Re: redirecting a remote printer output into an attacker's printer

["Thor (Hammer of God)" <thor () hammerofgod com>]

You really won't be sniffing the printer's *output,* right?  You'll be 
sniffing the data as it arrives *to* the printer from the client?  In this 
case, you will have already captured the data, and can send it anywhere you 
want to...   If it is already at the printer, your best bet is to see if you 
can just grab the spool file of the printer itself (depending on the type of 
printer).  For instance, I've got several Gestetner printers that (if you 
have authenticated access) you can grab/reprint files right from queue 
management.

t

------
*Secure your infrastructure*
Microsoft Ninjitsu: Securely Deploying MS Technologies
security training delivered by Timothy Mullen.
Registration now open for Blackhat Vegas 2005:
http://www.blackhat.com/html/bh-usa-05/train-bh-usa-05-tm.html



----- Original Message ----- 
From: <h_e_z_i () yahoo com>
To: <pen-test () securityfocus com>
Sent: Monday, July 04, 2005 10:56 AM
Subject: redirecting a remote printer output into an attacker's printer


> Hello!
>
> As part of a black box pen-test which i'll try to conduct in the company I 
> work with, I would like to attempt a redirection or sniffing a printer's 
> output.
>
> My thoughts regarding the subject were to try and see if i'm able to arp 
> spoof the printer and it's default gateway, and then to sniff the traffic. 
> As a result of this, I wonderd if there is any free software which I could 
> use to redirect the sniffed data into an other printer.
>
> Any help will be appreciated.
> Thanks,
> Nadav