Welcome! Log In Create A New Profile


3d printer rootkit!

Posted by rmurphy 
3d printer rootkit!
May 08, 2020 03:59PM
I've finally got my 3d printer setup and upgraded just how I want! smiling smiley I'm sure you can do more, it's endless but now I'm focusing on my CEH course and I've been thinking..

These LPC1768 boards based boards (SKR / MKS GEN-L etc), are capable of running a lot more than Marlin. I've already had some experience with malicious gcodes, I'm sure the author didn't intend for this to happen but I ran it and the nozzle drove straight into the bed!

This week I was a little bored so started poking around the Marlin code as I wanted to get the piezo buzzer to do more than beep, Then I discovered M300, I searched on Google and you can get it to play Mozart!

I have trawled through so many YouTube videos on 3d printing as I am quite new to it, but I see so many 'hacks' like printers left running unattended and wires hanging out etc, but its on WiFi with a cam so they think it's ok as they can stop it remotely. The Anet A8 is a fire hazard anyway and with such a small amount of flash, I've seen guides detailing how to save space by disable safety features!

But having this hooked up to the internet via an 8266 / Pi etc opens doors for the hacker. For the hacker, the opportunities to wreak havoc are endless, here are the first few things I can think of:

  • Malicious g-codes to ruin what you are printing for a start.
  • Take your build of Marlin (your source-code wont be hard to find I'm sure on the network), tweak it with customization's to suit the hacker. If the board supports firmware update from onboard sd-card that is accessible then all this is easy
  • Instead of just replacing your firmware with a subtle tweaked version, how about just flashing something custom that causes destruction using the heaters, steppers and whatever else may be attached.
  • Brick your board, install a rootkit within the boot loader, you would have no idea that your printer has a persisted backdoor that a standard firmware flash does not remove.
  • 3d printing is all about being creative, there is a lot a bad stuff that you could do as a malicious hacker.
  • Imagine randomly having first layer extrusion issues that absolutely don't go away, or your print fails randomly sometimes.It's all possible!

I have already seen news highlighting potential issues with the big commercial setups. A rig printing aircraft parts that has been tampered with could be catastrophic.

I have not seen anything malicious yet but I may put together a proof of concept if I get the time. These 3d printers are not IoT light switches, they are potentially quite dangerous.
Re: 3d printer rootkit!
May 09, 2020 01:23AM
3D printers "designers" learning mechanic, electricity, electronic with youtube videos don't need any hackers to achieve the behaviors you describe ! smiling smiley

Edited 1 time(s). Last edit at 05/09/2020 01:23AM by MKSA.

"A comical prototype doesn't mean a dumb idea is possible" (Thunderf00t)
Sorry, only registered users may post in this forum.

Click here to login