Exploits of a Barcode (how the suck ass at security)
Barcodes are some of the most interesting things i have ever researched, you can quickly ID a product, tell how much money its worth and charge a customer, or you could say this item belongs on this shelf or this book goes in this section, etc. Now all that seems cool and very useful but you can also use Barcodes to reset or “hack” (I use this term very lightly) a system.
Barcodes A barcode is a machine readable (a format readable by computers basically) representation of data, that normally states something about what it is on such as books, store products, produce etc. There are two types of Barcodes 1D and 2D. 1D displays information using the spaces and widths on it, while 2D the later version of Barcodes yous more complex patterns (but that is not relevant). Now all that's well and good but after all humans don't read Barcodes, computers do, and computers use code, have command keys, and certain things that the system must follow due to their programming.
Now let's get into the fun stuff, exploiting the computer’s programming and command keys through a simple piece of paper, a Barcode to be exact. The process which the Barcode is scanned, goes like this: “person A” scans a barcode into a scanner, the scanner takes that information and inserts it to a computer, computer reads said information, computer lists said information, “person A” pays and takes their product and leaves. Now we are going to do this same process but just not in the same way. If you do a simple web search of Barcode configuration you should be able to get a PDF’s of Barcode user's manual’s or just click this link to one from opticon, and then you just use that to screw with there system. But that way is to easy, to limiting, we want more control. Most Barcode scanners are just glorified keyboards, which mean they can send key commands threw to their main operating system or OS. Most of the OS’s are Windows Vista and 95 or just older Windows OS’s in general, which means they have command keys such as the Windows key or the ESC key. That means you can just scan in ctrl-alt-esc or ctrl-esc or any other key command known to that OS, you get the basic idea you could also just restart the computer that way to. Now you can't just scan the letters Ctrl-Esc the scanner wouldn't be able to read that, you would have to convert your commands into a Barcode. You can do that by just using free software or just using a web program (software is mostly better though). When you are writing the commands you must make sure you have the barcode formated to the correct type of Barcode format. We are going to use UPC-A because my research tells me that it is a majority of store’s use (you should do your own research, links below). Once you have written your Barcode you can print it and if you have done everything right the machine should read it and carry out the command. And that brings me back to the barcode process remember? “person A” scans a Barcode into a scanner, the scanner takes that information and inserts it to a computer, computer reads said information, computer lists said information, “person A” pays and takes their product and leaves. Well basicly it's still the same except this time “person A” scans Barcode, Barcode closes that program, you walk out knowing you just gave the manager a huge headache for about half an hour.
What this all means Basicly what I am trying to say is that you should be able to use Barcodes to restart or tamper with a program, enter commands into a computer’s OS, or basically anything you want that involves a Barcode and commands. In the past some hackers have even installed malware onto the OS using Barcodes and gotten information from it. But I am not saying you should attempt any of this because well it's illegal but the concept is still very interesting(obviously this paper was for educational purposes).
I hope that you were able to learn something from this, and happy researching it took me long enough.
Links/Sources: http://ift.tt/2c8rEc1 http://ift.tt/1JkPoWw http://ift.tt/2c8rZLu http://ift.tt/2cvAz5v http://ift.tt/2c8sbKP
Sry if there are any errors in the information here (im only in 8th GR)
Submitted September 06, 2016 at 09:25AM by the_biscuit_521 http://ift.tt/2cobFnV via TikTokTikk
No comments:
Post a Comment