From Printer To Pwnd: Leveraging Multifunction Printers During Penetration Testing presented at Defcon19 2011

by Deral Heiland,

Summary : In this presentation we go beyond the common printer issues and focus on harvesting data from multifunction printer (MFP) that can be leveraged to gain access to other core network systems. By taking advantage of poor printer security and vulnerabilities during penetration testing we are able to harvest a wealth of information from MFP devices including usernames, email addresses, and authentication information including SMB, Email, LDAP passwords. Leveraging this information we have successful gained administrative access into core systems including email servers, file servers and Active directory domains on multiple occasions. We will also explore MFP device vulnerabilities including authentication bypass, information leakage flaws. Tying this altogether we will discuss the development of an automated process for harvesting the information from MFP devices with the updated release of our tool 'PRAEDA'.

Deral Heiland: CISSP, Responsible for security assessment and consulting for corporations and government agencies. In addition, Deral is co-founder and President of Ohio Information Security a 501c3. Deral has worked in IT for 18+ years, 8 of those years in security.