Penetration Testing mailing list archives
Re: network printers
From: Paul Asadoorian <Paul_Asadoorian () brown edu>
Date: Tue, 13 Dec 2005 10:59:26 -0500
All: Wrote a little script that I use when pen testing: http://pauldotcom.com/printerwalk.sh It uses the default SNMP password to walk the printer Mibs. It would be nice to integrate this tool with libPJL from phenoelit. If you mod it, please share (it needs some work). Paul -- paul () pauldotcom com http://pauldotcom.com perrymonj () networkarmor com wrote:
Printers are the first thing I look for to perform a stealthy interal pen test. Nmap port 9100 and idle scan the inside. Also good place for an attacker to store files but I don't store files during a pen test. I guess it would also be a good place to gain information if you had the time to spend. My favorite is to change the display greeting. Hehe J. Perrymon On the road- This is from my BlackBerry -----Original Message----- From: Justin <justinvinn () gmail com> Date: Mon, 12 Dec 2005 17:50:04 To:mark_brunner () hotmail com Cc:pen-test () lists securityfocus com Subject: Re: network printers Mark, I have found that pft from http://www.phenoelit.de is quite helpful when performing audits on printers. Unfortunatly, I have yet to see a guide to securing printers, although FX's chapter in_Stealing The Network: How to 0wn_ the box, was quite infomative on the subject of attacking a networked printer (BTW, his chapter was "h3X's adventures in networkland"). Compromising a printer can yeild some useful results, especially if its an HP printer with Java installed. Also, you may have gained some admin passwords to try. And on a somewhat childish side note, if you telnet to port 9100 on a printer, type a few lines and then kill the connection via ^], the printer will print out what you typed, although it will be unformatted. Hope some of that helped. -- Justin On 12/10/05, Mark Brunner <mark_brunner () hotmail com> wrote:Haven't looked at printers in a while. Are there any best practices hardening and audit docs for printers? Mark -----Original Message----- From: Ben Nagy [mailto:ben () iagu net] Sent: Saturday, December 10, 2005 1:24 AM To: pen-test () lists securityfocus com Subject: RE: empty sa passwords on network printers ?? Not sure what you mean by SA password, but HP printers run Java, which is turing complete. If you have full access to the printer you can make it do absolutely anything you want - it's just as good (or better) as owning a workstation. Check out some of the phenoelit stuff to scare yourself: http://www.phenoelit.de/stuff/defconX.pdf Cheers, ben-----Original Message----- From: Jason Rusch [mailto:rusch.j () gmail com] Sent: Saturday, December 10, 2005 2:51 AM To: pen-test () lists securityfocus com Subject: empty sa passwords on network printers ?? curious whats peoples opinion on the risk level etc concerning empty SA passwords on network printers? Jason P. Rusch, CISSP Sr. Information Security Administrator Infosec-rusch Tampa, FL 33619---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------------------------------------------------------------------------------------------- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
-- Paul Asadoorian, GCIA, GCIH Brown University 3 Davol Square Suite B 250, Campus Box 1885 Providence, RI 02903 Phone: 401.863.7553 "You cannot achieve the impossible without attempting the absurd." ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- empty sa passwords on network printers ?? Jason Rusch (Dec 09)
- RE: empty sa passwords on network printers ?? Ben Nagy (Dec 10)
- network printers Mark Brunner (Dec 10)
- Re: network printers Justin (Dec 12)
- Re: network printers perrymonj (Dec 13)
- Re: network printers Paul Asadoorian (Dec 13)
- Re: network printers Jason Baeder (Dec 13)
- network printers Mark Brunner (Dec 10)
- Re: network printers Sean Peterson (Dec 16)
- RE: empty sa passwords on network printers ?? Ben Nagy (Dec 10)