Exploit Notes

IPP (Internet Printing Protocol) Pentesting

Last modified: 2022-12-21


IPP is a protocol for communicating between client devices and printers. A default port is 631.

Access in Web Browser

The CUPS server can be able to access via browser.
Try input the following in the URL search form in browser.



The Printer Exploitation Toolkit is a tool for printer secure testing. Assume that we use it.
Try all three options until the target printer recognized.

# ps: PostScript
python2 pret.py <target-ip>:631 ps

# pjl: Printer Job Language
python2 pret.py <target-ip>:631 pjl

# pcl: Printer Control Language
python2 pret.py <target-ip>:631 pcl

Commands in PRET Shell

After connecting the target printer, we can test using the following commands.

# Print usage
> ?
> ? <command>

Other Exploits

Denial of Service (DoS)

while true; do nc printer 9100; done

Tools by HDKS


Automatic web fuzzer.


Auto reconnaissance CLI.

Hash Cracker

Hash identifier.