printerxpl-forge 6.2.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- nse/README.md +204 -0
- nse/__init__.py +6 -0
- nse/install_nse.py +412 -0
- nse/lib/printerxpl.lua +238 -0
- nse/scripts/cups-info.nse +74 -0
- nse/scripts/cups-queue-info.nse +43 -0
- nse/scripts/hp-printers-cve-2022-1026.nse +121 -0
- nse/scripts/http-device-mac.nse +107 -0
- nse/scripts/http-hp-ilo-info.nse +121 -0
- nse/scripts/http-info-xerox-enum.nse +101 -0
- nse/scripts/http-vuln-cve2022-1026.nse +158 -0
- nse/scripts/lexmark-config.nse +89 -0
- nse/scripts/pjl-ready-message.nse +106 -0
- nse/scripts/printer-banner.nse +217 -0
- nse/scripts/printer-cups-rce.nse +189 -0
- nse/scripts/printer-cve-detect.nse +279 -0
- nse/scripts/printer-discover.nse +205 -0
- nse/scripts/printer-firmware-exposed.nse +219 -0
- nse/scripts/printer-hp-pjl.nse +192 -0
- nse/scripts/printer-http-ews.nse +293 -0
- nse/scripts/printer-ipp-info.nse +235 -0
- nse/scripts/printer-lexmark-ipp.nse +203 -0
- nse/scripts/printer-passback.nse +204 -0
- nse/scripts/printer-pjl-info.nse +146 -0
- nse/scripts/printer-printnightmare.nse +211 -0
- nse/scripts/printer-snmp-info.nse +176 -0
- nse/scripts/printer-vuln-check.nse +256 -0
- nse/scripts/snmp-device-mac.nse +93 -0
- nse/scripts/snmp-info.nse +146 -0
- nse/scripts/snmp-sysdescr.nse +70 -0
- printerxpl_forge-6.2.0.dist-info/METADATA +919 -0
- printerxpl_forge-6.2.0.dist-info/RECORD +97 -0
- printerxpl_forge-6.2.0.dist-info/WHEEL +5 -0
- printerxpl_forge-6.2.0.dist-info/entry_points.txt +4 -0
- printerxpl_forge-6.2.0.dist-info/licenses/LICENSE +21 -0
- printerxpl_forge-6.2.0.dist-info/top_level.txt +4 -0
- src/assets/fonts/gunplay.pfa +1671 -0
- src/assets/fonts/kshandwrt.pfa +315 -0
- src/assets/fonts/laksoner.pfa +2402 -0
- src/assets/fonts/paintcans.pfa +9699 -0
- src/assets/fonts/stencilod.pfa +4076 -0
- src/assets/fonts/takecover.pfa +26138 -0
- src/assets/fonts/topsecret.pfa +6652 -0
- src/assets/fonts/whoa.pfa +773 -0
- src/assets/mibs/HOST-RESOURCES-MIB +1540 -0
- src/assets/mibs/Printer-MIB +4389 -0
- src/assets/mibs/README.md +9 -0
- src/assets/mibs/SNMPv2-MIB +854 -0
- src/assets/overlays/hacker.eps +596 -0
- src/assets/overlays/smiley.eps +214 -0
- src/assets/overlays/smiley2.eps +240 -0
- src/core/attack_orchestrator.py +1025 -0
- src/core/capabilities.py +323 -0
- src/core/destructive_audit.py +430 -0
- src/core/discovery.py +488 -0
- src/core/osdetect.py +74 -0
- src/core/poly_runner.py +579 -0
- src/core/printer.py +1426 -0
- src/main.py +2134 -0
- src/modules/install_printer.py +318 -0
- src/modules/login_bruteforce.py +852 -0
- src/modules/pcl.py +506 -0
- src/modules/pjl.py +3575 -0
- src/modules/print_job.py +1290 -0
- src/modules/ps.py +1102 -0
- src/payloads/__init__.py +98 -0
- src/payloads/assets/overlays/notice.eps +9 -0
- src/protocols/__init__.py +19 -0
- src/protocols/firmware.py +738 -0
- src/protocols/ipp.py +216 -0
