Fun with a JetDirect - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Fun with a JetDirect

  1. #11
    Senior Member
    Join Date
    Dec 2004
    Posts
    137
    Originally posted here by SirDice

    That's one of the reasons I usually put all printers on a seperate network, firewall them and only allow the printserver access.
    BLEEPING FUGGIN GOOD IDEA!!! I will add this to my list of things to do during maintenece down time. If I just VLAN them into their own VLAN world -- could I just do that if i don't want to bother with the hassle?

  2. #12
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    At my last job we did it using VLANs. Especially with big sites using dedicated switches is probably not going to work. You would need a lot more switches. Just define a printing VLAN and use an accesslist to regulate who can do what. We had to add 1 or 2 workstations so the guys 'n girls from facility management could monitor the printers for empty toners/papers etc.. Everybody else had to use the printserver.. Pretty simple setup but still effective
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #13
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    How about a quick "port scanner" that will scan for port 9100 (jet direct port) and send a print job to it. This could easily be done in perl. I have found example code for a perl based port scanner that can be easily modified to do the job.

    I've played with it a bit and gotten it to work quite nice. Though, the code is rather beefy. If I'm not too tired when I get home from the gym I might slim it down. I accidentially spammed some printers with the string "You suck, you jackass!" Immediately afterwards... I started getting phone calls... ooops! At least I know it works... just hopefully they don't report it to mgt. ROFL
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #14
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    One problem with scanning on port 9100 come up with Nmap and version detection. You get garbage print jobs with text like:

    GET / HTTP/1.0
    OPTIONS / HTTP/1.0
    OPTIONS / RTSP/1.0


    I've found that using the following works well:

  5. #15
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    I don't think that is the case with the new version of nmap 3.90.
    Well, I've been unable to duplicate it...

    Maybe its just my version of jetdirect?

    nmap -O printerip -p 9100

    or with

    nmap printerip -p 9100

    Seems that the printer will print whatever you throw at port 9100

    http://printerip:9100 will print your browser info

    ------ HP JetDirect Configuration ------
    Status: I/O Card Ready
    Model Number: J6057A
    Hardware Address: 000Exxxxxxxx
    Firmware Version: R.25.09
    Even your example with 9100 added to the port list doesn't set it off...
    Either will --allports

    Hmmm
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #16
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    I'll have to test with the newest version of Nmap sometime. I'm using 3.81 (I think) right now. I contacted Fydor awhile back about JetDirect and version detect, maybe he wrote a work around.

  7. #17
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Ok, here is the answer:

    Thanks for the information Fyodor. I should have RTFCL.

    Adrian

    -----Original Message-----
    From: Fyodor [mailto:fyodor@insecure.org]
    Sent: Thu 9/8/2005 5:10 PM
    To: Crenshaw, Adrian D
    Cc: nmap-dev@insecure.org
    Subject: Re: Nmap 3.90 and JetDirects
    On Thu, Sep 08, 2005 at 05:04:33PM -0500, Crenshaw, Adrian D wrote:
    > I’m writing an article on hacking network printers and this topic came up. One problem with Nmap scanning port 9100 with version detection turned on is you get garbage print jobs with text like:
    >
    > GET / HTTP/1.0
    > OPTIONS / HTTP/1.0
    > OPTIONS / RTSP/1.0
    >
    > That corresponds to the probes Nmap is sending to try and tell what
    > service is running on that port. Or at least you use to, a friend said
    > he tested with 3.90 and that no longer happens, at least on his
    > JetDirect. Was something changed with 3.90 to fix the JetDirect port
    > 9100 problems?

    Yes, by default Nmap no longer service scans 9100:

    o Added "Exclude" directive to nmap-service-probes grammar which
    causes version detection to skip listed ports. This is helpful for
    ports such as 9100. Some printers simply print any data sent to
    that port, leading to pages of HTTP requests, SMB queries, X Windows
    probes, etc. If you really want to scan all ports, specify
    --allports. This patch came from Doug Hoyte (doug(a)hcsw.org).

    [ http://www.insecure.org/nmap/nmap_changelog.html ]

    With such a big changelog for this release, you can be forgiven for
    missing it . I'm looking forward to your paper on hacking network
    printers.

    Cheers,
    -F

  8. #18
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Makes sense. I briefly glanced at the change log when I downloaded it. I noticed that they don't scan 9100 by default but not that it doesn't try version detection. I even tried to use -O to "force" version detection. Seems it still ignores that port.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  9. #19
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    Does this mean I can telnet to the printer ip and type stuff and it will print?
    That's almost as easy as typing my doc in MS Word and clicking "print"
    I came in to the world with nothing. I still have most of it.

  10. #20
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Originally posted here by rcgreen
    Does this mean I can telnet to the printer ip and type stuff and it will print?
    That's almost as easy as typing my doc in MS Word and clicking "print"
    Kind of sorta if you telnet to port 9100 on a JetDirect. By the way, I hope to have my article up Monday.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •