From: Justin (justinvinn@gmail.com)
Date: Mon Dec 12 2005 - 17:50:04 EST
Mark,
I have found that pft from http://www.phenoelit.de is quite helpful
when performing audits on printers.
Unfortunatly, I have yet to see a guide to securing printers, although
FX's chapter in _Stealing The Network: How to 0wn_ the box, was quite
infomative on the subject of attacking a networked printer (BTW, his
chapter was "h3X's adventures in networkland").
Compromising a printer can yeild some useful results, especially if
its an HP printer with Java installed. Also, you may have gained some
admin passwords to try.
And on a somewhat childish side note, if you telnet to port 9100 on a
printer, type a few lines and then kill the connection via ^], the
printer will print out what you typed, although it will be
unformatted.
Hope some of that helped.
-- Justin
On 12/10/05, Mark Brunner <mark_brunner@hotmail.com> wrote:
> Haven't looked at printers in a while.
> Are there any best practices hardening and audit docs for printers?
>
> Mark
>
> -----Original Message-----
> From: Ben Nagy [mailto:ben@iagu.net]
> Sent: Saturday, December 10, 2005 1:24 AM
> To: pen-test@lists.securityfocus.com
> Subject: RE: empty sa passwords on network printers ??
>
>
> Not sure what you mean by SA password, but HP printers run Java, which is
> turing complete. If you have full access to the printer you can make it do
> absolutely anything you want - it's just as good (or better) as owning a
> workstation.
>
> Check out some of the phenoelit stuff to scare yourself:
> http://www.phenoelit.de/stuff/defconX.pdf
>
> Cheers,
>
> ben
>
> > -----Original Message-----
> > From: Jason Rusch [mailto:rusch.j@gmail.com]
> > Sent: Saturday, December 10, 2005 2:51 AM
> > To: pen-test@lists.securityfocus.com
> > Subject: empty sa passwords on network printers ??
> >
> > curious whats peoples opinion on the risk level etc concerning empty
> > SA passwords on network printers?
> >
> >
> > Jason P. Rusch, CISSP
> > Sr. Information Security Administrator
> > Infosec-rusch
> > Tampa, FL 33619
>
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:15 EDT