Re: Request for testing of HP PJL service probe

[David Fifield <david () bamsoftware com>]

On Fri, Aug 28, 2009 at 01:57:24AM +0100, Rob Nicholls wrote:
> I just tried it out at home and got:
>
> Interesting ports on 192.168.xxx.xxx:
> PORT     STATE  SERVICE   VERSION
> 9100/tcp open   hp-pjl    HP Color LaserJet CP2025dn
> 9101/tcp closed jetdirect
> 9102/tcp closed jetdirect
> 9103/tcp closed jetdirect
> 9104/tcp closed jetdirect
> 9105/tcp closed jetdirect
> 9106/tcp closed jetdirect
> 9107/tcp closed jetdirect
> MAC Address: 00:21:5A:xx:xx:xx (Hewlett Packard)
> Service Info: Device: printer
>
> This picked up the correct version/matched the Device Description field. The
> version detection stage knocked the printer out of "PowerSave" mode, and
> into "Ready", but it doesn't appear to have screwed anything up (it didn't
> print anything out). I'm able to print okay afterwards.

Great! Thanks for testing.

> However, if I run a default version scan it ends up printing several pages
> (before I kill nmap). I've identified the cause as version detection against
> port 9999. I don't know how many other (modern) HP printers are affected by
> this, is it worth adding 9999 to the exclude list?

That's interesting. I have two things I want you to try, if you would.

First, add port 9999 to the list of ports for the hp-pjl probe and see
if it the service is correctly identified. The line should read
ports 9100-9107,9999
Hopefully it's the same protocol and the same probe will work.

Second, try changing the probe to
Probe TCP hp-pjl q|@PJL INFO ID\x0d\x0a|
(removing the \x1b%-12345X parts). Then see if it still takes the
printer out of power save mode.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org