Re: Printer jobs hijacking

From: Martin Mačok (martin.macok@underground.cz)
Date: Fri Nov 24 2006 - 04:17:45 EST

• Next message: Goran Pizent: "RE: Windows 2003 - Dumping Service Passwords"
• Previous message: Security: "Re: identifying images in a binary"
• In reply to: Frank Bussink: "Printer jobs hijacking"
• Next in thread: Paul Melson: "RE: Printer jobs hijacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, Nov 22, 2006 at 09:56:40AM +0100, Frank Bussink wrote:

> has anyone any experience with highjacking print jobs, given an
> environment where MITM is possible or network sniffing ?

I have demonstrated this with ettercap (MITM ARP poisoning) and using
"Follow the stream" option in Wireshark (Ethereal). You can copy and
paste the result into a PS file (in the case of a postscript printer
where the communication is usually done to a port 9100/tcp).

Martin Mačok
ICT Security Consultant

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Goran Pizent: "RE: Windows 2003 - Dumping Service Passwords"
• Previous message: Security: "Re: identifying images in a binary"
• In reply to: Frank Bussink: "Printer jobs hijacking"
• Next in thread: Paul Melson: "RE: Printer jobs hijacking"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:21 EDT