neoglow Posted September 21, 2007 Posted September 21, 2007 Does anyone know how i could make a program to put on a cd that would install a program on a photo kiosk that would email me all the contents of the usb devices when plugged in to the photo kiosk. I know on usbhacks website theres a program which will email the contents of a usb device when its plugged in to a pc what i want to try do is put something like this on a cd and launch it using autorun and have it install and run on the photo kiosk I have researched photo kiosk,s and it says they have windows xp as the os for most photo kiosk. photo kiosk have a cd drive and usb ports as well as memory card ports. I tried putting a usb thum drive in to one with the usb app on it but it did not work. Maybe a cd version would as autorun always launched a file without user prompt even if its on xp or vista. Also the photo kiosk are connected to a wireless network within most stores so i know they are connected to the internet. Quote
deleted Posted September 21, 2007 Posted September 21, 2007 Yes, this is very possible. It will be very difficult because these machines will be locked down. So much. Autorun will be probably disabled. (P.S. The poll button is to close to the New Topic Button). Quote
Sparda Posted September 21, 2007 Posted September 21, 2007 Those things probably run unpatched XP SP2, try using the wmf vulnerability. Quote
neoglow Posted September 21, 2007 Author Posted September 21, 2007 Where can i find out about wmf vulnerability. The usb hacksaw/switch blade didnt work in the photo kiosk no menu popped up but maybe thats becuase it was hidden behind the main photo printing program thats why i think the auto run would work as you do not need to click ok to get a program to auto run from a cd. I will work on it in the next few days but i got to get my old pc up and running as i use that for all my programing Quote
Sparda Posted September 21, 2007 Posted September 21, 2007 The CD doesn't need to autorun becasue the software the machine is running is activly looking for image files on the disk. Quote
neoglow Posted September 21, 2007 Author Posted September 21, 2007 I get your drift where can i find out about the wmf vulnerability??? Quote
Deveant Posted September 24, 2007 Posted September 24, 2007 umm 2 things, wouldnt the image box's be in a way frozen by progs like deep freeze? just incase they crash n burn, all the Manager needs to do is restart? And the second, why would the machines be connected to the internet? Apart from this, would be interesting to see if it would work, though do u really want the pictures of the old seedy men, wif there chop flopped out? Quote
digip Posted September 25, 2007 Posted September 25, 2007 umm 2 things, wouldnt the image box's be in a way frozen by progs like deep freeze? just incase they crash n burn, all the Manager needs to do is restart? And the second, why would the machines be connected to the internet? Apart from this, would be interesting to see if it would work, though do u really want the pictures of the old seedy men, wif there chop flopped out? They are sometimes online when you cant to go back into yoru account and reprint something online or get them scanned and emailed or put on cd. The Wallgreens down the street from me allows me to send the pictures to them via the website and we then go in and can pull them up on the screen to crop/adjust, etc and then print them. Maybe not all kiosks can do the online thing, but I would imagine it could be hooked up for other things, like phoning home stats and to preint reports on what supplies the kiosk might need. One thing would be to find someone you know who works at a place that has a photo kiosk and maybe get some more insight, as most of this is just assumption. It may be connected to their internal newtwork, but have no direct internet access at all. I think until someone can confirm this, no amount of hacking is going to get you an emailed package unless you can do two things. Confirm it has internet access, and two, it has the ability to send mail that isnt blocked by their network(which could be installed via cdrom or U3 thumbstick, etc). It may be blocked from sending anything over normal port 25 or any number of ports may be blocked. One thing to try is instead of setting some major payload, like emailing pictures, try to do some diagnostics, like run the tree command to a text file to save on a usb drive, an ipconfig /all, and maybe get some ip address scans or OS scans with nmap or something to save to the thimb drive. Then go home and analyze the data to formulate the method for your hack. Knowing what yoru up against first will help decide what is going to work for your payload. Quote
rFayjW98ciLoNQLDZmFRKD Posted September 26, 2007 Posted September 26, 2007 most photo kiosks aren't connected to a network, and many don't run windows. The Kodak ones run a hacked up OS from SUN. Quote
digip Posted September 26, 2007 Posted September 26, 2007 most photo kiosks aren't connected to a network, and many don't run windows. The Kodak ones run a hacked up OS from SUN. Good tip. This is why its good to know someone who works with them so you can find out more about them. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.