Penetration Testing mailing list archives
Re: Using a Stand-Alone Network Printer as a network attack entry point?
From: "Nick Jacobsen" <nick () ethicsdesign com>
Date: Fri, 16 Aug 2002 13:01:50 -0700
gar... I missed BOTH defcon 10 and BHB this year... anyway, Regarding changing the ROM, I was refering to using TFTP to lead a new Flash ROM, which can be done remotely... And Ron, am I understanding you to say that JetDirect have telnet functionality built in? Also, apoligies for thinking this might be an original idea... I really had never heard of it being done to any stand alone printers... Nick Jacobsen ethics () netzero net ----- Original Message ----- From: <recompiler () taurus omnistep com> To: "Nick Jacobsen" <nick () ethicsdesign com> Cc: <pen-test () securityfocus com> Sent: Friday, August 16, 2002 10:13 AM Subject: Re: Using a Stand-Alone Network Printer as a network attack entry point?
Nick, This idea has been discussed in great detail at Defcon 10, and numerous other venues. I'm surprised you have never heard of it before. In fact at Defcon 10 new tools and methods were discussed. There were 2 panels that dealt with it, one was called attacking embeded systems, and the other was called network devices. I suggest you get your hands on a copy of the CD that was distributed at defcon. It contains all the slides used in presentations, and a lot of tools, and references. Vlad G. On Thu, 15 Aug 2002, Nick Jacobsen wrote:Hi all... I came up with an idea, one that I've never heard discussed, of
possibly
modifying a stand-alone network printer (like most of the high-end
office
printers, hereafter referred to as a "SNP") to act as a full point to
point
proxy, or at least a simple pass through to the port and IP you specify
in
some sort of configuration. The idea here would be to take a SNP and
modify
a ROM image for the specific printer to include the proxy functionality.
I
realize this could turn out to be quite difficult, but at the same time,
it
would provide a way into the internal network when no others are
available.
Any comments are most DEFINITELY welcome, flames less so, but if it's a stupid idea, let me know... Nick Jacobsen nick () ethicsdesign com ethics () netzero net--------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Using a Stand-Alone Network Printer as a network attack entry point? Nick Jacobsen (Aug 16)
- RE: Using a Stand-Alone Network Printer as a network attack entry point? Ofir Arkin (Aug 16)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? Security News (Aug 16)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? R. DuFresne (Aug 16)
- <Possible follow-ups>
- RE: Using a Stand-Alone Network Printer as a network attack entry point? Bernt Lervik (Aug 19)
- Re: Using a Stand-Alone Network Printer as a network attack entry point? Nick Jacobsen (Aug 19)