Hacker News new | comments | show | ask | jobs | submit login

The strings contain "sqli" which some of the posters inferred to mean they were experiencing a SQL injection. I doubt this is actually the case. I will say, though, that I have a Brother printer like the one described where I work and have seen similar odd strings on papers that come out of it. At least one time, it's just printed gibberish. I think the common denominator is that these printers are openly shared on a network with a public IP (at least mine is...it's at a big University with public IPs fore everybody). I don't know if this is related or not, though.



The strings contain "sqli" which some of the posters inferred to mean they were experiencing a SQL injection. I doubt this is actually the case.

I'm certain you're correct. I've seen many SQL injection attacks, and not one of them has ever labelled itself as such.


Seven hours after posting, I've racked up 21 points for this comment.

I think this shows a defect in the blind voting we've had here for the last year or so. There's no way this off-hand comment is worth that much karma, but nobody can see that I'm being overcompensated for it.

(Sorry for the OT meta-post)


Maybe it's time for something similar to the IPv4 Evil Bit - http://www.ietf.org/rfc/rfc3514.txt


  '; DO $$ BEGIN RAISE NOTICE 'Commencing SQLI.'; END $$; -- Use acronym "SQLI" for stealth reasons


There's also "nmap" in the output, so this could be part of a combined port and vulnerability scan that hit the network printer.


I think this idea is on to something and warrants more investigation.

Edit: That's probably what it is. A port scanner climbed through port 9100 and hit the JetDirect port on the printer, which prints whatever raw data it is given. Cool find!


I'm in the sqlite camp.


That would make sense, especially if it was just some kind of debugging message mentioning the sqlite version.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: