SECURITY ADVISORY: FLAVIA BEVERAGE MACHINE

[Peter Richards <thinkpadr50dongs () yahoo com>]

AFFECTED:  FLAVIA BEVERAGE SYSTEM (ALL VERSIONS)

NOTES:  SO FAR THIS EXPLOIT HAS ONLY BEEN TESTED WITH THE "CHOCO" FLAVOR OF BEVERAGE PACKET.

SPECIAL THANKS TO:  V.S. KESHURAVAIA GADHIRECHELA IN THE CUBICLE NEXT TO ME.

GREETZ:  #COFFEEMACHINES, #31337DONGS, #HOMOSEXUAL_HACKERS

ABSTRACT: THE FLAVIA VENDING MACHINE WORKS ON THE PREMISE THAT ACCESS TO BEVERAGE PACKETS DOES NOT IMPLY ACCESS TO THE 
BEVERAGE. THE SECURITY CONTROLS EXIST ON THE MACHINE TO ENSURE THAT PAYMENT IS RECEIVED BEFORE BEVERAGE DISTRIBUTION IS 
POSSIBLE. HOWEVER, IN REALITY, IT IS POSSIBLE TO CREATE A BEVERAGE USING ONLY THE BEVERAGE PACKET AND NOT THE FLAVIA 
MACHINE.

[PROOF OF CONCEPT]

SUPPLIES REQUIRED:  PAIR OF SCISSORS (1), BOILING WATER, STYROFOAM CUP (1), FLAVIA BEVERAGE PACKETS (2), STRAW (1)

PROCEDURE:  

1.  POUR BOILING WATER INTO STYROFOAM CUP UNTIL IT FILLS 75% OF THE CUP'S VOLUME.

2.  CUT EACH FLAVIA BEVERAGE PACKET AT THE BOTTOM SEAM AND EMPTY IT INTO THE WATER.

3.  STIR VIGOROUSLY WITH STRAW.

4.  OVERWRITE THE INSTRUCTION POINTER WITH THE ADDRESS OF YOUR SHELLCODE.

ER

4.  ENJOY YOUR DELICIOUS BEVERAGE.

[STEPS TO CORRECT]

THE FLAVIA MACHINE IS FLAWED DUE TO ITS FREE DISTRIBUTION OF FLAVIA BEVERAGE PACKETS NEXT TO THE MACHINE. THE BEVERAGE 
PACKETS SHOULD BE STORED INSIDE THE MACHINE. UNTIL THEN, THIS EXPLOIT WILL BE CONTINIOUSLY USED BY THE MEMBERS OF 
CUBICLE 4701 AS WE ENJOY BEVERAGES THAT TASTE LIKE FREEDOM.

##
                
---------------------------------
Do you Yahoo!?
 Next-gen email? Have it all with the  all-new Yahoo! Mail Beta.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/