Forum Thread: Man in the middle attack on printer?

Currently I am learning about MitM and how to use it. Therefore I am doing some arp spoofing (just like in OTW's tutorial about a simple man in the middle attack) and I am using Wireshark to analyse the packages. This all worked fine so I decided I wanted to try to get myself inbetween a networkprinter and the router to capture documents that are being printed. I printed an example document with at the top stating Oefentoets(Dutch) and then one of my old chemistry tests on the rest of the page. However when analysing the captured packages I did find a tcp stream with Oefentoets at the top of it followed by something that looked like it could be my old test when looking at the size but than in a way different format or code. Probably it is compressed in some kind of way but I don't know how to convert it into text. I tried saving it as raw but then I could only open it with Notepad showing an even less understandable code.

I hope anyone can help me out :)
Printscreen of top of tcp stream:

Printscreen of tcp stream:

5 Responses

I can't see the "data-stream", but I can suppose ur file will be encrypted (probably in a different file-format, I never read a lot about printer xD ) in some way and then sent to the printer .

So probably: u print a file -> the file get converted in another fileformat -> then is sent to the printer to get printed.

This mean u are seeing the fileformat for the printer and not for the specific software u used.

Yes I thought that aswell but how do I figure out which kind of file format or encryption it is?

Do you mean, telling you how I captured it or how I managed to make the raw output readable?

Share Your Thoughts

  • Hot
  • Active