CONTACT US

A MONITOR DARKLY

IS YOUR MONITOR DISPLAYING
THE TRUTH?

Reversing and exploiting ubiquitous on-screen display controllers in modern monitors.

A MONITOR DARKLY

IS YOUR MONITOR DISPLAYING
THE TRUTH?

Reversing and exploiting ubiquitous on-screen display controllers in modern monitors.

CLIENT

Internal R&D

YEAR

2017

On-screen-display (OSD) controllers are ubiquitous components in nearly all modern monitors. OSDs are typically used to generate simple menus on the monitor, allowing the user to change settings like brightness, contrast and input source. However, OSDs are effectively independent general-purpose computers that can: read the content of the screen, change arbitrary pixel values, and execute arbitrary code supplied through numerous control channels. This internal research demonstrates multiple methods of loading and executing arbitrary code in a modern monitor and discusses the security implication of this novel attack vector.

ย 

https://github.com/RedBalloonShenanigans/MonitorDarkly

CLIENT

Internal R&D

YEAR

2017

On-screen-display (OSD) controllers are ubiquitous components in nearly all modern monitors. OSDs are typically used to generate simple menus on the monitor, allowing the user to change settings like brightness, contrast and input source. However, OSDs are effectively independent general-purpose computers that can: read the content of the screen, change arbitrary pixel values, and execute arbitrary code supplied through numerous control channels. This internal research demonstrates multiple methods of loading and executing arbitrary code in a modern monitor and discusses the security implication of this novel attack vector.

ย 

https://github.com/RedBalloonShenanigans/MonitorDarkly

[email protected]

ยฉ 2024 Red Balloon Security.
All Rights Reserved.

Linkedin X-twitter

Sal Stolfo was an original founding member of Red Balloon Security, Inc.

LEVERAGE OUR EXPERTISE FOR YOUR EMBEDDED SECURITY NEEDS

Contact us now to discover more about Red Balloon Security’s range of solutions and services or to arrange a demonstration.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

LEVERAGE OUR EXPERTISE FOR YOUR SECURITY NEEDS

Reach out to learn more about our embedded security offering and to schedule a demo.

;