GitHub - sa7mon/miniprint: A medium interaction printer honeypot ?
source link: https://github.com/sa7mon/miniprint
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
readme.md
miniprint
A medium interaction printer honeypot
About
miniprint acts like a standard networked printer that has been accidentally exposed to the public internet.
It speaks the Printer Job Language (PJL) over the raw network "protocol"
Features
- A fully-featured virtual filesystem in which attackers can read and write files and directories - nothing gets written to the host
- Any PostScript or plaintext print jobs sent to the printer will be saved to the
uploads/
directory - Extensive (probably too much) logging
- Shodan Honeycore: 0
Installation
virtualenv venv && source ./venv/bin/activate
(optional)pip install -r requirements.txt
python3 ./server.py
Usage
usage: miniprint [-b,--bind HOST] [-l,--log-file FILE] [-t,--time-out TIME] [-h]
miniprint - a medium interaction printer honeypot
by Dan Salmon: @BLTjetpack, github.com/sa7mon
optional arguments:
-b, --bind <host> Bind the server to <host> (default: localhost)
-l, --log-file <file> Save all logs to <file> (default: ./miniprint.log)
-t, --timeout <time> Wait up to <time> seconds for commands before disconnecting client (default: 120)
-h, --help show this help message and exit
To interactively attack miniprint
on localhost, you can use PRET with the following command: python ./pret.py localhost pjl
Logs are generated in format: time - loglevel - method - operation - message
and are saved to miniprint.log
by default.
Requirements
- Python >= 3.5
Printer Protocol Support
Protocol Port Support Raw 9100 Yes Web 80 No IPP 631 No LPD 515 NoPrinter Control Language Support
Language Support PJL Yes PML NoPage Description Language Support
Language Support PDF Yes XPS No PostScript No Plaintext Yes PCL NoKnown Issues
- PostScript files printed that don't contain
%%EOF
at the end will cause the printer to wait indefinitely for the end of the job.
Thanks
- frbexiga at BinaryEdge
- Jens Müller for the hacking-printers.net wiki
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK