Why Your Printer Just Spat Out Gibberish (Port Scanning Edition)

It seems like printers have forever been the bane of our existence, giving us headaches from indecipherable messages, pc load letter, to phantom paper jams.

I once had a printer that took any print request and squared the number of copies you wanted — asking for 2 copies yielded 4, and strap in if you requested 4, because you’d get 16!

Office space printer destruction gif

But have you ever experienced your printer spontaneously churning out gibberish, or printing something without you even pressing a button? If you’re curious about why your printer may have gone rogue, keep reading.

The Experiment

It began with a simple task: to identify open ports and services running on a local network featuring a network printer. So, I fired up PortDroid and initiated a port scan. PortDroid is typically used for network analysis, security checks, and troubleshooting. PortDroid can scan ranges of ports and identify which are open and what services they run.

The Quirky Outcome

To my surprise, the printer sprang to life and started printing out the HTTP requests it was sent. Why did this happen? Printers typically listen to port 9100 for print jobs. However, it seems some are configured to treat data received as if they were print jobs. The outcome: the printer treats the HTTP requests as text files and prints them out without question.

A HTTP request sent to the printer on paper

This occurs because PortDroid performs ‘HTTP scanning’ and ‘banner grabbing’ on ports to determine if they are serving HTTP or HTTPS and to try to determine what versions of software are running.

The Implications While this is humorous and relatively harmless, it also poses potential security risks. An attacker could flood a printer with data, wasting ink and paper, and essentially rendering it useless. Moreover, a compromised printer could potentially act as an entry point to an internal network, depending on its configuration.

Tip

Tip Set up authentication (username and password) on your printer so that unauthorized people and programs cannot use it. It can also be worthwhile disabling services and ports on your printer that you do not need.

PortDroid to the Rescue

PortDroid’s feature-rich set, including Traceroute, Ping, Port Scanner, and Certificate Viewer, can be used to better understand your network and its vulnerabilities. The latest version even includes IPv6 support for most of its features. Whether you’re a security expert or just a curious individual, PortDroid can be your Swiss Army knife for network analysis.

Screenshot of port scanning a printer with PortDroid

For added protection banner grabbing and HTTP scanning on port 9100 have been disabled in PortDroid to avoid printing gibberish on networks you scan. If needed you can completely disable Banner grabbing and HTTP scanning in the settings as shown below:

Secure Your Printer: Add Authentication

As amusing or startling as it may be to find your printer acting on its own, this scenario actually points to a security vulnerability. It is advisable to add authentication to your printer to mitigate such risks. Many modern printers come with built-in settings to enforce user authentication before proceeding with print jobs. This feature can act as a barrier, preventing unauthorized commands from being executed. Even for simple tasks like port scanning, authentication would require the scanner to pass credentials, adding an extra layer of security to your device.

Conclusion

So, next time you decide to use PortDroid or any other network analysis tool, consider the quirks that come with scanning different types of devices. Always remember to act responsibly and ethically, particularly in a professional setting. This incident with the printer may be funny, but it’s also a reminder of the unpredictable nature of networked devices and the importance of security awareness.

Happy scanning!

Note

P.S. For anyone interested in experimenting further with printers, I recommend checking out the Printer Exploitation Toolkit (PRET)

Related Posts

What is a port?

What is a port?

In computer networking, a port is a way of identifying a specific application or process running on a device. When you connect, the port number identifies which application or process on the server will respond to your request.

Read More
PortDroid now supports IPv6 on most tools

PortDroid now supports IPv6 on most tools

Introduction We’re thrilled to announce a much-anticipated update to PortDroid—IPv6 support for a range of our tools!

Read More
Virtual Private Networks (VPNs)

Virtual Private Networks (VPNs)

You’ve probably heard about VPNs, but what are they? and how do they help keep your data secure? Keep reading to find out.

Read More