3d printer rootkit!
Posted by rmurphy
|
3d printer rootkit! May 08, 2020 03:59PM |
I've finally got my 3d printer setup and upgraded just how I want! 
I'm sure you can do more, it's endless but now I'm focusing on my CEH course and I've been thinking..
These LPC1768 boards based boards (SKR / MKS GEN-L etc), are capable of running a lot more than Marlin. I've already had some experience with malicious gcodes, I'm sure the author didn't intend for this to happen but I ran it and the nozzle drove straight into the bed!
This week I was a little bored so started poking around the Marlin code as I wanted to get the piezo buzzer to do more than beep, Then I discovered M300, I searched on Google and you can get it to play Mozart!
I have trawled through so many YouTube videos on 3d printing as I am quite new to it, but I see so many 'hacks' like printers left running unattended and wires hanging out etc, but its on WiFi with a cam so they think it's ok as they can stop it remotely. The Anet A8 is a fire hazard anyway and with such a small amount of flash, I've seen guides detailing how to save space by disable safety features!
But having this hooked up to the internet via an 8266 / Pi etc opens doors for the hacker. For the hacker, the opportunities to wreak havoc are endless, here are the first few things I can think of:
I have already seen news highlighting potential issues with the big commercial setups. A rig printing aircraft parts that has been tampered with could be catastrophic.
I have not seen anything malicious yet but I may put together a proof of concept if I get the time. These 3d printers are not IoT light switches, they are potentially quite dangerous.
I'm sure you can do more, it's endless but now I'm focusing on my CEH course and I've been thinking..These LPC1768 boards based boards (SKR / MKS GEN-L etc), are capable of running a lot more than Marlin. I've already had some experience with malicious gcodes, I'm sure the author didn't intend for this to happen but I ran it and the nozzle drove straight into the bed!
This week I was a little bored so started poking around the Marlin code as I wanted to get the piezo buzzer to do more than beep, Then I discovered M300, I searched on Google and you can get it to play Mozart!
I have trawled through so many YouTube videos on 3d printing as I am quite new to it, but I see so many 'hacks' like printers left running unattended and wires hanging out etc, but its on WiFi with a cam so they think it's ok as they can stop it remotely. The Anet A8 is a fire hazard anyway and with such a small amount of flash, I've seen guides detailing how to save space by disable safety features!
But having this hooked up to the internet via an 8266 / Pi etc opens doors for the hacker. For the hacker, the opportunities to wreak havoc are endless, here are the first few things I can think of:
- Malicious g-codes to ruin what you are printing for a start.
- Take your build of Marlin (your source-code wont be hard to find I'm sure on the network), tweak it with customization's to suit the hacker. If the board supports firmware update from onboard sd-card that is accessible then all this is easy
- Instead of just replacing your firmware with a subtle tweaked version, how about just flashing something custom that causes destruction using the heaters, steppers and whatever else may be attached.
- Brick your board, install a rootkit within the boot loader, you would have no idea that your printer has a persisted backdoor that a standard firmware flash does not remove.
- 3d printing is all about being creative, there is a lot a bad stuff that you could do as a malicious hacker.
- Imagine randomly having first layer extrusion issues that absolutely don't go away, or your print fails randomly sometimes.It's all possible!
I have already seen news highlighting potential issues with the big commercial setups. A rig printing aircraft parts that has been tampered with could be catastrophic.
I have not seen anything malicious yet but I may put together a proof of concept if I get the time. These 3d printers are not IoT light switches, they are potentially quite dangerous.
|
Re: 3d printer rootkit! May 09, 2020 01:23AM |
3D printers "designers" learning mechanic, electricity, electronic with youtube videos don't need any hackers to achieve the behaviors you describe !
Edited 1 time(s). Last edit at 05/09/2020 01:23AM by MKSA.
"A comical prototype doesn't mean a dumb idea is possible" (Thunderf00t)
Edited 1 time(s). Last edit at 05/09/2020 01:23AM by MKSA.
"A comical prototype doesn't mean a dumb idea is possible" (Thunderf00t)
Sorry, only registered users may post in this forum.