Σάββατο 22 Αυγούστου 2020

New Printers Vulnerable To Old Languages

When we published our research on network printer security at the beginning of the year, one major point of criticism was that the tested printers models had been quite old. This is a legitimate argument. Most of the evaluated devices had been in use at our university for years and one may raise the question if new printers share the same weaknesses.

35 year old bugs features

The key point here is that we exploited PostScript and PJL interpreters. Both printer languages are ancient, de-facto standards and still supported by almost any laser printer out there. And as it seems, they are not going to disappear anytime soon. Recently, we got the chance to test a $2,799 HP PageWide Color Flow MFP 586 brand-new high-end printer. Like its various predecessors, the device was vulnerable to the following attacks:
  • Capture print jobs of other users if they used PostScript as a printer driver; This is done by first infecting the device with PostScript code
  • Manipulate printouts of other users (overlay graphics, introduce misspellings, etc.) by infecting the device with PostScript malware
  • List, read from and write to files on the printers file system with PostScript as well as PJL functions; limited to certain directories
  • Recover passwords for PostScript and PJL credentials; This is not an attack per se but the implementation makes brute-force rather easy
  • Launch denial of Service attacks of various kinds:

Now exploitable from the web

All attacks can be carried out by anyone who can print, which includes:
Note that the product was tested in the default configuration. To be fair, one has to say that the HP PageWide Color Flow MFP 586 allows strong, Kerberos based user authentication. The permission to print, and therefore to attack the device, can be be limited to certain employees, if configured correctly. The attacks can be easily reproduced using our PRET software. We informed HP's Software Security Response Team (SSRT) in February.

Conclusion: Christian Slater is right

PostScript and PJL based security weaknesses have been present in laser printers for decades. Both languages make no clear distinction between page description and printer control functionality. Using the very same channel for data (to be printed) and code (to control the device) makes printers insecure by design. Manufacturers however are hard to blame. When the languages were invented, printers used to be connected to a computer's parallel or serial port. No one probably thought about taking over a printer from the web (actually the WWW did not even exist, when PostScript was invented back in 1982). So, what to do? Cutting support for established and reliable languages like PostScript from one day to the next would break compatibility with existing printer drivers. As long as we have legacy languages, we need workarounds to mitigate the risks. Otherwise, "The Wolf" like scenarios can get very real in your office…

More info
  1. Game Hacking
  2. Android Hack Tools Github
  3. How To Hack
  4. Pentest Recon Tools
  5. Hacker Tools Apk
  6. Hacker Tools Free
  7. Hak5 Tools
  8. Hacking Tools For Beginners
  9. Hacker Tools List
  10. Hacker Tools Free Download
  11. Nsa Hack Tools
  12. How To Install Pentest Tools In Ubuntu
  13. Hack Tool Apk
  14. Hacking Tools Windows 10
  15. Hack Tools For Windows
  16. How To Hack
  17. New Hacker Tools
  18. Pentest Automation Tools
  19. Pentest Tools Find Subdomains
  20. Pentest Tools Kali Linux
  21. Underground Hacker Sites
  22. Hack Tool Apk No Root
  23. Hack Tools Mac
  24. Top Pentest Tools
  25. Pentest Tools Download
  26. Hacker Security Tools
  27. Android Hack Tools Github
  28. Hackrf Tools
  29. Hack Rom Tools
  30. Kik Hack Tools
  31. Best Hacking Tools 2020
  32. What Are Hacking Tools
  33. World No 1 Hacker Software
  34. Hacking Tools Hardware
  35. Pentest Tools Linux
  36. Pentest Recon Tools
  37. Hack Tools Download
  38. Tools For Hacker
  39. Pentest Tools Download
  40. Pentest Tools Free
  41. Pentest Tools Kali Linux
  42. Hacker Tools Online
  43. Hacking Tools Hardware
  44. Pentest Tools Alternative
  45. Hacker Tools List
  46. Hacker Tools Free
  47. Hacker Tools
  48. Hacking Tools Usb
  49. Hacking Tools For Windows Free Download
  50. Hacker Tools Apk
  51. Hacking Tools
  52. Game Hacking
  53. Hacker Tools List
  54. Ethical Hacker Tools
  55. Hacker Tools Apk Download
  56. Pentest Tools
  57. Hack App
  58. Nsa Hack Tools
  59. Pentest Tools
  60. Pentest Tools Tcp Port Scanner
  61. Hacking Tools For Windows Free Download
  62. Free Pentest Tools For Windows
  63. Pentest Tools Bluekeep
  64. Hack Tools Online
  65. Hacking Tools For Kali Linux
  66. Pentest Tools For Windows
  67. Hacking Tools Mac
  68. World No 1 Hacker Software
  69. Best Pentesting Tools 2018
  70. Kik Hack Tools
  71. Pentest Tools Website
  72. Blackhat Hacker Tools
  73. Pentest Tools Bluekeep
  74. Termux Hacking Tools 2019
  75. Hacking Tools Download
  76. Pentest Automation Tools
  77. Hacking Tools 2020
  78. Hacking Tools Name
  79. Pentest Tools Nmap
  80. Hacking Tools For Beginners
  81. New Hacker Tools
  82. Pentest Tools Github
  83. Beginner Hacker Tools
  84. Tools 4 Hack
  85. Best Hacking Tools 2020
  86. Hackrf Tools
  87. Hack Tools For Games
  88. Hacker Tools For Ios
  89. Hacking Tools Windows 10
  90. Hacker Tools For Mac
  91. Free Pentest Tools For Windows
  92. Pentest Tools Free
  93. Nsa Hack Tools
  94. Hack Apps
  95. Best Hacking Tools 2020
  96. Growth Hacker Tools
  97. Kik Hack Tools
  98. Hacking Tools
  99. Nsa Hacker Tools
  100. Pentest Tools
  101. Hacking Tools Mac
  102. World No 1 Hacker Software
  103. Android Hack Tools Github
  104. Pentest Tools Windows
  105. What Is Hacking Tools
  106. Computer Hacker
  107. Hack Tools Download
  108. Game Hacking
  109. How To Hack
  110. Pentest Tools Download
  111. Hack Tools Pc
  112. Hack Tools For Windows
  113. Pentest Tools Kali Linux
  114. Pentest Tools Apk
  115. Pentest Reporting Tools
  116. New Hack Tools
  117. Hacking Tools And Software
  118. Pentest Tools Website
  119. Hack Tool Apk
  120. Hacker Tools Mac
  121. Hacker Tools Online
  122. Hacking Tools For Windows Free Download
  123. Pentest Tools For Ubuntu
  124. Hack Tools Download
  125. Pentest Tools Kali Linux
  126. Hacking Tools Mac
  127. Hacking Tools Pc
  128. Hacking Tools 2019
  129. Hack Rom Tools
  130. Hacking Apps
  131. Hack Rom Tools
  132. What Are Hacking Tools
  133. Pentest Tools Download
  134. Hacking Tools Download
  135. Hacker Tools Hardware
  136. Hacker Tools 2019
  137. Pentest Automation Tools
  138. Pentest Tools List
  139. Pentest Tools Website
  140. Best Pentesting Tools 2018
  141. Hack Tools For Games
  142. Hacker Tools Windows
  143. Hack Tools
  144. What Is Hacking Tools
  145. Hack App
  146. Pentest Recon Tools
  147. Usb Pentest Tools
  148. Hacker Tools Linux
  149. Pentest Tools Free
Αναρτήθηκε από στις

Δεν υπάρχουν σχόλια:

Δημοσίευση σχολίου

Εγγραφή σε: Σχόλια ανάρτησης (Atom)