Re: Undocumented telnet access to Brother HL-2280DW

To: debian-user@lists.debian.org
Subject: Re: Undocumented telnet access to Brother HL-2280DW
From: Celejar <celejar@gmail.com>
Date: Mon, 30 Dec 2013 07:17:49 -0500
Message-id: <[🔎] 20131230071749.d22e369e2b6a18a566b9ff5d@gmail.com>
In-reply-to: <[🔎] 20131230000051.0cd6507ae360156306f7a6ac@gmail.com>
References: <[🔎] 20131227000046.04498c2ebce89c8a4e97e496@gmail.com> <[🔎] 20131227111818.c2f14ebd66ab9700005a0564@gmail.com> <[🔎] 20131229091713.a8c156cbe482b0ab3e6944df@gmail.com> <[🔎] 20131229195205.36470bb39b2013da402adf03@gmail.com> <[🔎] 20131229135213.8ef35b22441b4e56cdf115d6@gmail.com> <[🔎] 20131230000051.0cd6507ae360156306f7a6ac@gmail.com>

On Mon, 30 Dec 2013 00:00:51 +0400
Reco <recoverym4n@gmail.com> wrote:

> On Sun, 29 Dec 2013 13:52:13 -0500
> Celejar <celejar@gmail.com> wrote:
> 
> > > This:
> > > 
> > > http://www.brother-usa.com/VirData/Content/en-US%5CPrinters%5CConsumer%5CNetworkUsersManual%5CNUM_DCP_7065DN_HL_2280DW_MFC_7360N_7460DN_7860DW_EN_2845.PDF
> > > 
> > > gave me an idea - they run telnet, but they use some variation of tcp
> > > wrappers which forbids any telnet connections (possibly other services
> > > too) from anything except maybe 192.168.0.1 (or, 192.168.0.5, or
> > > 169.254.0.0/16).
> > 
> > What did you see there (what page)?
> 
> Nothing in particular, just a guess. Manufacturers like to do stuff
> like this. Best of them think 'like, everyone and their dog uses
> 192.168.0.0/24 for the home network, let's secure our product by
> denying access from anyone outside'. Of course, to hardcode
> 192.168.0.0/24 is the easiest these guys can do.
> 
> So, I browsed that pdf, searched for IPs, and sure enough, there was
> 192.168.0.1 as a default gateway example and 192.168.0.5 as a printer
> example, and some explanation of LLNR.
> 
> > I tried telnetting from my router, an OpenWrt box with address
> > 192.168.0.1, and I get:
> > 
> > Entering character mode
> > Escape character is '^]'.
> > 
> > And then pretty much the same thing: no response, and eventual
> > disconnect after several carriage returns.
> 
> So, no luck. Maybe it requires some engineering password first.
> Can you dump the firmware from the printer?

Not sure - even the process to upload new firmware doesn't give a
firmware file, just an .exe "upload tool" - don't know if the firmware
is embedded therein, or if it tries to download it from somewhere. I
ran strings against it, but couldn't find anything for '23' or 'telnet':

http://welcome.solutions.brother.com/bsc/public/us/us_ot/en/dlf/download_index.html?reg=us&c=us_ot&lang=en&prod=hl2280dw_us&type2=4&os=all&flang=all&dlid=

> Reco

Celejar

Reply to:

Follow-Ups:
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Reco <recoverym4n@gmail.com>

References:
- Undocumented telnet access to Brother HL-2280DW
  - From: Celejar <celejar@gmail.com>
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Reco <recoverym4n@gmail.com>
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Celejar <celejar@gmail.com>
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Reco <recoverym4n@gmail.com>
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Celejar <celejar@gmail.com>
- Re: Undocumented telnet access to Brother HL-2280DW
  - From: Reco <recoverym4n@gmail.com>

Prev by Date: Re: Packages removed from testing
Next by Date: Re: Packages removed from testing
Previous by thread: Re: Undocumented telnet access to Brother HL-2280DW
Next by thread: Re: Undocumented telnet access to Brother HL-2280DW
Index(es):
- Date
- Thread