拦截发送到打印机的数据 [英] Intercepting data sent to printer
问题描述
我想监控和分析的是从基于 Windows 的 POS 应用程序发送到收据打印机的数据.我无法控制 POS 应用程序(品牌可能会有所不同且没有源代码),因此最好的方法是通过在 POS 和打印机之间连接硬件设备来拦截打印的数据.
It is the data send from windows based POS application to the receipt printer that I would like to moniter and analyze. I do not have control of the POS application(brand may vary and no source code) so the best way is to intercept the printed data by hooking up a hardware device inline between the POS and the printer.
我已经阅读了一些资料,似乎大多数收据打印机都接受 ESC/POS 命令集.这是否意味着 POS 实际上会发送 ESC/POS 命令,例如PrintNormal xyz"?
I have done some reading and it seems that most of receipt printers accept ESC/POS command set. Does that mean POS actually sends ESC/POS commands such as 'PrintNormal xyz'?
但我也读到发送到 ESC/POS 打印机的数据是嵌入了 ESC/POS 命令的光栅数据"(请参阅 拦截发送到 Windows 打印机的数据(使用 RedMon)),这是否可读?现在我不确定如何在不知道数据格式的情况下进行.
But I also read that "The data which is sent to a ESC/POS printer IS raster data embedded with ESC/POS commands" (see Intercepting data sent to a Windows printer (using RedMon)), Is that even readable? Now I am unsure how to go about it without knowing the data format.
有人可以确认吗?
谢谢.
推荐答案
免责声明:所提出问题的合法性,因此本问题和任何其他答案,均受许可条款的约束未在问题中披露.使用风险和责任自负.别怪我.
Disclaimer: the legality of the question proposed, and therefore this and any other answer, are subject to the terms of licensing which have not been disclosed in the question. Use at your own risk and liability. Don't blame me.
我正在回答赏金文本:
这个问题广泛适用于大量受众.需要一个详细的规范答案来解决所有问题.
The question is widely applicable to a large audience. A detailed canonical answer is required to address all the concerns.
由于我不确定拦截特定打印机协议的受众有多大,我将其解释为赏金寻求答案,以通过以下方式对仅基于(尚未指定的)总线的主从协议进行逆向工程硬件水龙头.
As I am not sure how large the audience is for intercepting a specific printer protocol, I interpret this to mean the bounty seeks an answer for reverse-engineering a master-slave protocol based only on an (as yet unspecified) bus via hardware tap.
硬件:首先,识别总线.我最好的猜测是您正在处理 USB 或并行,但可能是 9 针串行或专有的东西.在任何情况下,请获取有关硬件级通信协议的文档,并构建一个简单的硬件设备来读取数据并将其镜像到其他地方.这可以是一个点击和记录设置,它只是作为观察者安静地记录数据(许多示波器中可用的功能),或者是 MITM 数据包级接收-记录-发送循环,它在一端模拟从设备而另一边的主人.我更喜欢后者,因为您对截获数据的完整性有更大的保证,并且可以将测试作业传输到从设备以测试您对协议的理解;以更复杂/更昂贵的拦截器设计为代价.
Hardware: First, identify the bus. My best guess here is you are dealing with either usb or parallel, but could be 9-pin serial or something proprietary. In any case, get your hands on the docs for the hardware level communication protocol, and build a simple hardware device that reads the data and mirrors it elsewhere. This could be either a tap-and-record setup, which simply records the data silently as an observer (a function available in many oscilloscopes), or a MITM packet-level receive-record-send loop, which emulates the slave on one end and the master on the other. I prefer the latter as you have a greater guarantee regarding the completeness of the intercepted data, plus the ability to transmit test jobs to the slave device in order to test your understanding of the protocol; at the cost of a more complicated/expensive interceptor design.
由于最初的问题似乎是针对更高级别的协议,所以我将忽略这一部分.如果您需要更多建议,请发表评论.
As the original question seems to be directed at the higher-level protocol, I will glaze over this portion. Comment if you want more suggestions.
软件:假设您现在拥有硬件级别的点击,您现在可以执行打印作业并检查记录的通信.我不希望在混淆数据格式方面付出太多努力.在这种状态下,您应该能够自己判断数据/通信采用什么格式,以及其中使用了哪些特定命令.如果您看到的数据与预期格式不符,您需要做更多研究.
Software: Assuming you now have a hardware level tap, you can now perform a print job and inspect the recorded communication. I do not expect much effort to have been put into obfuscating the data format. At this state, you should be able to judge for yourself what format the data/communication is in, and what specific commands therein are being used. If the data you're seeing does not line up with the expected format, you have more research to do.
层协议:
现在我不确定如何在不知道数据格式的情况下进行操作.
