Reply to post: Sure, here's how I did it yesterday (not really).

Faxploit: Retro hacking of fax machines can spread malware

Robert Carnegie Silver badge

Sure, here's how I did it yesterday (not really).

As bad guys know already: there are historic bugs in widely used versions of JPEG image data handling library. JPEG is basically Zip file for pictures. Fax machines can handle JPEG data, and due to either a new bug or an unpatched old one, you can send binary data and code in the format of JPEG - maliciously malformed data - to a fax machine, and it will hit the bug and START EXECUTING THE PROGRAM CODE IN YOUR JPEG STREAM INSIDE THE FAX MACHINE. Well... there is some more work to do to get there from "buffer overflow" or "chair stacking", but it's not -difficult- work.

And since the fax machine these days is networked, once it's pwned, you have an enemy inside your camp - or your network.

So, no, please don't publish details, such as a QR code of the data file needed to hack any fax machine.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022