- src/protocols/ipp_attacks.py +609 -0
- src/protocols/lpd.py +141 -0
- src/protocols/network_map.py +1004 -0
- src/protocols/raw.py +173 -0
- src/protocols/smb.py +359 -0
- src/protocols/ssrf_pivot.py +427 -0
- src/protocols/storage.py +587 -0
- src/ui/__init__.py +6 -0
- src/ui/interactive.py +742 -0
- src/ui/spinner.py +112 -0
- src/ui/tables.py +132 -0
- src/utils/banner_grabber.py +852 -0
- src/utils/codebook.py +456 -0
- src/utils/config.py +522 -0
- src/utils/cve_loader.py +158 -0
- src/utils/default_creds.py +134 -0
- src/utils/discovery_online.py +1327 -0
- src/utils/exploit_manager.py +805 -0
- src/utils/fuzzer.py +220 -0
- src/utils/helper.py +732 -0
- src/utils/local_printers.py +307 -0
- src/utils/ml_engine.py +491 -0
- src/utils/operators.py +474 -0
- src/utils/ports.py +234 -0
- src/utils/vuln_scanner.py +823 -0
- src/utils/wordlist_loader.py +412 -0
- src/version.py +36 -0
|
@@ -0,0 +1,134 @@
|
|
|
1
|
+
#!/usr/bin/env python3
|
|
2
|
+
# -*- coding: utf-8 -*-
|
|
3
|
+
"""
|
|
4
|
+
PrinterXPL-Forge — Credential Type Definitions & Vendor Aliases
|
|
5
|
+
=============================================================
|
|
6
|
+
Defines the Cred dataclass, dynamic token constants, and vendor alias map.
|
|
7
|
+
|
|
8
|
+
All actual credential data lives in external wordlist files (wordlists/).
|
|
9
|
+
No credentials are hardcoded in this module.
|
|
10
|
+
|
|
11
|
+
To load credentials, use utils.wordlist_loader:
|
|
12
|
+
from utils.wordlist_loader import load_for_vendor, load_wordlist
|
|
13
|
+
"""
|
|
14
|
+
# Author : Andre Henrique (@mrhenrike)
|
|
15
|
+
# GitHub : https://github.com/mrhenrike
|
|
16
|
+
# LinkedIn : https://linkedin.com/in/mrhenrike
|
|
17
|
+
# X/Twitter : https://x.com/mrhenrike
|
|
18
|
+
|
|
19
|
+
from __future__ import annotations
|
|
20
|
+
|
|
21
|
+
from dataclasses import dataclass
|
|
22
|
+
from typing import Dict, List, Optional
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
# ── Credential entry type ─────────────────────────────────────────────────────
|
|
26
|
+
|
|
27
|
+
@dataclass
|
|
28
|
+
class Cred:
|
|
29
|
+
"""Single credential entry."""
|
|
30
|
+
username: str
|
|
31
|
+
password: Optional[str] # None = blank; special tokens: __SERIAL__, __MAC6__, __MAC12__
|
|
32
|
+
protocol: str = 'http' # http / ftp / telnet / snmp / any
|
|
33
|
+
notes: str = ''
|
|
34
|
+
|
|
35
|
+
def __repr__(self) -> str:
|
|
36
|
+
pwd = repr(self.password) if self.password is not None else '(blank)'
|
|
37
|
+
return f"Cred({self.username!r}, {pwd}, {self.protocol})"
|
|
38
|
+
|
|
39
|
+
|
|
40
|
+
# ── Sentinel tokens for dynamic passwords ─────────────────────────────────────
|
|
41
|
+
SERIAL_TOKEN = '__SERIAL__' # replaced by device serial at runtime
|
|
42
|
+
MAC6_TOKEN = '__MAC6__' # replaced by last 6 chars of MAC address
|
|
43
|
+
MAC12_TOKEN = '__MAC12__' # replaced by full 12-char MAC (no separators)