Now I am unsure how to go about it without knowing the data format.
我经常交替使用术语格式"和协议".无论如何,POS 软件用来控制打印机的协议/格式几乎肯定是建立在一个更简单的协议上,它对传输数据的目的一无所知.在这种情况下,我采用网络中固有的层"术语.第1层指的是线电压的最基本含义.这包括以太网、USB、串行等.这是您的拦截器首先需要具有的协议.第 2 层是更针对特定目的的协议,例如 IP、块存储、打印机协议等.可以有更多层,但对于这个问题的范围,我将坚持 2.检查 L1 有效负载的内容后,您可以开始对 L2 格式和感兴趣的命令进行逆向工程.
I often use the terms "format" and "protocol" interchangeably. Regardless, the protocol/format the POS software uses to boss around the printer is almost certainly built upon a simpler protocol that knows nothing of the purpose of the data being transferred. In cases such as this, I adopt the "layer" terminology inherint in networking. Layer 1 refers to the most basic meaning of wire voltages. This includes ethernet, usb, serial etc. This is the protocol your interceptor needs to have at first. Layer 2 is the more purpose-specific protocol, such as IP, block storage, printer protocol etc. There can be more layers, but for this question's scope I will stick to 2. Once you examine the contents of the L1 payload, you can start reverse-engineering the L2 format and commands of interest.
在另一个示例中,将 USB 视为 L1.现在,您可以将拇指驱动程序、打印机或任意数量的其他设备插入同一个 USB 端口.这些设备都使用 L1=USB 协议,但可能都有非常不同的 L2 协议.无论如何,为 L1=USB 构建的拦截器可以同样好地记录和/或镜像有效载荷.更复杂的拦截器可能会尝试使用软件分析 L2 有效负载,或者您可以在捕获完成后使用软件工具(如 ehternet 或 USB 中的wireshark)进行分析.
In another example, consider USB as L1. Now, you can plug a thumb driver, a printer, or any number of other devices into the same USB port. These devices all use L1=USB protocol, but may all have very different L2 protocols. An interceptor built for L1=USB can record and/or mirror the payload equally well regardless. A more sophisticated interceptor might attempt to analyze the L2 payload with software, or you could do so with software tools (like wireshark in the case of ehternet or usb) after a capture has been completed.
特定于打印机:我希望收据打印机支持大多数指定的协议(ESC/POS 或其他协议),但 POS 软件设计人员也只能选择少数命令.
Printer specific: I would expect the receipt printer to support the majority of whatever protocol is designated (ESC/POS or otherwise), but also the POS software designer to pick only a handful of commands.
我已经阅读了一些资料,似乎大多数收据打印机都接受 ESC/POS 命令集.这是否意味着 POS 实际上会发送 ESC/POS 命令,例如PrintNormal xyz"?
I have done some reading and it seems that most of receipt printers accept ESC/POS command set. Does that mean POS actually sends ESC/POS commands such as 'PrintNormal xyz'?
没有.大多数打印机接受该协议的事实将是 POS 作者选择它的一个很好的理由,但这并不意味着他们这样做了.确定知道的最好方法是检查源代码或截获的数据.如果您愿意,您当然可以检查编译后的代码.
No. The fact that most printers accept that protocol would be a good reason for the POS authors to choose it, but that does not mean that they did. The best ways to know for sure are to examine either the source code or the intercepted data. You could of course examine the compiled code, if you prefer.
光栅化:这纯粹是推测.我可以看到专门使用光栅子集的情况,因为它限制了软件作者必须为理解协议付出的努力,同时允许在字体、缩进、文本大小等方面更好地控制最终产品.此外,请考虑作者可能正在将打印代码移植到许多不同的此类协议以支持各种打印机.如果每个提议的打印机协议都支持光栅,那么他们可以编写一次事务到光栅的代码,并找到一种简单的方法将光栅发送到每个提议的协议的打印机.
Rasterization: This is purely speculation. I can see a case for using the raster subset exclusively, as it limits the effort the software author must put into understanding the protocol, while allowing greater control over the end product, in terms of font, indenting, text size etc. Also, consider that the author may be porting printing code to many different such protocols in order to support a wide range of printers. If every proposed printer protocol supports raster, then they can make the transaction-to-raster code once, and find a simple way to send that raster to the printer for each proposed protocol.
结论: 不,我无法确定您的系统使用的是什么特定协议.但是,如果您能够如您的问题所暗示的那样拦截硬件通信,那么您应该接近自己这样做.
Conclusion: No, I cannot confirm what specific protocol your system is using. But, if you are in a position to intercept the hardware communication as your question implies, you should be close to doing so for yourself.
这篇关于拦截发送到打印机的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
