PRET - Printer Exploitation Toolkit for Pentesters

PRET is a security testing tool for printers, developed at Ruhr University Bochum. It connects to printers via network or USB and exploits PostScript, PJL, and PCL languages to manipulate print jobs, access the printer’s file system, and potentially cause physical damage.

By translating UNIX-like commands into printer language, PRET simplifies the communication between users and printers. It includes various commands for executing printer attacks and fuzzing, with detailed documentation available in the Hacking Printers Wiki.

Install

PRET only requires a Python2 interpreter. For colored output and SNMP support however, third party modules need to be installed:

# pip install colorama pysnmp

If running on a Windows console and Unicode characters are not displayed correctly, install the win_unicode_console module:

# pip install win_unicode_console

For experimental, ‘driverless’ printing (see print command), ImageMagick and GhostScript need to be installed:

# apt-get install imagemagick ghostscript

Usage

usage: pret.py [-h] [-s] [-q] [-d] [-i file] [-o file] target {ps,pjl,pcl}

positional arguments:
  target                printer device or hostname
  {ps,pjl,pcl}          printing language to abuse

optional arguments:
  -h, --help            show this help message and exit
  -s, --safe            verify if language is supported
  -q, --quiet           suppress warnings and chit-chat
  -d, --debug           enter debug mode (show traffic)
  -i file, --load file  load and run commands from file
  -o file, --log file   log raw data sent to the target

License

GPL-2.0 License

Resources & Downloads

• Source-code and download

GitHub - RUB-NDS/PRET: Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. - RUB-NDS/PRET

GitHubRUB-NDS