Re: network printers

Mark,

I have found that pft from http://www.phenoelit.de is quite helpful
when performing audits on printers.

Unfortunatly, I have yet to see a guide to securing printers, although
FX's chapter in _Stealing The Network: How to 0wn_ the box, was quite
infomative on the subject of attacking a networked printer (BTW, his
chapter was "h3X's adventures in networkland").

Compromising a printer can yeild some useful results, especially if
its an HP printer with Java installed. Also, you may have gained some
admin passwords to try.

And on a somewhat childish side note, if you telnet to port 9100 on a
printer, type a few lines and then kill the connection via ^], the
printer will print out what you typed, although it will be
unformatted.

Hope some of that helped.

-- Justin

On 12/10/05, Mark Brunner <mark_brunner@xxxxxxxxxxx> wrote:
> Haven't looked at printers in a while.
> Are there any best practices hardening and audit docs for printers?
>
> Mark
>
> -----Original Message-----
> From: Ben Nagy [mailto:ben@xxxxxxxx]
> Sent: Saturday, December 10, 2005 1:24 AM
> To: pen-test@xxxxxxxxxxxxxxxxxxxxxxx
> Subject: RE: empty sa passwords on network printers ??
>
>
> Not sure what you mean by SA password, but HP printers run Java, which is
> turing complete. If you have full access to the printer you can make it do
> absolutely anything you want - it's just as good (or better) as owning a
> workstation.
>
> Check out some of the phenoelit stuff to scare yourself:
> http://www.phenoelit.de/stuff/defconX.pdf
>
> Cheers,
>
> ben
>
> > -----Original Message-----
> > From: Jason Rusch [mailto:rusch.j@xxxxxxxxx]
> > Sent: Saturday, December 10, 2005 2:51 AM
> > To: pen-test@xxxxxxxxxxxxxxxxxxxxxxx
> > Subject: empty sa passwords on network printers ??
> >
> > curious whats peoples opinion on the risk level etc concerning empty
> > SA passwords on network printers?
> >
> >
> > Jason P. Rusch, CISSP
> > Sr. Information Security Administrator
> > Infosec-rusch
> > Tampa, FL 33619
>
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Relevant Pages

  • Re: network printers
    ... > Printers are the first thing I look for to perform a stealthy interal pen test. ... >>Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • network printers
    ... Haven't looked at printers in a while. ... Subject: RE: empty sa passwords on network printers ?? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: network printers
    ... Printers are the first thing I look for to perform a stealthy interal pen test. ... > Subject: RE: empty sa passwords on network printers ?? ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: Experiences with company nCircle and their IP360 product
    ... We've got fairly new Lexmark printers that exhibit this behavior so I'm ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • RE: network printers
    ... > Haven't looked at printers in a while. ... > Are there any best practices hardening and audit docs for printers? ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)