Matasano Chargen » Blog Archive » Well that was way too fast…

Well that was way too fast…

Dave G. | September 20th, 2006 | Filed Under: Uncategorized

I am holding in my hands a legitimately obtained copy of the manual. There are a lot of security sensitive things inside of this manual. As promised, I am not going to reveal them, but there are:

Instructions on how to enter the diagnostic mode
Default passwords
Default Combinations For the Safe

Do not ask me for them. If you maintain one of these devices, make sure that you are not using the default password. If you are, change it immediately.

Viewing 4 Comments

Adam 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

I'm curious...does the manual explain how to execute the attack described? That is, from the console, reprogram the ATM to know what sort of bills are in each feed?

reply edit reblog flag

http://www.emergentchaos.com

Alan 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

See the Wired story:

http://blog.wired.com/27BStroke6/#1560245

reply edit reblog flag

Chris 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

I know of at least one other ATM model whose management interface can be accessed via the keypad w/out an intervening powercycle.

This model allows the denomination to be changed using the management interface, with procedures described in the manual.

reply edit reblog flag

scalefree 2 years ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

And it also includes the 3 default passwords, a section on setting the 3DES keys, all sorts of fun stuff. What I'm wondering about is why the guy didn't set the $20 tray to $1 instead of $5, since it's a valid option. You'd get way more money that way.

reply edit reblog flag

Well that was way too fast…

Add New Comment

Viewing 4 Comments

Add New Comment

Trackbacks

People We Read

Things We Write

RSS Feed

Archives