Intercepting Print Jobs with prn-2-me
Don’t let the name fool you, prn-2-me is pronounced “print-to-me”, and not “pr0n-to-me”. I was disappointed too… but not for long!
prn-2-me is a man-in-the-middle python script from Chris John Riley that creates a custom listener (on port 9100 by default) and acts like a printer. Its purpose is to handle incoming PCL and PostScript print jobs, save a copy on your computer, and then forward them on to the actual printer. With a bit of arpspoofing magic, you or an attacker could intercept the print jobs of an entire office.
In theory, this tool could be expanded to allow you to also modify print files before they are sent on to the actual printer. An attacker could substitute specific prints with his own to do all kinds of wonderful and damaging things. Maybe a bit of automagic image editing in python could overlay an image on every file before forwarding it to the printer? Hilarity ensues. (Chris note the feature request)
Chris says he’s planning on integrating this into Metasploit. I’m going to hold him to that!