Penetration Testing: Re: redirecting a remote printer output into an attacker's printer

[Andrew Wheeler <prime_dreamer () yahoo co uk>]

The data sent to most printers is text with pcl or postscript commands.
Ghost script should allow you to display postscript files and I am sure
a pcl viewer exists on the net just a matter of finding it.

capturing the data would require a service to act as a printer store a
copy and then send a copy to the printer sounds easy but would need to
understand the different types of printer communication protocols like
LPR and the different ports used. 

At work I use a program called planet press suite 4 that you can set up
as a LPR server to capture print data so that it can be processed then
sent to a printer. We use it to capture output going to line printers,
process the forms and then send to a laser printer.

I am interested to see what turns up on this subject.

On Mon, 2005-07-04 at 17:56 +0000, h_e_z_i () yahoo com wrote:
> Hello!
>
> As part of a black box pen-test which i'll try to conduct in the company I work with, I would like to attempt a 
> redirection or sniffing a printer's output.
>
> My thoughts regarding the subject were to try and see if i'm able to arp spoof the printer and it's default gateway, 
> and then to sniff the traffic. As a result of this, I wonderd if there is any free software which I could use to 
> redirect the sniffed data into an other printer.
>
> Any help will be appreciated.
> Thanks,
> Nadav