Home Security Printers hacked to prove how insecure they are

Hundreds of thousands of printers were “pwnd” last week to show owners how insecure they are and that some can join botnets to assist in DDoS attacks.

The issue is that port 9100 is often left open to external Internet connections to allow firmware to be updated and Web printing. It is not known just how many printer makes and models are affected but a table at the end of this article lists 20 commercial printers that have been PRinter Exploitation Toolkit (PRET) tested.

Hacker Stackoverflowin told Bleeping Computer that his script targeted printing devices that have IPP (Internet Printing Protocol) ports, LPD (Line Printer Daemon) ports, and port 9100 left open to external connections. That is just about every current printer.

The fully automated script (that means it can run forever) also includes an exploit that uses a remote code execution vulnerability to target Dell Xeon printers. “This allowed me to inject PostScript and invoke rouge jobs,” Stackoverflowin said about the RCE vulnerability's role.

Stackoverflowin is a grey-hat hacker (a mix of good and bad – percentages subject to change without notice) and he just wanted to raise awareness about the dangers of leaving printers exposed online without a firewall or other security settings enabled.

Users reported multiple printer models as affected. The list includes brands such as Afico (Ricoh), Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki, and Samsung.

The research paper SoK: Exploiting network printers stated

  • Even though many proof-of-concept attacks and techniques are known for years, the according countermeasures have not been implemented, leaving the devices and systems vulnerable.
  • There is no research or document summarising all existing attacks. More important, there is no general methodology describing how a security evaluation on printers can be done.
  • Classification of the existing attacker models relevant for printers is missing.
  • There are no tools capable the security evaluation of printers.

In part, the printers are vulnerable as they are exposed to the internet but in part, it is because most use Postscript or PDL (page description language) interpreters that not only control fonts and graphics but the printers central processing unit.

HP has recently protected the BIOS and includes a self-healing function but even that will not prevent port 9100 attacks on networked (that is Ethernet wired or Wi-Fi printers). Printers connected directly via USB with printer sharing disabled are fine.

At present it is advised to close port 9100 for networked printers and change passwords.

Printer pwnd

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities