漏洞信息
漏洞名称: Printer Unauthorized Access Vulnerability
漏洞类型: 未授权访问
漏洞等级: 中危
漏洞描述: 该漏洞涉及打印机未授权访问问题,允许攻击者通过9100端口直接与打印机通信,执行打印任务或窃取敏感打印文档。打印机作为企业网络中常见的设备,通常部署在内网中,用于日常文档打印。由于配置不当或缺乏适当的网络分段,这些打印机可能暴露在未受保护的环境中,使得外部攻击者能够轻易访问。漏洞的技术根源在于打印机服务未实施有效的访问控制机制,攻击者无需认证即可发送PJL(Printer Job Language)命令,如‘@PJL INFO ID\n’,来获取打印机信息或操控打印任务。这种漏洞可能导致敏感信息泄露、打印任务被恶意篡改,甚至打印机被进一步利用作为内网渗透的跳板。由于攻击者可以直接通过网络发起攻击,且无需用户交互,该漏洞的利用门槛较低,风险较高。
产品厂商: generic
产品名称: printer
搜索语法: port:9100
来源: https://github.com/projectdiscovery/nuclei-templates/blob/ab71611b5eedc02a39a1ce30868ac928e058d905/network%2Fmisconfig%2Fprinters-info-leak.yaml
类型: projectdiscovery/nuclei-templates:github issues
POC详情
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
id: printers-info-leak
info:
name: Unauthorized Printer Access
author: pussycat0x,matejsmycka
severity: info
description: |
Unauthorized access to printers allows attackers to print, eavesdrop sensitive documents.
impact: |
Attackers can gain access to sensitive printed documents, manipulate print jobs, and potentially compromise printer security
remediation: |
Implement proper network segmentation, disable unnecessary printer services, and ensure printers are not directly accessible from untrusted networks.
reference:
- https://book.hacktricks.xyz/pentesting/9100-pjl
- https://en.wikipedia.org/wiki/Printer_Job_Language
metadata:
max-request: 1
vendor: generic
product: printer
shodan-query: port:9100
tags: network,iot,printer,misconfig,tcp,pjl
tcp:
- inputs:
- data: "@PJL INFO ID\n"
host:
- "{{Hostname}}"
port: 9100
matchers:
- type: binary
binary:
- "40504a4c20494e464f2049440d0a22"
extractors:
- type: regex
group: 1
regex:
- '"([^"]+)"'
|