Insecure printer firmware hacked to play Doom




Oh goody, next we will be able to play GTA on the fridge or Duke Nukem on the air conditioner.


This is funny indeed… but is there a reason a printer should be secure? I mean, I guess it’s nice ,but is people hacking printers actually any sort of security risk?


With a name like that, it’s a shame that the printer couldn’t be hacked to play System Shock.

If I tell your printer to make 1000 pages filled with rich black, I can’t imagine you would be happy about it.


Because it’s a device inside the perimeter of a company network. If it can play Doom, it can probably play Nmap, too.



To me that looks more like ID’s “Wolf 3D,” the Castle Wolfenstein predecessor to Doom.


NEDM could make it feel better about itself.


I like the hacks that replace the LCD error messages with arbitrary phrases (“NEED BLOOD”, etc).


We need a Marvin the Paranoid android phrase generator put into a hacked printer.


I have a Pixma printer, and I hate it. The print and scan functionality works pretty well–but the setup. Oohhh, the setup. Getting this printer connected and accepting jobs is awful–I have fucked with that printer for Way Too Long just to get one or two pages of printed material from it. And the Canon software seemingly required to make it work? Awful. WTF, Canon? Stick with making cameras, mkay?


Non-networked printers aren’t quite as scary(though some of them do have enough onboard flash to store an (outdated) copy of their own drivers, I had a run-in with an HP M401 that initially declared itself as a USB mass storage device, and not a printer, until you ran the driver installer at least once to flip some bit and cause it to show up as a printer so you could actually install the thing. That much space, plus enough capacity to emulate other USB device types could be rather entertaining…); but a printer with a NIC is just as much a member of the network as everybody else, and usually less secure, less likely to be updated, and less likely to be noticed.

Even better, some classes of printer vulnerability can be exploited by correctly crafted documents sent to them, rather than direct network access, which makes a neat tool for punching into an otherwise secure network.

In summary and conclusion, I loath printers.


God damn it. Killed by PC LOAD LETTER again.


This is so happening at my place of work.


Or hackers sniffing your printouts on the network.


Or opening a VPN into your network, ARP-poisoning your switch and listening to your LAN traffic which is often unencrypted because the environment is considered trustful, portscanning your servers which often have exposed services (typically SQL servers) that aren’t visible from the outside and are vulnerable, LAN-accessible services with weak or no passwords, possibility to ARP-spoof your DNS server and then MITM the stuff on the LAN or even phish the admin passwords (if the first login attempt fails, do you suspect an attack or a typo?)… once you’re in, you can eat it all.

Many networks are like coconuts - hard shell but soft once you get inside. A humble printer - or even a thermostat - can quite well become your comfortable advance base in the prey’s rear (and pain at the same place).

For some fun, see the injectable virtual machines and the associated penetration framework.


Whenever I go to Sears or Best Buy for a new appliance, my go to objection has always been (well, since 1993, anyway), “But can it run Doom?”


Printers are, and always will be, fucking evil.


Especially in the pre-Unicode era when you had to add the codepages into the fray, if you weren’t lucky enough to live in an area with language without silly superfluous unnecessary accented characters.

But even without that, printers still are evil. I have somewhere an old magazine from early 90’s that promised the heaven of paperless offices. The future, as usual, did not deliver on the good.


Oh, I remember printers and Novell Netware. Never forget, people. Never forget.