|
-
August 4th, 2003, 07:22 PM
#1
Another day in the security buiss
Hey, was up guys/gals?
Haven't posted in quite a while;however, I thought i would throw this out.
While doing a security audit for a large car dealership i found some interesting stuff. Their webserver was being DOS'ed from an internal ip address. Upon reviewing the logs it pointed to a printer. An Hp laserjet to be exact. Now I was rather excited because i had heard/read about printer hacking but never really had a chance to dive deep into the exploration of it. ( What better way to learn is there then to get paid for it  ) Being that as it may be, We changed the ip addy of our websever back to its original with the printer on, and well it was hit by massive amounts of traffic by this printer. We turned the printer off and well, guess what, the traffic stopped. We turned it back on and yep it started again. I started reading up and performing tests of various kinds and i came up with this. Each of the hp printers has like 4megs of Ram but everyone knows that once off all memory is erased or what not, however these printers also had flash memory. which in this case had small piece of DOS software. Rather brilliant actually. I said wtf? And went to the HP website and found everything i ever really wanted to know about pcl, hp's printer language. I thought this was an awsome hack and thought id share it with you all.
-
August 4th, 2003, 07:30 PM
#2
Sounds rather interesting..
Were you able to determine how the DoS code got placed into the flash memory in the first place?
-
August 4th, 2003, 08:07 PM
#3
Member
Is it possible it could have been done remotely?, Normal printer bios flash is via a connection to PC is it not? I seem to remember doing one over the network once.
That does sound very interesting. it sounds like the code had been writen custom for the job?
-
August 4th, 2003, 08:15 PM
#4
Is there anything else that you can post on this. I've never heard of anyone writing a DoS app and placing it on a printer. If you have any more specifics or end up discovering anymore, please post them. Thanks.
-NeuTron
-
August 4th, 2003, 09:13 PM
#5
http://www.syngress.com/samplechapters/249_chap4.pdf
I found this link a few min ago, gives you an idea of what can be done remotley with a printer. I dont know if this if actually a real example or not, but it does describe pretty much to a T a hackers exploit of a printer. Very interesting reading.
Same b
asic idea that was used on the car dealerships printers.
-
August 5th, 2003, 04:50 AM
#6
I agree I could not stop reading and I learned alot from it thanks for sharing it 
-
August 5th, 2003, 06:31 AM
#7
the printer flash memory can be flashed from a remote location. HP provides the software to do it for patches and upgrades to their printer software. So I guess if this can be done by HP then it should be ab le to be done by anyone else if you ahve the right info and skilss.
-
August 5th, 2003, 08:21 AM
#8
Wow that is interesting. New information for me also. Thanks for the info.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
August 5th, 2003, 02:41 PM
#9
Member
Thats a great link, and well worth the read.
-
August 6th, 2003, 05:16 AM
#10
Wait until all of our home appliances are connected to the net.
my fr1dg3 0wnz j00!!
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
