Google indexes more than 86,000 HP 'public' printers
 

LINKhttp://www.zdnet.com/whoops-google-i...rs-7000010352/
Google has indexed tens of thousands of HP printers, which are publicly available from anyone with an Internet connection, but could also be attacked by hackers with malicious?albeit hilarious?intents.

Granted, the search engine indexed the printers without knowing necessarily what they are or that they're probably meant to be network-internal only. The onus of blame should probably fall on the hapless IT person who set up the printer that way rather on the search engine. (Trying the same result in Bing displays no results at the time of writing.)

If you type in the following on Google:

inurl:hp/device/this.LCDispatcher?nav=hp.Print

That's just a snapshot of more than 86,000 publicly available HP printers, which can be used by anyone to print their documents. Looking through some of the IP addresses and domain names, these publicly available printers are hosted by dozens of universities, such as the University of Washington, including many outside the United States.

On the face of it, it sounds almost pointless?you won't be there to be able to pick them up?but all it takes is one malicious script written by a clever hacker and you'll be replacing the paper tray every five minutes, and using up the toner supplies faster than you've ever known.

Perhaps more worryingly, many of these printers do not have passwords enabled and can be directly accessed from outside their company's firewall, such as this one?which shall remain nameless and anonymous, for obvious reasons?not least to save this one prominent company from embarrassment.


A look into one of the print servers that was set up without requiring a password. (Screenshot: ZDNet)
The best practice here is to set up the printer within the firewall and enable VPN access, so documents and files can be printed remotely but over a secure channel. And, it almost goes without saying: stick a password on there so at least if it is accessible over the Internet it can't be maliciously accessed or screwed around with.

Damn all I tried were out of paper.. :(

And 86k? I see like 12 results..

It is Australia Day dude - get the fuck out of here - go to the beach / pub / whatever. You have made 400 threads today!

going out tonight

Good stuff - have a good one :thumbsup

Question is how G is finding them in the first place. Is it just loading up random IPs and following a "print" link when it hits an IP that is a printer? Or has someone already linked to these printers somewhere on the web?

Same to you hope your not getting hit by the storm :thumbsup

Yo Rowan, sent you and icq.

Filtering duplicate content.

In order to show you the most relevant results, we have omitted some entries very similar to the 11 already displayed.
If you like, you can repeat the search with the omitted results included.

About 86,100 results (0.23 seconds)

Google is crawling entire IP ranges. (I assume based on some SE results)

122.122.122.120
122.122.122.126
122.122.122.131

I printed Goatse on about 20 printers.

lol clever hacker will make us change toners every 5 minutes lol

:1orglaugh:1orglaugh :thumbsup

page 2, exclude similar results

no doubt they are all linked , crawled from edu sites etc. Hard to find any now that havent been scripted to death

this is pretty old.

still nice find.

I used to love making printers print their hearts out.

I once pulled up along side of the building to a very large office building and found that all of their printers were accessible via wifi... I set them all to print look out you window. Then asked for 10,000 copies each. Employees started tripping, then looking out their windows to see me flipping them off before peeling out of their lot.

OK that's effing amusing. :1orglaugh :1orglaugh What a dick!

you could probably get labeled as a cyber terrorist over that, and get 5 years in jail... :2 cents:

once upon a time we had a man in charge of the company VAX , we filled his entire office before he got in with the output of 5 dec 132col green/white printer paper spooling the value of pi