Difference between revisions of "Canon PIXMA"

From DoomWiki.org

[checked revision][checked revision]
m (Ooops!)
m (LED -> LCD :P)
Line 1: Line 1:
[[Image:DoomCanonPIXMA.png|thumb|right|240px|The Doom title screen appears on the printer's console LED, overriding the normal user interface.]]
+
[[Image:DoomCanonPIXMA.png|thumb|right|240px|The Doom title screen appears on the printer's console LCD, overriding the normal user interface.]]
 
'''Doom for the Canon PIXMA''' was revealed on September 12, 2014, as part of an {{wp|Exploit (computer security)|exploit}} demonstration against the Canon PIXMA printer by white hat security researcher Michael Jordon. It is a basic [[source port|port]] of the [[Linux Doom]] code base to the proprietary {{wp|ARM architecture|ARM}}-based smart device platform residing inside the peripheral.
 
'''Doom for the Canon PIXMA''' was revealed on September 12, 2014, as part of an {{wp|Exploit (computer security)|exploit}} demonstration against the Canon PIXMA printer by white hat security researcher Michael Jordon. It is a basic [[source port|port]] of the [[Linux Doom]] code base to the proprietary {{wp|ARM architecture|ARM}}-based smart device platform residing inside the peripheral.
  
Line 5: Line 5:
 
It was discovered by various hackers and researchers that the Canon PIXMA printer had a vulnerable web management frontend, unprotected by any password mechanism, which includes the capability to check for, download, and automatically apply unsigned firmware updates. Some 32000-plus such devices are known to be exposed directly to the Internet. Jordon was able to break the weak XOR cipher encryption applied to the firmware with relative ease.  
 
It was discovered by various hackers and researchers that the Canon PIXMA printer had a vulnerable web management frontend, unprotected by any password mechanism, which includes the capability to check for, download, and automatically apply unsigned firmware updates. Some 32000-plus such devices are known to be exposed directly to the Internet. Jordon was able to break the weak XOR cipher encryption applied to the firmware with relative ease.  
  
As a demonstration of concept with regard to the ability to upload and execute arbitrary payloads by triggering the device's self-updating capabilities, Jordon ported the [[Doom]] [[source code]] to its internal computer architecture. The device, with a 32-bit ARM processor, 10 Megabytes of RAM, and large color LED display, had more than enough resources to support the program. To keep the size of the payload reasonable, only the [[shareware]] [[IWAD]] is included.
+
As a demonstration of concept with regard to the ability to upload and execute arbitrary payloads by triggering the device's self-updating capabilities, Jordon ported the [[Doom]] [[source code]] to its internal computer architecture. The device, with a 32-bit ARM processor, 10 Megabytes of RAM, and large color LCD display, had more than enough resources to support the program. To keep the size of the payload reasonable, only the [[shareware]] [[IWAD]] is included.
  
 
The source port is not currently open or available for download, presumably because it relies on reverse engineered information about the printer architecture that would be protected under copyright and trade secret laws. The game is not playable, and has [[palette]] issues during game play which Jordon does not intend to spend time addressing, having already made his point.
 
The source port is not currently open or available for download, presumably because it relies on reverse engineered information about the printer architecture that would be protected under copyright and trade secret laws. The game is not playable, and has [[palette]] issues during game play which Jordon does not intend to spend time addressing, having already made his point.

Revision as of 11:05, 16 September 2014

The Doom title screen appears on the printer's console LCD, overriding the normal user interface.

Doom for the Canon PIXMA was revealed on September 12, 2014, as part of an exploit demonstration against the Canon PIXMA printer by white hat security researcher Michael Jordon. It is a basic port of the Linux Doom code base to the proprietary ARM-based smart device platform residing inside the peripheral.

Exploit

It was discovered by various hackers and researchers that the Canon PIXMA printer had a vulnerable web management frontend, unprotected by any password mechanism, which includes the capability to check for, download, and automatically apply unsigned firmware updates. Some 32000-plus such devices are known to be exposed directly to the Internet. Jordon was able to break the weak XOR cipher encryption applied to the firmware with relative ease.

As a demonstration of concept with regard to the ability to upload and execute arbitrary payloads by triggering the device's self-updating capabilities, Jordon ported the Doom source code to its internal computer architecture. The device, with a 32-bit ARM processor, 10 Megabytes of RAM, and large color LCD display, had more than enough resources to support the program. To keep the size of the payload reasonable, only the shareware IWAD is included.

The source port is not currently open or available for download, presumably because it relies on reverse engineered information about the printer architecture that would be protected under copyright and trade secret laws. The game is not playable, and has palette issues during game play which Jordon does not intend to spend time addressing, having already made his point.

External links