weev
Up next
Author
Tags
Share article
The post has been shared by 0 people.
Facebook 0
Twitter 0
Pinterest 0
Mail 0

We brought you a story about weev a few months ago that was pretty amusing. Basically, he figured out that he could make printers all over the world print out whatever he wanted. He used this vulnerability to produce some classic lulz at the expense of pussies all over the globe. It’s one thing to be mildly annoyed by someone printing out some Nazi shit on your printer, but some sissies were actually calling the police. C’mon, really? I guess some people are just that easy to scare.

Well, after weev did this, many people fixed this vulnerability, although there’s apparently still plenty who haven’t. Regardless, weev wanted to find another route in and so he did. I’ll let him explain it from here since this is definitely not my area of expertise…

I had a small problem, however. In response to my previous mass printing of Nazi propaganda, a large body of entities for some reason took their printers offline! There was a sample device pool of around 30k printers I printed to last time. Searching for a device with the same signature only returned roughly 17k results. I felt a great disturbance in the Internet, as if thousands of printer owners suddenly cried out in terror and were suddenly implementing some fucking firewall rules. I suppose this is something to be proud of for various reasons. Postscript is Turing-complete, which means all these printers could be made to execute arbitrary computer programs. Someone could have made a huge botnet out of them. Also, it turns out there’s a two decade old vulnerability in Windows that lets people use the printer as a platform to seamlessly install malware

However good this was for the Internet, it is bad for my ability to troll people. I needed more printers. Lots more. Luckily, port 9100 is not the only spooling system exposed to the public Internet. Nobody had done Berkeley’s classic Line Printer Daemon protocol yet, and there are more lpd spooling systems exposed to the Internet than my previous run on port 9100! Printing to an lpd spool is pretty simple:

for i in `cat printer-ips-list`
do
rlpr -H$i payload.ps
done

And off we go with the first issue of samiz.dat. The name, of course, is a play on the practice of samizdat, which is how nationalist dissidents exchanged political literature during the time of Soviet tyranny. The reactions to the first issue are pretty funny.

Hilarious, actually…

https://twitter.com/anikitty74/status/760568961377370113

2016-08-03_1-53-32

2016-08-03_1-54-33

Several of these people reported the act to the police. According to weev, this is all part of the plan…

A good time was had by all making sure countless police reports are filed! One day I’ll have used an equivalent amount of hours of the state as the number it stole from me when it imprisoned me under false pretense, plus some extra as interest. Then maybe we can call things even on the time front. They’ll still have to pay quite dearly in kind for the beatings, starvation, kidnapping, and torture though.

Sounds like he has a lot more plans for the future. I’m quite sure he will fill us all in when the time is right.