Description: Barcodes are an optical, machine readable representation of data and are widely used in identifying inventory in retail, military, postal departments etc. Barcodes can be either 1D or 2D and represent binary data. The 1D barcodes for example can be decoded by manual inspection by looking at the width and number of the individual white and black lines. In this video, "FX" Felix Lindner demonstrates security vulnerabilities in existing barcode implementations in his talk titled "Toying with Barcodes" at Defcon 16. FX explains the basics of barcodes and runs us through how he cracked various flawed implementations in Parking tickets, Recycling machines, Access control systems, DVD rentals, Newspaper Ads, Postal codes, Airline boarding tickets, Baggage tracking, etc.
The interesting thing he mentions is that barcode scanners and their backend servers can be easily hacked by crafting malicious barcodes. The attacks include buffer overflows, sql injection, XSS etc. In his talk he mentions specific organizations whose barcodes are vulnerable to attack. It's a very nice talk, almost makes me wanna get started with barcode hacking right away. Who knows, I maybe posting my own barcode hacking videos in the coming weeks :)
The high resolution video of the talk can be downloaded here. A PDF of the talk slides can be downloaded here.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.