lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Wed Mar  1 13:02:03 2006
From: dudevanwinkle at gmail.com (Dude VanWinkle)
Subject: Re: Fedex Kinkos Smart Card Authentication
	Bypass

On 2/28/06, Lance James <bugtraq@...urescience.net> wrote:
> Eric B wrote:
> > Wait, so if I read this right, consumers with existing cards could
> > dupe their legit cards for fake ones and cash in the fake ones yet
> > still have credit on the legit card?
> >
> > So I'm assuming Fedex has no database/authentication system storing
> > these serials...brilliant.
> >
>
> Yup.
>
> According to Fedex Kinko's:
> "Our analysis shows that the information in the article is inaccurate
> and not based on the way the actual technology and security function.
> Security is a priority to FedEx Kinko's, and we are confident in the
> security of our network in preventing such illegal activity."
>
> Our response:
>
> http://ip.securescience.net/exploits/P1010029.JPG

lol, now thats a funny picture!

So am I to assume that normally you can go beyond 31337 on a Kinko's
card and this is a modding of the original to produce the displayed
picture?

-JP

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux