Penetration Testing mailing list archives

Re: Printer jobs hijacking

From: Martin Mačok <martin.macok () underground cz>
Date: Fri, 24 Nov 2006 10:17:45 +0100

On Wed, Nov 22, 2006 at 09:56:40AM +0100, Frank Bussink wrote:

has anyone any experience with highjacking print jobs, given an
environment where MITM is possible or network sniffing ?


I have demonstrated this with ettercap (MITM ARP poisoning) and using
"Follow the stream" option in Wireshark (Ethereal). You can copy and
paste the result into a PS file (in the case of a postscript printer
where the communication is usually done to a port 9100/tcp).

Martin Mačok
ICT Security Consultant

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

Printer jobs hijacking Frank Bussink (Nov 24)
- Re: Printer jobs hijacking Martin Mačok (Nov 24)
- RE: Printer jobs hijacking Paul Melson (Nov 27)