Nmap Development mailing list archives
Hacking Network Printers - Mostly HP JetDirects, but a little info on the Ricoh Savins
From: "Crenshaw, Adrian D" <adrian () ius edu>
Date: Sun, 11 Sep 2005 17:43:05 -0500
Hacking Network Printers (Mostly HP JetDirects, but a little info on the Ricoh Savins) While it's only vaguely related to Nmap, a few of you expressed interest in it when I posted about it last. Here is a link to my little article on how network printers like JetDirects and Ricoh Savins can be hacked. The web version can be found at: http://www.irongeek.com/i.php?page=security/networkprinterhacking I plan to do updates as needed, so please give me some feed back. I'd like to hear from you all. Here is the table of contents to give you an idea about the subject matter: Intro to the concepts Diagnostics page JetDirect password notes Controlling the JetDirect box with telnet/web browser Controlling the finding JetDirect boxes with JetAdmin Finding Network printers using Nmap and SNMP tools Using a JetDirect box as an Nmap Idlescan Zombie Setting up a direct IP printer in Windows and Linux Side note on a Pharos Uniprint vulnerability DoSing the network or the printer Changing the LCD display text using HPhack, IGhphack or Hijetter Phenoelit's Hijetter and PFT Setting the LCD Display with Hijetter Changing settings with Hijetter Using Hijetter to treat some JetDirect boxes as files/web servers Finding stored faxes and print jobs on Jetdirect printers Don't forget to look for Stored Documents via the web interface Sniffing print jobs and replaying them A note on Plain-text authentication protocols Other Ideas Links to Tools Useful links for further research Change Log Thanks Fyodor for fixing the port 9100/tcp problem. Adrian _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Hacking Network Printers - Mostly HP JetDirects, but a little info on the Ricoh Savins Crenshaw, Adrian D (Sep 11)