Penetration Testing mailing list archives
RE: Penetrating a PC through a printer device
From: "Alex S. Harasic" <alharasic () mi cl>
Date: Tue, 24 Jan 2006 20:22:46 -0300
Hi... one thing though, besides whether it's likely or not to attack a PC through a parallel port or through a USB port. It's very hard to imagine a Printer connected to a network and to a PC at the same time, it just makes no sense. If this wase the scenario, unless there's USBnet, the PC won't have an IP address to hack into (and the printer wouldn't work also). So the way to go would be trying to see if there's a bufferoverflow in the Printers drivers, either how they manage parallel connections or USB connections. If there was such a bufferoverflow that you could know how to attack, you would have to send data through either /dev/usb or /dev/lp0, or however they are called in your machine. Regards Alex S. Harasic -----Mensaje original----- De: david lodge [mailto:resident.deity () gmail com] Enviado el: Lunes, 23 de Enero de 2006 9:37 Para: majed al marri CC: pentest list Asunto: Re: Penetrating a PC through a printer device
I was thinking about if a certain penetration test scenario was applicable. What if there was a target PC (that has no IP) connected to a printer through a parallel cable, where the printer has an IP and you had access to this printer through the network. Would you be able to compromise the connected target PC if you gained control of the
printer?
If so how. and if not why?
This'd be really hard to achieve and would have to depend upon several different factors: 1) If I can root the printer, how much control do I get over it (e.g. can I install my own code)? 2) Are there any bugs in the printer driver software? In essence you'd need a printer where you can control your uploads to it and know enough about the printer to be able rewrite the parallel/usb/scsi responses. (A potential with some of the OS based printers - I've seen printers running Windows 95 in the past!) Then you need to find bugs in the printer driver so that you can overflow the messages you send back. I'd think that this would be easy to find (most printer drivers aren't written with security in mind), but harder to exploit. In conclusion: it would be technically feasible but the risk is minimised dependant upon the environment. Another thought, with modern FAX/IP printers, how easy would it be to co-opt the FAX modem to provide ingress or egress to the network? dave ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Penetrating a PC through a printer device majed al marri (Jan 22)
- Re: Penetrating a PC through a printer device Thierry Zoller (Jan 23)
- Re: Penetrating a PC through a printer device david lodge (Jan 23)
- RE: Penetrating a PC through a printer device Alex S. Harasic (Jan 26)