|
|
44
|
+
|
|
45
|
+
|
|
46
|
+
# ── Vendor name aliases (normalisation) ───────────────────────────────────────
|
|
47
|
+
# Used by wordlist_loader.load_for_vendor() to map vendor strings to sections.
|
|
48
|
+
_ALIASES: Dict[str, str] = {
|
|
49
|
+
# Konica Minolta
|
|
50
|
+
'konica minolta': 'konica',
|
|
51
|
+
'konicaminolta': 'konica',
|
|
52
|
+
'develop ineo': 'develop',
|
|
53
|
+
'ineo': 'develop',
|
|
54
|
+
# Fujifilm / Fuji Xerox
|
|
55
|
+
'fujifilm': 'fuji',
|
|
56
|
+
'fuji xerox': 'fuji',
|
|
57
|
+
'fujifilm business innovation': 'fuji',
|
|
58
|
+
'docucentre': 'fuji',
|
|
59
|
+
'apeosport': 'fuji',
|
|
60
|
+
# HP
|
|
61
|
+
'hewlett': 'hp',
|
|
62
|
+
'hewlett-packard': 'hp',
|
|
63
|
+
'hewlett packard': 'hp',
|
|
64
|
+
'jetdirect': 'hp',
|
|
65
|
+
# Epson
|
|
66
|
+
'epson seiko': 'epson',
|
|
67
|
+
'seiko epson': 'epson',
|
|
68
|
+
# Brother
|
|
69
|
+
'brother industries': 'brother',
|
|
70
|
+
# Zebra
|
|
71
|
+
'zebra technologies': 'zebra',
|
|
72
|
+
# Axis
|
|
73
|
+
'axis communications': 'axis',
|
|
74
|
+
# Ricoh / OEM brands
|
|
75
|
+
'nrg': 'ricoh',
|
|
76
|
+
'nashuatec': 'ricoh',
|
|
77
|
+
'lanier': 'ricoh',
|
|
78
|
+
'savin': 'ricoh',
|
|
79
|
+
'gestetner': 'ricoh',
|
|
80
|
+
'infotec': 'ricoh',
|
|
81
|
+
# Minolta / QMS
|
|
82
|
+
'qms': 'minolta',
|
|
83
|
+
'konica qms': 'minolta',
|
|
84
|
+
'minolta qms': 'minolta',
|
|
85
|
+
# Tektronix / Xerox Phaser
|
|
86
|
+
'tektronix': 'xerox',
|
|
87
|
+
'phaser': 'xerox',
|
|
88
|
+
# Lexmark Dell OEM
|
|
89
|
+
'dell laser': 'dell',
|
|
90
|
+
# Sindoh
|
|
91
|
+
'sindoh': 'sindoh',
|
|
92
|
+
# Canon brands
|
|
93
|
+
'canon imagerunner': 'canon',
|
|
94
|
+
'canon pixma': 'canon',
|
|
95
|
+
# Samsung (now HP)
|
|
96
|
+
'hp samsung': 'samsung',
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
|
|
100
|
+
# ── Backward-compatible public API ────────────────────────────────────────────
|
|
101
|
+
# These functions delegate to wordlist_loader to avoid circular imports at
|
|
102
|
+
# module level. They exist so that existing call sites keep working without change.
|
|
103
|
+
|
|
104
|
+
def get_creds_for_vendor(vendor: str,
|
|
105
|
+
wordlist_path: Optional[str] = None) -> List[Cred]:
|
|
106
|
+
"""
|
|
107
|
+
Return credential list for a vendor name (case-insensitive).
|
|
108
|
+
|
|
109
|
+
Credentials are loaded from the external wordlist file, not hardcoded.
|
|
110
|
+
Falls back to generic entries if vendor section not found.
|
|
111
|
+
|
|
112
|
+
Args:
|
|
113
|
+
vendor: Vendor name (e.g. 'epson', 'hp', 'ricoh').
|
|
114
|
+
wordlist_path: Optional path to a custom wordlist file.
|
|
115
|
+
|
|
116
|
+
Returns:
|
|
117
|
+
List of Cred objects ordered: vendor-specific first, then generic.
|
|
118
|
+
"""
|
|
119
|
+
from utils.wordlist_loader import load_for_vendor
|
|
120
|
+
return load_for_vendor(vendor, wordlist_path=wordlist_path)
|
|
121
|
+
|
|
122
|
+
|
|
123
|
+
def get_all_creds(wordlist_path: Optional[str] = None) -> List[Cred]:
|
|
124
|
+
"""
|
|
125
|
+
Return flat list of all unique credential entries from the wordlist.
|
|
126
|
+
|
|
127
|
+
Args:
|
|
128
|
+
wordlist_path: Optional path to custom wordlist.
|
|
129
|
+
|
|
130
|
+
Returns:
|
|
131
|
+
List of Cred objects.
|
|
132
|
+
"""
|
|
133
|
+
from utils.wordlist_loader import load_wordlist
|
|
134
|
+
return load_wordlist(path=wordlist_path)
|