Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

shd and spl analysis

Posted on 2016-11-15
3
Medium Priority
?
291 Views
Last Modified: 2016-11-21
are there any specialist tools to analyse print spool files, i.e. shd and spl.

And does anyone know what kind of information they will contain, i.e. is it purely metadata such as user, print date/time, filename, printer, etc or does it give any clues on content of the print job?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 1000 total points
ID: 41888356
It's the print job itself in a form the print server understands. Having these files means having the data you print out - making it readable will not be a big problem, I guess.
0
 
LVL 16

Accepted Solution

by:
DansDadUK earned 1000 total points
ID: 41889637
My understanding is that:

.shd files are 'shadow' files, used to hold job-level meta-data.
.spl files are 'spool' files, used to hold data related to what is actually going to be printed; it may be raw data, or it may be in the form of a (proprietary) EMF (Enhanced Meta File) format.

The format of raw data will depend on the Page Description Language generated by the printer driver (and which the target printer hopefully understands!).

Common PDLs are PCL5, PCL XL, PostScript, PCL3GUI, PCLm/PCLmS, Esc/P, etc.
So you'd need parsers able to understand all of the potential PDLs in use in your system.

To analyse the content of .spl files which contain PCL5 or PCL XL print data, use the PRN File Analyse tool in the PCL Paraphernalia application, available via http://www.pclparaphernalia.eu
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41889687
I guess you'll agree that if someone gets hold of the .spl files, he can replay the print job, so those are as good as the data itself.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question