3.6 KiB
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Internet Printing Protocol IPP
The Internet Printing Protocol (IPP), as specified in RFC2910 and RFC2911, serves as a foundation for printing over the internet. Its capability to be extended is showcased by developments like IPP Everywhere, which aims to standardize mobile and cloud printing, and the introduction of extensions for 3D printing.
Leveraging the HTTP protocol, IPP benefits from established security practices including basic/digest authentication and SSL/TLS encryption. Actions like submitting a print job or querying printer status are performed through HTTP POST requests directed at the IPP server, which operates on port 631/tcp.
A well-known implementation of IPP is CUPS, an open-source printing system prevalent across various Linux distributions and OS X. Despite its utility, IPP, akin to LPD, can be exploited to transmit malicious content through PostScript or PJL files, highlighting a potential security risk.
# Example of sending an IPP request using Python
import requests
url = "http://printer.example.com:631/ipp/print"
headers = {"Content-Type": "application/ipp"}
data = b"..." # IPP request data goes here
response = requests.post(url, headers=headers, data=data, verify=True)
print(response.status_code)
If you want to learn more about hacking printers read this page.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.