Modern networked printers represent an often overlooked attack surface in corporate environments, running complex software stacks from embedded Linux to proprietary real-time operating systems. While these devices implement various security controls, fundamental vulnerabilities in their implementation can lead to complete system compromise.

This session, led by Peter Geissler, owner/offensive security researcher at HAXXIN, will cover:

• Firmware extraction and analysis techniques for Lexmark and Canon printers
• Exploitation of privilege separation mechanisms and service protocols
• Novel attack chains combining server-side request forgery and command injection
• Development of custom debugging tools for closed embedded platforms