Skip to content

foxglovesec/HPwn

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

HPwn

HP printer security research code

This repository contains varios scripts and projects referenced in FoxGlove security's HP printer blogpost.

BDL_Patcher

This python script can be used to create modified but still valid HP software solution bundles. Usage instructions are built into the tool. All you need to do is open "mod.zip", replace or add any files that you would like, and then run the following command: python hp_solution_patcher.py orig.bdl orig.zip mod.zip This will generate a new, modified BDL file called patched.bdl

HP_Printer_Toolz

This contains two .NET projects. Sorry if DLL references are broken, they are probably absolute paths on my machine, you'll need to make them relative if I don't get around to fixing that. I've provided the DLL's, you may just need to fix up the project file to point to them.

HPValidateSignature

This project is a re-implementation of HP's DLL signature verification code. You can run it against a DLL to see if it will pass HP's signature check. The algorithm is not EXACTLY the same as HP's. We do no verify the certificate chain and check the issuer, etc... But it was helpful to us in building our malicious DLL files.

HPBackupZipEncryption

HP Printer backup files are encrypted zip files. There is no mechanism to decrypt them off of the printer, they are not supposed to be decrypted. We provide code here that will decrypt a backup file generated by an HP printer given that you know the passcode.

###MaliciousSolution This project is a simple piece of malware in the form of an HP Solution that will call home to an HTTP server and execute the commands found in a text file on that server.

The important thing to note about this project is that it must be built using the .NET Compact Framework (I think version 2.0). This comes with Visual Studio 2008 professional. That is the only place I was able to find a copy.

About

HP printer security research code

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C# 90.1%
  • Python 9.9%