Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Fwd: nmap exploits / nukes / crashes Minolta Dialta Printers

From: "Dario Ciccarone \(dciccaro\)" <dciccaro () cisco com>
Date: Fri, 7 Sep 2007 13:52:40 -0400
Well, mine didn't - and is printing beautifully after scanning it ;)

Dario

gaius:~/tools/nmap-4.22SOC6 # ./nmap -vv -O -sS -sV -r 192.168.1.25

Starting Nmap 4.22SOC6 ( http://insecure.org ) at 2007-09-07 13:29 EDT
Initiating ARP Ping Scan at 13:29
Scanning 192.168.1.25 [1 port]
Completed ARP Ping Scan at 13:29, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:29
Completed Parallel DNS resolution of 1 host. at 13:29, 0.01s elapsed
Initiating SYN Stealth Scan at 13:29
Scanning hp2605.example.com (192.168.1.25) [1705 ports]
Discovered open port 80/tcp on 192.168.1.25
Discovered open port 139/tcp on 192.168.1.25
Discovered open port 515/tcp on 192.168.1.25
Discovered open port 9100/tcp on 192.168.1.25
Completed SYN Stealth Scan at 13:29, 2.42s elapsed (1705 total ports)
Initiating Service scan at 13:29
Scanning 3 services on hp2605.example.com (192.168.1.25)
Completed Service scan at 13:29, 6.31s elapsed (4 services on 1 host)
Initiating OS detection (try #1) against hp2605.example.com
(192.168.1.25)
SCRIPT ENGINE: Initiating script scanning.
Host hp2605.example.com (192.168.1.25) appears to be up ... good.
Interesting ports on hp2605.example.com (192.168.1.25):
Not shown: 1701 closed ports
PORT     STATE SERVICE      VERSION
80/tcp   open  http         HP Color LaserJet 2605dn http config (Virata
embedded httpd 6_0_1)
139/tcp  open  netbios-ssn?
515/tcp  open  printer
9100/tcp open  jetdirect?
MAC Address: 00:17:08:CA:FE:00 (Hewlett Packard)
Device type: printer
Running: HP embedded
OS details: HP LaserJet printer (2010-, 2600-, 3050-, or 3390-series)
OS Fingerprint:
OS:SCAN(V=4.22SOC6%D=9/7%OT=80%CT=1%CU=44424%PV=Y%DS=1%G=Y%M=001708%TM=4
6E1
OS:8A67%P=i686-pc-linux-gnu)SEQ(SP=11%GCD=1E848%ISR=A4%TI=I%II=I%SS=S%TS
=A)
OS:OPS(O1=M5B4NW0NNSNNT11%O2=M578NW0NNSNNT11%O3=M280NW0NNT11%O4=M5B4NW0N
NSN
OS:NT11%O5=M218NW0NNSNNT11%O6=M109NNSNNT11)WIN(W1=21F0%W2=2088%W3=2258%W
4=2
OS:1F0%W5=20C0%W6=209D)ECN(R=Y%DF=N%T=40%W=2238%O=M5B4NW0NNS%CC=N%Q=)T1(
R=Y
OS:%DF=N%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=Y%DF=N%T=40%W=209D%S=O%A
=S+
OS:%F=AS%O=M109NW0NNSNNT11%RD=0%Q=)T4(R=Y%DF=N%T=40%W=0%S=A%A=Z%F=R%O=%R
D=0
OS:%Q=)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=N%T=40%W=
0%S
OS:=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U
1(R
OS:=Y%DF=N%T=FF%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=
G)I
OS:E(R=Y%DFI=N%T=FF%TOSI=Z%CD=S%SI=S%DLI=S)

Uptime: 0.000 days (since Fri Sep  7 13:28:38 2007)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=17 (Good luck!)
IPID Sequence Generation: Incremental
Service Info: Device: printer

Read data files from: .
OS and Service detection performed. Please report any incorrect results
at http://insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.024 seconds
               Raw packets sent: 1746 (77.584KB) | Rcvd: 1721 (79.530KB)
gaius:~/tools/nmap-4.22SOC6 #
 


-----Original Message-----
From: nmap-dev-bounces () insecure org 
[mailto:nmap-dev-bounces () insecure org] On Behalf Of Thierry Zoller
Sent: Friday, September 07, 2007 6:04 AM
To: nmap-dev () insecure org
Subject: Re: Fwd: nmap exploits / nukes / crashes Minolta 
Dialta Printers

Dear Jacob,
That's actually a common occurence, every printer I scanned actually
crashed :)

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: