lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed Jun 28 22:41:50 2006
From: thinkpadr50dongs at yahoo.com (Peter Richards)
Subject: SECURITY ADVISORY: FLAVIA BEVERAGE MACHINE

AFFECTED:  FLAVIA BEVERAGE SYSTEM (ALL VERSIONS)

NOTES:  SO FAR THIS EXPLOIT HAS ONLY BEEN TESTED WITH THE "CHOCO" FLAVOR OF BEVERAGE PACKET.

SPECIAL THANKS TO:  V.S. KESHURAVAIA GADHIRECHELA IN THE CUBICLE NEXT TO ME.

GREETZ:  #COFFEEMACHINES, #31337DONGS, #HOMOSEXUAL_HACKERS

ABSTRACT: THE FLAVIA VENDING MACHINE WORKS ON THE PREMISE THAT ACCESS TO BEVERAGE PACKETS DOES NOT IMPLY ACCESS TO THE BEVERAGE. THE SECURITY CONTROLS EXIST ON THE MACHINE TO ENSURE THAT PAYMENT IS RECEIVED BEFORE BEVERAGE DISTRIBUTION IS POSSIBLE. HOWEVER, IN REALITY, IT IS POSSIBLE TO CREATE A BEVERAGE USING ONLY THE BEVERAGE PACKET AND NOT THE FLAVIA MACHINE.

[PROOF OF CONCEPT]

SUPPLIES REQUIRED:  PAIR OF SCISSORS (1), BOILING WATER, STYROFOAM CUP (1), FLAVIA BEVERAGE PACKETS (2), STRAW (1)

PROCEDURE:  

1.  POUR BOILING WATER INTO STYROFOAM CUP UNTIL IT FILLS 75% OF THE CUP'S VOLUME.

2.  CUT EACH FLAVIA BEVERAGE PACKET AT THE BOTTOM SEAM AND EMPTY IT INTO THE WATER.

3.  STIR VIGOROUSLY WITH STRAW.

4.  OVERWRITE THE INSTRUCTION POINTER WITH THE ADDRESS OF YOUR SHELLCODE.

ER

4.  ENJOY YOUR DELICIOUS BEVERAGE.

[STEPS TO CORRECT]

THE FLAVIA MACHINE IS FLAWED DUE TO ITS FREE DISTRIBUTION OF FLAVIA BEVERAGE PACKETS NEXT TO THE MACHINE. THE BEVERAGE PACKETS SHOULD BE STORED INSIDE THE MACHINE. UNTIL THEN, THIS EXPLOIT WILL BE CONTINIOUSLY USED BY THE MEMBERS OF CUBICLE 4701 AS WE ENJOY BEVERAGES THAT TASTE LIKE FREEDOM.

##
 		
---------------------------------
Want to be your own boss? Learn how on  Yahoo! Small Business. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060628/083c62dd/attachment-0001.html

Powered by blists - more mailing lists