Nmap Development mailing list archives
Re: pjl script updates
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 17 Aug 2009 21:16:21 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 17 Aug 2009 14:33:03 -0600 David Fifield <david () bamsoftware com> wrote:
On Mon, Aug 17, 2009 at 08:13:21AM -0700, rilian4 rilian4 wrote:Hi Aaron, sorry for the late response. Please do post the scripts to the list. For the particular purpose of printer model identification, I think the PJL queries make more sense as -sV service probes than as NSE scripts. I am curious to see the exact syntax that you used and compare it to probes that Brandon Enright has prepared.My turn to apologize for the delayed response. I have been on vacation. Attached is pjl-model.nse. It is a simple script that sends the PJL model command and displays any response.Brandon, I would like you to comment on this script and the PJL version probes you posted in http://seclists.org/nmap-dev/2009/q1/0560.html. Aaron's query string is "@PJL INFO ID\n" while yours is "\x1b%-12345X@PJL INFO ID\x0d\x0a\x1b%-12345X\x0d\x0a". What is the difference in meaning between these? I think this particular function of PJL is a better fit for version detection than NSE, which is why I'm asking. I would like to get these probes in at least a branch so people can test them out.
David, I think your question has two parts: * Why is ESC%-12345X enveloping the PJL command and * Why do I use \r\n rather than just \n First, ESC%-12345X is known in HP parlance as the UEL (universal exit language) and is an escape sequence out of whatever state the printer may be in so that it can accept a PJL command. This is how the HP and Xerox documents describe how to do PJL commands properly. This is also how PJL tools send the command. See page 52 of: http://h20000.www2.hp.com/bc/docs/support/SupportManual/bpl13210/bpl13210.pdf In my testing, if the printer is already in cleared/reset state then you don't need the UEL. If the printer is in an odd state the UEL is needed otherwise you'll get a PJL parse error (or nothing at all). Second, all the documents I've read specify \r\n rather than just \n. In my testing, almost all of our printers respond with \r\n, very few respond with just \n. I think printers doing just \n are actually violating the "standard". Other useful PJL documents include: http://h20000.www2.hp.com/bc/docs/support/SupportManual/bpl13207/bpl13207.pdf And one from Xerox: http://downloads.xes.com/AccXES_Family/manuals/9_0/sysinfo/english/9.1_Customer_HP-PJL_specification.pdf This stuff is pretty hard to figure out and get right. When I last looked at this stuff I read hundreds of pages of documents. I came to the conclusion that we could get pretty close but not perfect. HP itself hasn't implemented everything properly in all of their printers. Other vendors have tried to implement the standard and have introduced minor differences too. I've been super busy lately but I'm willing to spend some time testing and going over documents to try to figure out what we can do for printers. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkqJyLIACgkQqaGPzAsl94IOkACdFAmy9FR6Gwai2KHYj3fW67OC Rm0AoJ25QNRhQRKVgtpTC/VqxO5T0djm =FWUf -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- pjl script updates rilian4 rilian4 (Jul 17)
- Re: pjl script updates David Fifield (Aug 03)
- Re: pjl script updates rilian4 rilian4 (Aug 17)
- Re: pjl script updates David Fifield (Aug 17)
- Re: pjl script updates Brandon Enright (Aug 17)
- Re: pjl script updates rilian4 rilian4 (Aug 17)
- Re: pjl script updates David Fifield (Aug 03)