laundry

24 Articles

Face-slapping Security Gaff In Stored-value Cards

September 7, 2010 by 39 Comments

The laundry machines at [Hans Viksler’s] apartment were converted over from coin operation to stored value cards. We’ve all dealt with these cards before and [Hans] thought it would be fun to do a little sniffing around at how this particular company implements them. We’ve covered how to read these cards and there have been several stories regarding how to bypass the security that they use.

But [Hans] wasn’t interested in stealing value, just in seeing how things work. So he stuck the card in his reader and after looking around a bit he figured out that they use the Atmel AT88SC0404C chip. He downloaded the datasheet and started combing through the features and commands. The cards have a four-wrong-password lockout policy. He calculated that it would take an average of over two million cards to brute force the chip’s stored password. But further study showed that this is a moot point. He fed the default password from the datasheet to his card and it worked.

We know it takes quite a bit of knowledge for the average [Joe] to manipulate these cards at home, but changing the default password is literally the very least the company could have done to protect their system.

Free Laundry Redux

July 3, 2010 by 53 Comments

[Koala] was worried his pseudo smart card trick wouldn’t be considered a HackaDay worthy. We’re more worried the internet police will find this article and have us all tarred and feathered.

Jokes aside, it seems Laundromat owners sure aren’t learning. Long story short, using a Bus Pirate and a few techniques we’ve seen before for smart card hacking [Koala] is able to write whatever amount he needs onto his pseudo smart card; thus giving him a free load of laundry.

Free Laundry

October 12, 2008 by 52 Comments

While waiting for his clothes to dry, our reader [xaio] decided to poke around and see how his building’s coin laundry system worked. It turned out to be ridiculously simple. All he needed to do was jumper the cable coming from each machine and they’d run without issue. We wonder why the relay box is so big. In any event, it could certainly benefit from a more secure installation.