LAS VEGAS - Last year, two security researchers showed how to hack a NFC ticket for free public transport in the towers, using a safety function misapplied hack ticket.
Just months later, two Italian teenage hackers have discovered even more ways to hack the same type of ticket for free spins hack ticket, even against the security function that the system lacked last year.
These tickets, Misfire Ultra light used in many major cities around the world.
SEE ALSO: Your Smart TV could be hacked to spy on you
Mateo Collier, 19, and Mateo Baccarat, 18, have discovered two new security holes allow them to stamp the ticket with NFC Android phone and become a ticket from a limited run unlimited.
They claim that the hacks are pretty easy to play hack ticket .
"You can get tips for your life"
"You can get free travel for life," said Baccarat to Deaf Con hacking conference Saturday, where two teenagers presented their trick hack ticket .
Conferences such as Deaf Con hackers expose holes allow for companies to solve.
The two decided to study the safety of air after the city of Turin in January implement NFC cards.
Baccarat and Collier must first know how they worked the fries, which turned out to be easy. "They advertise on their website," Baccarat said in response to a question at the conference about how they discovered the error hack ticket .
After the crowd laughed, shrugged and said simply: "Google".
When they began to study the notes, teens first attempted in piracy last year, which was exposed to the public by Corey Banning and Max Sowbelly.
But he did not, because unlike plane in San Francisco and New Jersey hack ticket , parts of Turin allowed one time programmable (OT), which are bytes that run between zero and one after every ride.
But the two teenagers were not abandoned. hack ticket They came to a large number of inputs and use of its NFC technology, a device that can connect to a computer unit (and costs less than $ 50 on eBay) to see what was happening inside the chip.
This was possible because Misfire Ultra light not encrypted so that the data are readable in any NFC device.
At this point, they realized part of the penalty that allowed them to turn OT sector in read-only mode, which means that data can not be changed - for the stamping machine can not change what subject hack ticket .
OT closed bites in its current state with the number of laps remaining.
"Once you lock the OT sector hack ticket , do not have to do anything else to write, ever," Baccarat told Mash able.
hack ticket "And do it once and you get a ticket unlimited rounds."
Baccarat also noted Collier and timestamp, which is used to determine if the new bill is to be stamped (each stamp is valid for 90 minutes) hack ticket , stored in a chip part in the read-write mode. This person listening could read and write, Baccarat told Mash able.
In other words, even after 90 minutes, I just had to scan the ticket with NFC devices (like the Samsung Galaxy S?O, etc.) and change the date hack ticket , which is possible with several free applications.
"It's like hitting the ticket for you"
"It's like hitting the ticket for you," he said.
hack ticket how to do ??
The two teenagers were tested the first feat on the road and has proved successful hack ticket .
They could not prove the date change trick, since it does not have a NFC phone or tablet, but said the trick should work, since it is possible to overwrite the data.
Collier Baccarat and offers a simple solution to the first question: a firmware update on the machines that make the program refuse to validate a closed ticket hack ticket .
Hack Change date, however, is more difficult to solve hack ticket . I was told that the only solution is to encrypt all data on the ticket, but Misfire Ultra light encrypted.
Baccarat and Collier already aware of the transit agency Turin hack ticket , who said they fixed the first ruling on the trams and buses - but still not on the subway.
Banning, one of the two researchers who found the first vulnerability Misfire Ultra light last year, hack ticket was in the crowd. He was surprised.
"The systems we saw before that you did not use the OT bits, it was kind of one of our recommendations to address," he said hack ticket .
"But if [the carriers] put those and had never actually read or have not been successfully put these pieces, and again stayed in topics today. So not only do they need to them well, but have to check if they set their doubts. "
hack ticket The next stop for Baccarat and Collier is to finish building an application that automatically locks the ticket OT area and change the date and time every time someone scans a ticket.
At this point hack ticket , anyone with an Android NFC will be able to check if your ticket has been hacked. And if that's the case, you will not have to pay for bus trips at once.
0 commentaires:
Enregistrer un commentaire