uriellberdeja

Original report

• Affected Vendor: OpenPrinting
• Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
• Affected Version: All versions <= 2.0.1 (latest release) and master.
• Significant ICS/OT impact? no
• Reporter: Simone Margaritelli [evilsocket@gmail.com]
• Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:

• https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8

uriellberdeja

#include <string>
#include <vector>
#include <fstream>
#include <iostream>
#include <filesystem>

#include <Windows.h>
#include <winternl.h>

static_assert( sizeof( void* ) == 8 );

uriellberdeja

Notes:

• Application does not consume system proxy configuration -> Solution: Modify /etc/hosts to redirect inbound requests (Burp)
• On Android the AOT Compilation option requires an Enterprise license or higher, is available only when the project is configured for Release mode, and it is disabled by default.(Source)

Regarding the interception of HTTP:

• https://docs.microsoft.com/en-us/xamarin/android/app-fundamentals/http-stack?tabs=macos

We did it through USB reverse tunneling and iptable rules local to the phone.