About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Faxsploit: What the fax!?- 82

Checkpoint ResearchPosted 6 Years Ago
  • One of the best pieces of research I have ever seen!
  • To start with, the amount of reversing on this project was unreal! It appears that the crazier projects are starting to have more and more of this...
  • In order to create a testable env, they used a serial connection (to pins on the board) and a known vulnerability in order to get a debugging env possible.
  • The details of exploiting this are quite awesome! Even though the stack was executable, this was not as simple as one would think (as it had an I-Cache and a D-cache). Using a ROP chain, the D-cache and I-cache were cleared. Then, some shellcode was written, on the stack, to make this exploitable. Finally, they had a usable debugging environment!
  • After the recon stage, on how fax machines work, two vulnerabilities were found within parsers. Each allowed for a very large buffer overflow, resulting in RCE.
  • They wrap up with not just an RCE, but how to weapon this vulnerability in the fax machine as a whole. Again, amazing research :)

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed