I’ve been on the fence about this, but I finally decided I would share a smartcard exploit I found awhile back…
My apartment complex uses a smartcard system for it’s washers and dryers. We use a “transaction station” to recharge the cards. Being impatient one day adding credits, by chance I stumbled on a way to add “free” credits on to my smartcard.
I did some research, and found out the “transaction stations” are made by a company called Greenwald Industries. (there are no markings or stickers on the station, so it took me awhile to find the manufacturer )
Here’s what the transaction station looks like in case you have one in your building/dorm/etc:
Here’s what you do:
1. Put your smartcard into the machine like you normally do.
2. Insert some money into the dollar changer.
3. Now immediately as you inserted the first bill, take a second bill (doesn’t matter what denomination) and try to feed it into the changer while the station is still processing the first bill. Make an effort to really try and insert the 2nd bill. Don’t remove the 2nd bill until the next step occurs.
4. While you are inserting the 2nd bill the display should be showing “adding credits” on the screen but it should eventually say “bill error” and spit the first bill you put in, out.
5. As soon as it spits the first bill out, immediately pull the smartcard out of the machine.
When you put the card back into the station to check your balance, you will find that, even though the station got confused by you trying to stick another bill in while it was processing the first bill, it still manages to add the credits to your card.
Obviously since you pull the card out of the machine before it is able to reverse the credits, the credits remain on the card.
I don’t know how widespread these stations are, but I’d figure I’d share this exploit anyways. Enjoy!