<div>Hi,</div>
<div>some interesting story regarding default passowrd & ATM:</div>
<div><a href="http://www.youtube.com/watch?v=cmW_4R81jVU">http://www.youtube.com/watch?v=cmW_4R81jVU</a></div>
<div> </div>
<div>Kind Regards,<br><br>Elad Shapira ("Zest")<br><br><br>"Security, however, is an art, not a science." - RFC 3631<br><br> </div>
<div><span class="gmail_quote">On 7/4/07, <b class="gmail_sendername">Kristian Hermansen</b> <<a href="mailto:kristian.hermansen@gmail.com">kristian.hermansen@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">The Hyosung NH-5050 ATM runs Windows XP or Windows CE and is<br>vulnerable to the same exploits which allow criminals to dispense
<br>large amounts of money by exploiting the "denomination alternation"<br>attack vector using prepaid debit cards. Mitigating factors require<br>the attacker having knowledge of how to place the ATM into such an
<br>operational mode that the diagnostic features can be invoked. The<br>default passwords must also be unchanged since their factory settings,<br>unless the attacker has guessed or brute-forced the nearly 1,000,000<br>possible other combinations.
<br><br>I won't link anyone to the details, but this attack vector has been<br>known for a long time against other ATM models. The question I have<br>is this -- has Hyosung issued an update to prevent this on newer ATMs?
<br>It is quite an interesting topic, but I am baffled by the relative<br>ease compared with other ATM attacks that have been documented<br>publicly...<br>--<br>Kristian Hermansen<br><br>_______________________________________________
<br>Full-Disclosure - We believe in it.<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/">
http://secunia.com/</a><br></blockquote></div><br>