Logs are a vital component for maintaining application reliability, performance, and security. They serve as a source of information for developers, security teams, and other stakeholders to understand what has happened or gone wrong within an application. However, logs can also be used to compromise the security of an application by injecting malicious content. In this presentation, we will explore how ANSI escape sequences can be used to inject, vandalize, and even weaponize plaintext logfiles of modern applications. We will revisit a vulnerability class thats been dormant for over two decades, dig into old terminal injection research and log tampering techniques from the 80-90s, and combine them with new features. With the pure intention to create chaos and mischief in the modern cloud cli’s, mobile, and feature-rich DevOps terminal emulators of today. Shine some light on the consequences, and learn how and why we should avoid passing on malicious escape sequences into our logfiles. To ensure that users acutally can trust the data inside their logs. Join us on this “”not so black and white,”” but rather quite colorful ANSI adventure and learn how to prevent a forensic nightmare.
Stok: Hacker/Creative STÖK is passionate about learning new things and sharing his curiosity with the world. For the last 3 decades, he has professionally hacked anything from computers/tech to marketing, fashion, communication, and the human mind. By delivering fast-paced, engaging onstage presentations and creating educational cybersecurity video content for the hacker community. His curiosity and “”Good Vibes Only”” mentality have reached and inspired millions of people around the world. HACKERS GONNA HACK. CREATORS GONNA CREATE. GOOD VIBES ONLY