dan_m1les
Member
Registered: 8th May 06
Location: Burnham, Buckinghamshire
User status: Offline
|
Hi All,
I have a card that I top up for the self service sun bed shop i go to  You get double minuete etc if you do it this way.
However the card has like a sim card bit on it, and i assume the system is quite simple as it has to work with the machine and then the machines on the doors to adjust the time etc?
Are these easily "hacked" via a pc with a car reader?
[Edited on 14-04-2011 by dan_m1les]
|
dan_m1les
Member
Registered: 8th May 06
Location: Burnham, Buckinghamshire
User status: Offline
|
Turn out its a smart card, can easily optain a smart card reader online.
I would assume the information on the card can easily be changed?
|
Brett
Premium Member
Registered: 16th Dec 02
Location: Manchester
User status: Offline
|
Hacking sun beds 
|
Steve
Premium Member
Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
|
What about if you do it wrong and the sun bed comes alive and starts attacking people with a UV laser?
|
dan_m1les
Member
Registered: 8th May 06
Location: Burnham, Buckinghamshire
User status: Offline
|
Whats wrong with hacking sun beds 
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Offline
|
Depends if the balance is stored on the card or the card merely identifies you and the balance is held in a list at the shop.
If the balance is on the card and you have the means to write then yes, you can increase your balance.
If the balance isn't on the card then you could probably present a different id and exhaust other people's balances.
If it's done properly it'll have an encryption hash stored alongside your id number so you can't just change one and not the other. When you present the id, the reader does some maths on your id number and checks the result with hash result which is already stored on the card. If they match, boom you're in. If they don't, you fail.
Problem being you won't know which hashing algorithm is used and they will probably use a salt which you won't know either.
|
adiohead
Member
Registered: 28th Sep 01
User status: Offline
|
I have an old Elvis card reader
|
DaveyLC
Member
Registered: 8th Oct 08
Location: Berkshire
User status: Offline
|
The card will generally just have an ID stored on it, the time allocated etc. will be in a database somewhere.
|
dan_m1les
Member
Registered: 8th May 06
Location: Burnham, Buckinghamshire
User status: Offline
|
The car machines on teh doors are simply plugged in to the mains, so I assume the information is stored on the card.
Its a polish operation, so I doubt they have any form of top end encryption.
|
Dom
Member
Registered: 13th Sep 03
User status: Offline
|
Purchase a reader/writer and have a look...
|
dan_m1les
Member
Registered: 8th May 06
Location: Burnham, Buckinghamshire
User status: Offline
|
Does anywhere on the high street sell card readers?
|
Chris
Premium Member
Registered: 21st Sep 99
User status: Offline
|
you will be able to alter the value field, but will no doubt be checksums to the value carnt just be hacked.
|
Doug
Member
Registered: 8th Oct 03
User status: Offline
|
Do you know the make/model of the sunbeds? Maybe we can look at some tech info about the card units attached to them
|
