╔═══════════════════════════════════════════════════╗
║ _____ _ _____ _ ║
║ / ____| | |_ _| | | ║
║ | (___ | |_ ___ _ __ _ __ ___ | | _ __ | | __ ║
║ \___ \| __/ _ \| '__| '_ ` _ \ | | | '_ \| |/ / ║
║ ____) | || (_) | | | | | | | |_| |_| | | | < ║
║ |_____/ \__\___/|_| |_| |_| |_|_____|_| |_|_|\_\ ║
║ ║
║ - The Storm of Print - ║
║ by 7h30th3r0n3 ║
╚═══════════════════════════════════════════════════╝
Warning: This tool is just a POC, use it ethicaly, responsibly and only on devices you own or have explicit permission to test.
This project, The Storm of Print, is a POC tool designed for ethical purposes. It demonstrates the potential vulnerabilities of network printers exposed on the internet, particularly on port 9100
, which is commonly used for print jobs.
This POC tool utilizes the Shodan API to identify exposed printers, allowing researchers to send arbitrary data to these devices. This can serve as a powerful demonstration of the risks associated with leaving such devices unsecured.
The useable script for pentesting is SmallInk that can target ip address based on a txt file.
- Shodan Integration: Queries Shodan to locate vulnerable printers.
- Content Injection: Sends arbitrary data to printers via port
9100
. - Country Filtering: Filters results by country using ISO codes.
- File-Based Targeting: Reads target IPs from a file for controlled testing.
- Ethical Warning: Informs users about the dangers of exposing printers online.
- Python 3.x
- Shodan API key
-
Clone this repository:
git clone https://github.com/7h30th3r0n3/StormInk.git cd StormInk
-
Install required libraries:
pip install shodan
-
Obtain a Shodan API key from Shodan.
-
Add your Shodan API key to the script:
shodan_api_key = "your_shodan_api_key"
Run the primary script to discover printers and send data:
python StormInk.py
- Query Shodan: Filter by country (optional) and search for printers using port
9100
. - Save Targets: Save discovered IPs to a file.
- Send Data: Send the contents of a specified file to the target printers.
Alternatively, use the smaller script for file-based targeting:
python SmallInk.py
This script requires:
- A file containing printer IPs.
- A file with the content to send.
This tool includes a warning message to inform printer owners of their vulnerabilities:
WARNING: Your printer is exposed on port 9100, a port often used for direct print jobs.
Attackers could intercept print jobs, inject malicious content, or even access your entire network.
Act now to secure your printer by restricting network access, enabling firewalls, and updating firmware.
Disclaimer: This project is intended for ethical security research and education only. Unauthorized usage is strictly prohibited.
This project is licensed under the MIT License. See the LICENSE file for details.
7h30th3r0n3 - Ethical hacker and cybersecurity enthusiast.