来源:http://www.net-security.org/article.php?id=1107
向打印机及传真机发送命令打印spam。
用户访问含javascript代码的站点,页面内容可能隐藏恶意的代码,如:
<img src="myprinter:9100/Printed_from_the_web">
或者直接telnet到9100端口。
By using only JavaScript, an Internet web site can remotely print to an internal network based printer by doing an HTTP Post. For the attack to succeed the user needs to visit a web site that contains this JavaScript.
The end result is that by visiting a web site on the Internet you could end up sending printer spam to your printer without even knowing that anything happened. Since most printers don't have any security set it is possible to print anything, control the printer, change the print settings and even send faxes.
by Aaron Weaver
没有评论:
发表评论