Full Disclosure mailing list archives
Re: Re: Fedex Kinkos Smart Card Authentication Bypass
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 1 Mar 2006 08:01:54 -0500
On 2/28/06, Lance James <bugtraq () securescience net> wrote:
Eric B wrote:Wait, so if I read this right, consumers with existing cards could dupe their legit cards for fake ones and cash in the fake ones yet still have credit on the legit card? So I'm assuming Fedex has no database/authentication system storing these serials...brilliant.Yup. According to Fedex Kinko's: "Our analysis shows that the information in the article is inaccurate and not based on the way the actual technology and security function. Security is a priority to FedEx Kinko's, and we are confident in the security of our network in preventing such illegal activity." Our response: http://ip.securescience.net/exploits/P1010029.JPG
lol, now thats a funny picture! So am I to assume that normally you can go beyond 31337 on a Kinko's card and this is a modding of the original to produce the displayed picture? -JP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Fedex Kinkos Smart Card Authentication Bypass Dude VanWinkle (Mar 01)
- Re: Re: Fedex Kinkos Smart Card Authentication Bypass Lance James (Mar 01)
- Re: Re: Fedex Kinkos Smart Card AuthenticationBypass Dave Korn (Mar 02)
- <Possible follow-ups>
- Re: Re: Fedex Kinkos Smart Card Authentication Bypass Michael Holstein (Mar 01)
- Re: Re: Fedex Kinkos Smart Card Authentication Bypass Gaddis, Jeremy L. (Mar 01)
- Re: Re: Fedex Kinkos Smart Card Authentication Bypass Lance James (Mar 01)