24C3 Toying with barcodes


[FX] from Phenoelit gave an entertaining talk about barcode security. He covered both how the systems are implemented and how they’ve been exploited. The first example was a parking garage in Dresden that issues non unique barcodes for the unlimited passes that hotels give out. Anyone code print out an image of that particular code and park for free. German grocery stores have automated machines that refund you for your empty beer bottles. The barcode generated just states the refund amount (5 digits) that you’ll get at the register. Just stick the barcode under something like a six pack and it’ll scan even without the cashier seeing it.

Check out the video to find out more silliness involving DVD rentals, boarding passes, asset management, and SQL injection via the scanner. You can even find higher res versions in the 24C3 media archives.

Comments

  1. jojmoj says:

    cool article… :)

    i would have thought that such a widely used system would have been more secure tbh :)

    even the magnetic bar-codes used in some clothing stores (the ones that set the alarms off at the door) can be rendered useless by rubbing the front onto a hard surface.

    not as advance but along the same lines :)

  2. Jared says:

    Very interesting video.

    @jojmoj: Even those ink-pack ones can be removed with another magnet – that’s all they do at the register.

  3. Jared says:

    Also, when is Hack A Day going to upgrade to the same comment system that Engadget uses… the comment verification email says:

    P.S.: For future reference, you may avoid these confirmations by using your e-mail and password

  4. jojmoj says:

    @jared

    serious? lol

    i watched a show a while ago about ppl using foil lined bags to trick the senors at the door and block the bar codes from activating them

    although it baffles me how the bar codes activate them

    there must be a separate device (like the plastic discs on shirts etc) do the bar codes do it all?

  5. Carl Trimble says:

    He is a funny dude. Does anyone have a link where we can send him barcodes to translate? He said he would do it for free almost at the end of the video.

  6. bgugi says:

    okay, i really need help. he said to use gnu barcode, (almost) whenever i download some open-source type program, i end up with some .tar.gz file, which i have to extract twice, after which i get a pile of .h, .c, and .nothing files, which open as (crappy) plain text in notepad.

    wtf? can somebody help?

  7. ed3 says:

    @bgugi: read the “readme” file. If you are on a properly configured UNIX/Linux system, also read the “install” file.

  8. bgugi says:

    ed3, could we please have a real conversation? i would feel bad for filling this comment space with my incompetence

  9. lucifer says:

    So… anyone have a copy of the software he’s talking about?

  10. ed3 says:

    I really do not want to get into a private conversation either.

    Open-source software is usually distributed as source code meant to be compiled on open-source systems. Usually there is a “readme” and/or “install” file with instructions on what to do.

    Since you said you opened the files in “notepad” I guess you are on Windows, in which case what you want is at http://gnuwin32.sourceforge.net/packages/barcode.htm

    PS – Read open-source files with Wordpad instead of notepad.

  11. That was quite excellent. I’m going to have to sent this to a co-worker of mine who’s entire job revolves around writing bar code programs for our companies scanning system.

    Anyone else got an old hacked Radio Shack Cue-Cat they’re digging out of hiding after watching this :)

  12. localroger says:

    That was really good. I work with barcodes (and RFID and a lot of other things) in industry and everything in that talk was spot-on.

  13. Rangerx52 says:

    The Magnetic tags for door alarms dont actually read the barcode. the barcode is just for tag type authentication. I believe the actual tag detection is just through magnetic resonance. I’ve played with sheets of them, they’re printed off on sheets of 8 1/2x 11 sheets, and the barcodes are all the same.

    Thats why you get tags from other stores that go off in each other’s arches, thats also why tinfoil bags block the detectors (sometimes). If you were going for individual item detection, they’d have to use something with a form of rf or magnetic data storage- either way you’d either be bombarded with rf from every item while in the store or have to pass through a bigass cardreader (which opens up a whooole new slew of security issues). The closest i imagine they can get away with would be Rfid tags, but not many stores would want to drop that much cash to keep someone from walking out the door with random crap.

  14. Eric says:

    This video is great- I remember I was messing around one time at a gym with a barcode-access weight room, and I bought a drink from the vending machine, scanned it, and it let me in. Beats the $30/mo fee for using it.

    Also, my school uses barcodes on ID cards to pay for lunch. I scanned mine and found that it’s just your student ID number and two zeros. Student ID numbers are pretty much in public domain.

  15. martin says:

    http://www.barcodesinc.com/generator/index.php

    generate your name in barcode (or anything else)

  16. Megachad says:

    Personally, I’ve been hacking barcodes for a little while now, and I use mainly two online tools :

    http://www.terryburton.co.uk/barcodewriter/generator/

    A generator, it is awesome.

    http://www.turbulence.org/Works/swipe/barcode.html

    A 2D decoder, I haven’t used it much yet since I don’t hack many 2D barcodes, but everytime I did, it worked great. By the way, the video is awesome.

  17. Megachad says:

    Sorry, I just realized I didn’t post the good link for the decoder. This is another decoder, but not for the same purpose. I don’t have the link on the computer I’m writing on but I’ll try to find it.

  18. Gagan says:

    now im trying to google it, but cant find it, can anyone find a good 1d barcode decoder?

  19. blahhhh says:

    are there any online 1d bargode decoders for macS?

  20. rybolov says:

    The state of barcode generation with open source has improved greatly. Have a look at zint, it’s both a shell utility and has a GUI.

    http://www.zint.org.uk/

  21. secure wifi says:

    you ok if i add this info to my blog?

  22. meola says:

    Since you said you opened the files in “notepad” I guess you are on Windows

  23. Great Hack,Nice Job Guy!!

  24. you ok if i add this info to my blog? Great Hack,Nice Job Guy!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 97,902 other followers