Home Printer Hacking 101
Post
Cancel

Printer Hacking 101

Learn about (and get hands on with) printer hacking and understand the basics of IPP.

THM Room https://tryhackme.com/room/printerhacking101

TASK 1 : Introduction

Read the above

No Answer.

TASK 2 : IPP Port

What port does IPP run on?

IPP (Internet Printing Protocol) use the port TCP 631 by default.

Answer : 631

TASK 3 : Targeting & Exploitation

How would a simple printer TCP DoS attack look as a one-line command?

Check the cheatsheet http://hacking-printers.net/wiki/index.php/Printer_Security_Testing_Cheat_Sheet linked in the task for TCP DoS :

TCP DoS attack TCP DoS attack

Answer : while true; do nc printer 9100; done

Review the cheat sheet provided in the task reading above. What attack are printers often vulnerable to which involves sending more and more information until a pre-allocated buffer size is surpassed?

Buffer overflows Buffer overflows

Answer : Buffer overflows

Connect to the printer per the instructions above. Where’s the Fox_Printer located?

I used the first method (connect on the URL IP:PORT) then navigated to printers tab :

Connexion Connexion

Found there the Fox_Printer then clicking on its name, i found the location of the printer :

Printer Location Printer Location

Answer : Skidy’s basement

What is the size of a test sheet?

Printed a test page to get the size of the test print :

Test sheet size Test sheet size

Answer : 1k

TASK 4 : Conclusion

Check that your printer isn’t vulnerable, why not nmap scan it to see?

No Answer.

Go learn more about printers through further research and experimentation. Congrats on completing this room!

No Answer.

This post is licensed under CC BY 4.0 by the author.