Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [PATCH] nmap-service-probes: Misc database corrections, printer additions

From: Aaron Leininger <rilian4 () hotmail com>
Date: Sun, 1 Mar 2009 11:48:53 -0800


I can get you a specific cap of changing the display text as well if
that would help.


No authentication needed? Am I the only one who thinks this screams
for a simple, non-default display hacking NSE script?


You are correct. No authentication needed. It's a massive hole in PJL. I've never found a method of blocking it other 
than turning off port 9100 on the printer completely which is not an option as that basically keeps the printer from 
being printed to over the network. 

You can change all sorts of other settings through PJL also w/o any auth...such as display language and most of the 
environment variables.

What I thought might be more handy is an NSE script that would dump the primary data off the printer. That's basically 
what hijetter does for windows. I'd write it myself but I am not versed in NSE.

Let me know if anyone still wants the pcap of changing the display on a printer or anything else more specific. I can 
get it on Monday morning.

-Aaron

_________________________________________________________________
HotmailĀ® is up to 70% faster. Now good news travels really fast. 
http://windowslive.com/online/hotmail?ocid=TXT_TAGLM_WL_HM_70faster_032009

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: