Social Icons

Showing posts with label HACK FROM PRINTER. Show all posts
Showing posts with label HACK FROM PRINTER. Show all posts

Saturday, March 16, 2013

HP LaserJet Pro printers : Telnet Vulnerable


1.    A critical vulnerability discovered in few LaserJet Pro printers that could give remote attackers access to sensitive data. The latest breach expose by Germany security expert, Christoph von Wittich.In brief points below :

-   HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data.

-   Christoph von Wittich,the guy detected the vulnerability during a routine network scan of his company's corporate network.

-   Vulnerability could also be used for a denial-of-service attack.

-   As long as the printer is not connected to the Internet, this vulnerability should not cause much trouble for the end user,".

-  Effected printers include

      HP LaserJet Pro P1102w
      HP LaserJet Pro P1102
      HP LaserJet Pro P1606dn
      HP LaserJet Pro M1212nf MFP
      HP LaserJet Pro M1213nf MFP
      HP LaserJet Pro M1214nfh MFP
      HP LaserJet ProM1216nfh Multifunction Printer,
      HP LaserJet Pro M1217nfw Multifunction Printer,
      HP LaserJet Pro M1218nfs MFP
      HP LaserJet Pro M1219nf MFP
      HP LaserJet Pro CP1025nw
      HP LaserJet Pro CP1025nw

2.    Now for HP something like this is not new....even in past about 2 years back in dec 2011,a vulnerabilty was discovered wherein "Print of one malicious document can expose your whole LAN".

3.    In-fact I discussed a past case at Feb 2012 last year here....3 months after that happened.HP seems to be busy with printing only....high time they start focusing serious work on security aspects too!!!!

4.    Thanks THN....The Hacker News

Sunday, February 12, 2012

Single malicious document can expose your whole LAN via ur trusted MFD

1.   "Imagination is the key to Success" in the world of IT....specially applicable to the world of cyber crime....this one i read at one of my fav news feed destinations at http://thehackernews.com...now when we keep covering up the PCs with ideas like antivirus/anti-malware and all sorts of anti's and virus'cides....this thing has come up fresh.....attack the LAN after altering the firmware of the masoom MFD ie multifunction device.Sequence of the main article at http://thehackernews.com is produced below :

- At Chaos Communications Congress (28C3) 

- Ang Cui presents Print Me If You Dare

- He explained how he reverse-engineered the firmware-update process for HPs hundreds of millions of printers

- He showed how he could load arbitrary software into any printer by embedding it in a malicious document or by connecting to the printer online. 
- Performed two demonstrations 

- In the first, he sent a document to a printer that contained a malicious version of the OS that caused it to copy the documents it printed and post them to an IP address on the Internet.

- In the second, he took over a remote printer with a malicious document, caused that printer to scan the LAN for vulnerable PCs, compromise a PC, and turn it into a proxy that gave him access through the firewall.

- Actually found a method to exploit the firmware update capability of certain Xerox MFPs to upload his crafted PostScript code. 

- Was able to run code to dump memory from the printer. This could allow an attacker to grab passwords for the administration interface or access or print PIN-protected documents.

2.  So now start taking care of your firmware updates of your MFDs......

Powered By Blogger