About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Exploiting the Nespresso smart cards for fun and coffee- 387

Polle VanhoofPosted 5 Years Ago
  • Nespresso is a popular coffee machine that has custom smart cards in an office setting. These smart cards are using the known vulnerable mifare classic brand.
  • The author, knowing the cards were by default vulnerable, made an assumption that data was being stored on the smart card (and not on a server). Once the author made this assumption, they attempted to crack the keys of the smart card using known software.
  • However, this software had some issues. So, the author posted a few pull requests to get the key extraction process to work. Now, the encryption keys for the cards were cracked.
  • If the money is stored on the card, how do we know where? Simple: view, make a transaction then see what values change. By knowing how much money was on the card, purchasing something, then checking the value again, the binary dump showed where to alter.
  • Using some of the already available tools, the author set the money value to a ridiculously high number that was not even possible to display on the coffee machine (lolz). Pwnage complete!
  • The mitigations for this issue would be to use newer smart cards or store the data server-side. When the author disclosed to Nespresso they already offered by in newer products.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed