Difference between revisions of "USB drive or cable"

From Hacking Printers
Jump to: navigation, search
 
(9 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Data can be send to and received from a local printer by [https://en.wikipedia.org/wiki/USB USB] or [https://en.wikipedia.org/wiki/IEEE_1284 parallel] cables. Both channels are supported by [[PRET]] to communicate with the device. In addition, printers and MFPs often ship with ''Type-A'' USB ports which allows users to print directly form a USB drive. While plugged-in USB drives do not offer a bidirectional channel, their usage in a crowded copy room may seem less conspicuous. Obviously, exploiting USB printers requires the attacker to gain physical access to the device. However, it is not completely unrealistic for most institutions and companies. Gaining physical access to printer can generally be considered as less hard than it is for other network components like servers or workstations. This is because printers are usually shared by and accessible to a whole department. Sneaking into an unlocked copy room and launching a malicious print job from USB stick is only a matter of seconds. Further real-world scenarios include copy shops or publicly available printers at schools and universities. <!-- and for PostScript based [[information disclosure]] attacks, the result can simply be leaked by printing it on paper --> <!-- smart card based access control -->
+
[[File:USB-deployment-channel.png|thumb|160px|Printing over USB]]
 +
 
 +
Data can be sent to and received from a local printer by [https://en.wikipedia.org/wiki/USB USB] or [https://en.wikipedia.org/wiki/IEEE_1284 parallel] cables. Both channels are supported by [[PRET]] to communicate with the device. In addition, printers and MFPs often ship with ''Type-A'' USB ports which allows users to print directly from an USB device. While plugged-in USB drives do not offer a bidirectional channel, their usage in a crowded copy room may seem less conspicuous. Obviously, exploiting USB printers requires the attacker to gain physical access to the device. However, it is not completely unrealistic for most institutions and companies. Gaining physical access to printer can generally be considered as less hard than it is for other network components like servers or workstations. This is because printers are usually shared by and accessible to a whole department. Sneaking into an unlocked copy room and launching a malicious print job from USB stick is only a matter of seconds. Further real-world scenarios include copy shops or publicly available printers at schools and universities. <!-- and for PostScript based [[information disclosure]] attacks, the result can simply be leaked by printing it on paper --> <!-- smart card based access control -->
 +
 
 +
'' '''Is your copy room always locked?''' ''
 +
 
 +
→ ''Related articles:'' [[Fundamentals#High-level_overview|Fundamentals]], [[Attack carriers]]

Latest revision as of 09:35, 31 January 2017

Printing over USB

Data can be sent to and received from a local printer by USB or parallel cables. Both channels are supported by PRET to communicate with the device. In addition, printers and MFPs often ship with Type-A USB ports which allows users to print directly from an USB device. While plugged-in USB drives do not offer a bidirectional channel, their usage in a crowded copy room may seem less conspicuous. Obviously, exploiting USB printers requires the attacker to gain physical access to the device. However, it is not completely unrealistic for most institutions and companies. Gaining physical access to printer can generally be considered as less hard than it is for other network components like servers or workstations. This is because printers are usually shared by and accessible to a whole department. Sneaking into an unlocked copy room and launching a malicious print job from USB stick is only a matter of seconds. Further real-world scenarios include copy shops or publicly available printers at schools and universities.

Is your copy room always locked?

Related articles: Fundamentals, Attack carriers