Barcode attack technique (Badbarcode)
Diposting : Rabu, 02 Mar 2016

"The barcode attack that @Tk described on PacSec and included in his
demo video on twitter are so cool that I bought a scanner for research
as well. During my research, I went through all information whether it
is at home or abroad, but none covers the possible attack techniques.
So here is one.
...
The concept of using barcode to launch attack is raised years ago, but
no one digs deep. By using SQL barcode, it’s able to launch SQL
injection, XSS and overflow attack.

Whatever the device is, once part of the input can be manipulated, it
is risky."

Sumber

Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: