npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

bcc

v1.2.0

Published

An IPP tool to Man-in-the-Middle all traffic to a local printer

Downloads

29

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

watsonwatson

Keywords

ippprintprinterinterceptman-in-the-middleMITMMIMMITMAattackdns-sddnssdbonjourzeroconf

Readme

Blind Carbon Copy

Build status js-standard-style

This is an example of a Bonjour/Zeroconf Man-in-the-Middle attack. This software showcases the attack of an IPP enabled printer. It will intercept all print jobs sent to the target printer.

This attack only works for Bonjour/Zeroconf and IPP enabled printers. Only jobs sent from clients that have the printer configured using Bonjour/Zeroconf will have their jobs intercepted.

This software uses network conncted printers as an example target, but the vulnerability is an inherent feature of the underlying Multicast DNS standard (RFC 6762) used by Bonjour/Zeroconf, so all services relying on this standard may be affected - not only printers.

Solutions

Aside from disabling Bonjour/Zeroconf on the printer, one possible way to secure your network from this sort of attack is by utilizing DNSSEC (RFC 4033). How to do this is beyond the scope of this document.

Disclaimer

Use this software only to test the vulnerability of your own network printers. Do not use this on networks you do not own without prior permission.

Attack Explained

The attack relies on the fact that Bonjour/Zeroconf uses the Service Instance Name of a service as the unique key. Clients configured to connect to a service named ServiceName will do so even if the service changes its host and port.

The attack works by forcing a name-change on the target service and updating all clients to connect to a different service controlled by the attacker:

  1. An attacker advertises a service on the local network with the same properties as the target service except for the host and port which is replaced with its own
  2. The target service will discover that another service is using its name and will rename itself to resolve the conflict (usually by appending a digit to the end of its name: ServiceName to ServiceName-1)
  3. Simultaneously all clients on the network who've been configured to connect to ServiceName will now see that the service have changed host and port and will change their settings to connect to the new host/port controlled by the attacker
  4. Since all requests to ServiceName are now sent to the attacker instead of the target, it can effectively act as a Man-in-the-Middle by proxying all requests to the target service

Installation

This software is written in Node.js and can be installed using the npm package manager. Ensure that you've downloaded and installed Node.js before continuing.

Install the bcc program globally:

npm install bcc -g

Usage

Run bcc from the command line and select the target from the list of printers displayed:

$ bcc
? Select a printer (use arrow keys)
> HP LaserJet 4600
  Reception Color Printer

A name-change will now be forced on the selected printer and the bcc program will install it self as a proxy inbetween clients and the selected printer.

When you quit the bcc program, no clients configured to connect to the selected printer will be able to print any more as the proxy is now off line and the actual printer have changed its name.

Debug mode

To see all operation headers sent to the printer, start bcc with the --log=<filename> command line argument:

$ bcc --log=bcc.log

License

MIT