflow
This blog post describes a stack-based overflow vulnerability found and exploited in September 2021 in the Netgear R6700v3
POC2021 – Pwning the Windows 10 Kernel with NTFS and WNF Slides
Slides Alex Plaskett presented "Pwning the Windows 10 Kernel with NTFS and WNF" at Power Of Community (POC) on the 11th of November 2021
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 2
We look at exploitation without the CVE-2021-31955 information disclosure, enabling better exploit primitives through PreviousMode, reliability, stability and exploit clean-up and well as thoughts on detection
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
NCC Group's Exploit Development Group look at exploiting CVE-2021-31956 - the Windows Kernel (NTFS with WNF)