Users of HP LaserJet printers need to apply a firmware update following the discovery of a potentially troublesome vulnerability. The security bug creates a means for hackers to gain access to files sent to printers via the web administration console on vulnerable machines. A security advisory from HP explains various versions …
This is an internal exploit only, 'cos you've got to get in thru the company firewall first.
....and if they're happy with that (and you can view files on the LAN) then they're probably not too bothered about you being able to see the printer config.
Printing the random documents you find in the cache is only going to get you ones containing Betty's shopping list and Barney's list of pr0n sites (as any fule no).
The best way to get a copy of sensitive data is always going to be this:
1, stand next to printer.
2, steal document
If anyone says that they've lost a document (and you want to keep a copy) then think about photocopying it. Then you can miraculously "find" their document in the pile of paper you now have with you...
i guess the printers could be made to download mp3s then, eh ? :P
Who the fuck forwards *any* ports from the outside world to their *printer* ?
Paris. Because even she is too smart for that.
(hmm ..... I've just had an idea for a new form of spamming ..... try IP addresses in turn to see if port 9100 is open).
@A J Stiles
That would be a great idea for a piece of ware - once inside an organisation scan local subnets and print stuff out.
An OfficeJet printer driver I installed the other day, consumed 650Mb!
The people who forward ports from the outside world to their printers include people who have personnel who work outside the office and who sometimes need to connect to devices inside the office. Including printers.
"who sometimes need to connect to devices inside the office"
That's what a VPN is for.
Re re What?
One word: VPN.
(PS: Is "VPN" a "word"?!?)
Administrators regularly fail to change the default admin password, or even set one in the first place. A while back I did a network scan at the university I was at. Found the main printer in the administration building, no security whatsoever. I had complete access to the configuration, print queue, recently printed documents, everything. A malicious hacker could have kept himself entertained for weeks, causing trouble for users until they learned to secure it.
which hole ridden cheese are you?
Postscript malware. Again. LOL.
http://catless.ncl.ac.uk/Risks/10.35.html#subj8 (et al.)
Printing from home?
Hang on, it's hardly convenient - I'm at home and my printout is appearing in the office 50 miles away?
I like our solution - no direct printing and employee badge is needed to collect your output.
Yet....for some crazy reason, you still find unclaimed output on the printer. I usually dump it in the shredder bins - that usually learns them ;)
I can't work anywhere that requires an employee badge. Or uniform for that matter.
@ James O'Shea
If, for some unspecified reason, you really want someone to have the ability to print to the office printer while they're physically away from the office, there are better ways of doing it than throwing port 9100 open to 0.0.0.0/0. How about setting up an SSH tunnel, and tying it to the static IP address of the broadband connection you provided so that your employee could work from home?
Of course, there's still the issue of what exactly they are going to do with their printout anyway, if they're not there to pick it up .....
It usually wouldn't be stuff the remote user wanted, but stuff that had to be printed for someone at the office. And it'd usually be guys who were not merely away from the office, but out on the road. As in connecting in via dial-up from St. Lucia or backwoods Costa Rica or some such. VPN? Wa dat? They were lucking to get a modem...
@ James O'Shea
"[N]ot merely away from the office, but out on the road. As in connecting in via dial-up from St. Lucia or backwoods Costa Rica or some such."
Ah, point taken. But still, why not just use `chmod a+r` on the file on the server where it's located (so anyone can read it), then get someone who is actually in the office to print it? Or, if it's actually on the person's own laptop, scp it to a server inside the office? The PostScript representation required by the printer often is much larger than the original file, so chances are it'll even work out quicker that way anyway (especially if they're using a modem).
I'm surprised nobody is using this to send spam directly to printers. Or at the very least to pull some variant of the old
$ echo @PLJ RDYMSG DISPLAY="INSERT COIN" |nc 18.104.22.168 9100
trick, maybe changing the message to "BUY VIAGRA 1.99" or something similar.