Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Using a Stand-Alone Network Printer as a network attack entry point?
From: Security News <sec-news () xsec net>
Date: Fri, 16 Aug 2002 13:26:27 -0400

As for really modifying the ROM , it seems possible but also seems like a LOT of work for something that might not even allow you to connect thru the firewall.

My first question is Do you have physical access to start with? And if so why not drop in a small hub/proxy based hardware device (or even 802.11 which works quite nicely).

If you were able to drop a *NIX based smallbox in place behind the printer you could actually use some of the current firewall tunneling software like fwtun without any further configuration and end up with a real box you could launch the attack from.

What about modifying a small ARM based processor board to have 2 NIC's and act as a tiny pass-thru that could be placed behind the device? This device could be the size of a pack of cards and would allow you to connect to an ARM Linux OS.




At 09:20 PM 8/15/2002 -0700, Nick Jacobsen wrote:
Hi all...
    I came up with an idea, one that I've never heard discussed, of possibly
modifying a stand-alone network printer (like most of the high-end office
printers, hereafter referred to as a "SNP") to act as a full point to point
proxy, or at least a simple pass through to the port and IP you specify in
some sort of configuration.  The idea here would be to take a SNP and modify
a ROM image for the specific printer to include the proxy functionality. I
realize this could turn out to be quite difficult, but at the same time, it
would provide a way into the internal network when no others are available.
Any comments are most DEFINITELY welcome, flames less so, but if it's a
stupid idea, let me know...

Nick Jacobsen
nick () ethicsdesign com
ethics () netzero net


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]