In this presentation I will go beyond the common printer issues and focus around penetration testing of internal networks by focusing on embedded devices such as multifunction printer (MFP). Discussing methods and techniques regularly used to plunder and pillage these devices for user credentials. Methods including authentication bypass, information leakage flaws, firmware attacks, and poorly designed security. By leveraging these methods and techniques I will discuss how we have successful gained access into core systems including email servers, file servers and Active directory domains on multiple occasions. Besides the manual methods and techniques a pentester can use to gather user credentials, I will also be discussing the current open source automated MFP data harvesting tool Praeda, and the current project to migrate it into Metasploit. In conclusion I will also be discussing best practices for reducing risk while still effectively leveraging MFP devices within a business environment.

Deral Heiland serves as a Senior Security Consultant for Rapid7’s professional services group where he is responsible for security assessments, and consulting for corporations and government agencies. Deral has over 20 years of experience in the Information Technology field; in his role with Rapid7 he performs penetration tests against networks of all shapes and sizes, applications of various stripes, embedded systems, SCADA networks, and everything in between. Deral has presented at numerous national and international security conferences including Black Hat, ShmooCon, Defcon, Securitybyte India, and Hackcon Norway. Deral has also been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC and PCworld.

Back to BSides Columbus Ohio 2015 video list