Free Laundry! Stored Value Card Password Fail

ihack ? iam has posted a highly amusing and detailed analysis of Web Laundry (In)Security

Ok, now we just need to guess the write 7 password. The password is 24 bits… That gives us 16,777,216 attempts to brute force it. At 4 attempts per card that will take 4,194,304 cards or 2,097,152 cards on average… There must be an easier way… My next idea was to sniff the traffic between the reader and card to get an idea of what kind of data is being passed back and forth, then after wading through the paper above, implement the algorithm to crack the cipher itself. Then I found this little diddy in the datasheet

[…]

Surely you would think the engineer(s) implementing this weren’t negligent enough to leave the default password… you would be wrong.

This is very much along the same lines as my presentation at The Next HOPE on Keypad Entry Systems. Start with the most basic tests and you will be surprised how quickly things fail, even things sold as “Unmatched Security and Cutting Edge Technology”.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.