TL;DR: In the scope of academic research on printer security, various vulnerabilities in network printers and MFPs have been discovered. This is advisory 3 of 6 of the `Hacking Printers' series. Each advisory discusses multiple issues of the same category. This post is about abusing Brother's proprietary PJL extensions to dump the printers NVRAM and gain access to interesting stuff like passwords. The attack can be performed by anyone who can print, for example through USB or network. It can even be carried out by a malicious website, using advanced cross-site printing techniques in combination with a novel technique we call `CORS spoofing' (see http://ift.tt/2jKBog0). ======================[ Memory Access with PJL ]======================
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment