Spamming a Printer Remotely via the Internet demonstrated by Researcher

Printer Spam Today, the prevalence of cyber crime has become a part and parcel of the Internet. Initially, it was believed that hackers and malicious code writers could only attack through Web sites and spam your mail box. But now, you must watch out for your printer could get hijacked as well. Security researcher Aaron Weaver has chanced upon a discovery that involves spamming a printer from the Internet.

Weaver built on the concept of cross-site scripting, whereby an attacker injects malicious code in Web pages viewed by others. He actually demonstrated how a hacker can inject spam messages into a Web site visitor’s printer.

For this to work, a victim would have to either visit a malicious Web site or a legitimate page that suffers from a cross-site scripting flaw, which is a common type of Web programming error.

The hacker would then send JavaScript code to the browser that would guess the location of the victim’s printer and send it a print job. The Web site could print annoying ads on the printer and may even issue more dangerous commands, like telling the printer to send a fax, format its hard drive or download new firmware.

The attack is derived from techniques employed in a project called hacking network printers by Adrian “Irongeek” Crenshaw. Weaver’s research is available in a paper published on the Ha.ckers.org Web site.

Weaver notes that most network printers listen on port 9100 and that you can telnet to port 9100, type text, and, once you disconnect, the text will print remotely.

Weaver wrote, “within the last year there have been new discoveries on attacking the intranet from the Internet. This involves setting an image tag or script tag to an internally addressable IP address and then the browser will request the ‘image’ resource. Several attacks can be accomplished; port scanning, fingerprinting devices, and changing internal router settings.”

Weaver has launched the attack successfully on both the Internet Explorer and Firefox browsers. However, since the attack works only on network printers, a printer plugged directly into a PC would not be vulnerable.

Weaver offers two ways to defend against this attack: Set an administrator password for your printers and consider restricting access to the printer so that it only accepts print jobs from a specific server.