Printers Could Be Vulnerable to SpamPrinters Could Be Vulnerable to Spam

First there was cross-site scripting (XSS), then there was cross-site request forgery (CSRF). Now there's a new exploit in town: cross-site printing. A researcher has discovered a way to remotely hack printers using JavaScript.

Researcher Aaron Weaver has written a proof of concept of such an attack, which would occur when a user visits a malicious Website that contains the "bad" JavaScript. The attacker could then connect to a printer on the user's intranet and send data (think spam) to it.

Using JavaScript, an attacker can print from his Website to the victim's internal networked printer via an HTTP Post command, according to Weaver. It also lets an attacker send PostScript Commands to format the pages and send faxes in some cases.

Weaver uses CSRF to issue the PostScript commands over Port 9100 to print ASCII-based art he created, according to Jeremiah Grossman, CTO of WhiteHat Security in his blog post. Network printers typically receive print jobs via Port 9100.

"The end result is that by visiting a Web site on the Internet, you could end up sending printer spam to your printer without even knowing that anything happened," Weaver writes in his paper about the hack. "Since most printers don’t have any security set, it is possible to print anything, control the printer, change the print settings and even send faxes."

How do you protect your printer from such an attack? For starters, Weaver says to make sure it has an administrative password. Then consider restricting access each printer, so that it can only execute jobs sent from a centralized print server.

— Kelly Jackson Higgins, Senior Editor, Dark Reading