Whenever someone manages to expose vulnerabilities in everyday devices, we love to root for them. [Adrian] over at Irongeek has been inspired to exploit barcodes as a means to attack a POS database. Based on an idea from a Pauldotcom episode, he set out to make a rapid attack device, using an LED to spoof the signals that would be received by scanning a barcode. By exposing the POS to a set of generic database attacks, including XSS, SQL Injection, and other errors easily solved by input sanitation, he has created the first version of an automated system penetration device. In this case the hardware is simple, but the concept is impressive.
With the hardware explained and the source code provided, as well as a basic un-sanitized input cheat sheet, the would-be barcode hackers have a great place to start if they feel compelled to provide a revision two.
[Thanks Robert W.]
Hacking with Gum got their hands on one of the persistence of vision display fans that Cenzic was giving away at Blackhat this year. It’s not the biggest fan-based POV display we’ve seen but it’s still a fun device to tinker with. They hacked into the EEPROM on the device in order to change the message the fan displayed.
This is very similar to the other EEPROM reading/writing we’ve seen recently. Hacking with Gum read the data off of the EEPROM and then disassembled it to discover how the message data is stored on the chip. This was made easier by noting the messages displayed when the fan is running. The first byte of data shows the number of words in the message, then each chunk of word data is preceded by one byte that represents the number of letters in that work. Data length was calculated based on the number of pixels in each display character. Once he knew the data-storage scheme, it was just a matter of formatting his own messages in the same way and overwriting the chip.
This is a great write-up if you’re looking for a primer on reverse engineering an unknown hardware system. If you had fun trying out our barcode challenges perhaps deciphering EEPROM data from a simple device should be your next quest.
This morning we logged into Google to find a Barcode instead of the normal logo (how strange that Google would change their graphic!). Apparently today is the anniversary of the Barcode. This method of easily labeling items for computer scanning is used for every type of commodity in our society. But do you know how to get the cryptic information back out of the Barcode?
Here’s the challenge: The image at the top of the post was created by the devious writers here at Hack a Day. Leave us a comment that tells us what the message says and explains how you deciphered it. There are programs that will do this for you and some smartphones can do this from a picture of the code, but we’re looking for the most creative solutions.
The winner will be decided in a totally unfair and biased way and gets their name plastered all over Hack a Day (and possibly slandered a bit). So get out there and start decoding that machine-readable image.
Update: We’ve announced a winner for this challenge.
We’ve recently been getting a lot of new comments on our Bokode post from a while back, and with good reason. [M@] has managed to find a way to replicate Bokode at home, using $0 worth of equipment (before the price of microprint). To accomplish Bokode at home, it seems all you need is and old webcam lens assembly and an LED. Of course the his version is not as thin as a regular barcode so it probably wont be replacing anything in the near future, but the concept of from MIT to home within such a short period of time is amazing.
Reader [Nikolaus] decided that instead of using an existing image based bar code decoder, he would write his own. Using the Processing language he created a scanner that parsed the black and white pattern when a bar code was centered on the image. His code then parsed that data and compared it with the initializing character to provide a reference. Currently his scanner supports three character sets of the Code 128 encoding, and provided his complete code so that others could add as they see fit. He admits that the code is a bit messy due to the lengthy character tables, but very straight forward.
The MIT Camera Culture Group utilized Bokeh, an effect where the lens is purposely placed out of focus, in order to vastly improve current 2D barcode technology. Dubbed Bokode, the team claims that an off the shelf camera can read data 2.5 microns from a distance of over 4 meters, compared to today’s average barcode reader’s maximum distance of only a foot or so. What looks most interesting is the ability to produce a smoother and more accurate distance and angle calculations (relative to the camera): allowing for a better augmented reality. It also seems to be more secure than traditional 2D barcodes, that is of course until the hacker community gets a hold of it.
AndroidAndMe is running a bounty program for Android applications. Users can request a specific application and pledge money to be awarded to the developer who delivers the functional app. [Alec Holmes] just fulfilled the first request by creating Torrent Droid. You can use the app to scan media barcodes and then download the related torrent. It uses the phone’s camera to capture the product’s UPC barcode (similar to Compare Everywhere‘s price lookup) and then searches major torrent sites like The Pirate Bay to find a copy that can be downloaded. After getting the .torrent file, the app can submit it to uTorrent‘s web interface for remote downloading. The app will be released later this month and you can see a screenshot tour of it on Alec’s blog. It’s doubtful that an application like this would ever clear Apple’s App Store approval process.