Hacking Self-Service Checkouts
I was in Tesco earlier today and as I was paying for my stuff, I noticed that one of the self-service tills was rebooting. There must have been something wrong with it, but they had a technician standing there working on the machine. Anyway, I noticed that it was running on Windows XP, and it didn't look as though it even had a service pack installed on it :facepalm: These machines are networked as well, and are therefore vulnerable to a fuck load of hacks and exploits. I wonder, how easy would it be to get onto the network of a store running self-service checkouts (UK Stores could be Tesco, Asda, Morissons) and then hack into the self-service machines. Once you're in, you could do a whole load of things such as mess with the software the machines run on, or even stick some malicious software on them. Imagine Goatse-ing a self-service checkout when an old granny is using it 
So, does anyone have any thoughts on this matter?
So, does anyone have any thoughts on this matter?
Comments
No, you cannot get the payment details, other than 'Paid cash', 'paid with card' etcetera out of the supermarket software - the card machine simply tells the supermarket software that the transaction was successful / unsucessful.
With regards to hacking into the machines, they easiest way would be to gain physical access to them - being that their legally has to be someone next to them to verify age restricted product sales, you are going to be shit out of luck trying to tamper with it as you scan your bic razors, lynx and cola through.
I better idea is if you rack up to the customer service counter looking clean, ID lanyard on and clipboard with fake paperwork. Tell them you are their to do the hardware update and that you need to close 2 /3 self scan checkouts at a time. Make sure you do this at a time when it is not very busy, but it is going to be getting busier - 1115 seems like a good time - enough time to get what you want before the lunchtime rush - tell the staff the sooner you get in, the sooner you can get out of the way for the lunchtime rush, but do not be pushy about this. If they want to phone your manager, they can. Give them a skype number for your number 2 or to an answerphone.
Ensure your paperwork looks good and has 'Working with XYZ supermarket' or 'XYZ sales technology partner'. Bonus points if you nick a Hi Viz from one of the trolly collecter dudes who already has a branded high viz and you make an iron on transfer to match up with your paperwork.
When you have the green light, ask to speak to the checkout manager. Ask them if the units have had the factory password (make up whatever password you want here, but dont make it complicated, factory passwords almost never are) cleared and have a local one. Tell them you do not actually need the password, but you will have to reboot the machines without it - again, you are banking on them wanting the machines up and running as quickly as possible. They may even give you a staff swipe card and the pin number (the one that they use of age approvals and transaction over rides) - if you get that, use your own barcode scanner or if you are really clever, read the bardcode.
You must also have a technicians toolkit to get in and seem professional - check out machines before you do that, you do not want to seem like an idiot not knowing where the access panel is. Put any old shit inside it - a memory card from a phone or a camera or an old card out of a PC.
You now have a knowledge of the hardware and with any luck, a copy of the barcode and password for the machines. Do not try to do anything with them on this visit - come again later.
You might run into trouble if you get Joe Bloggs access barcode and pass - its possible they have set the machine up so it will not accept them if they have not clocked in at work or logged into the machines. The checkout manager card should give you higher levels of access.
Their is however, a much better scam to do on these machines that is very simple, but unknown to the stors as far as I know at the moment. I will PM this to people on here I trust - PM me for it and I may share. Do not be disapointed if I do not, maybe I will share it with you in a few months when you seem more trustworthy and have posted some decent stuff yourself.
Where I work they run Windows XP as well, We have bar codes that are shared between attendants. Normally the technician rocks up in their company uniform with a tool kit and USB keyboard, unlocks the case and runs what ever he needs to from a flash drive. From what I have seen there are 2 USB ports behind the display.
Edit: http://c3185012.r12.cf0.rackcdn.com/v3/:original/selfserv_checkout_ds.pdf/3aa20e4ae727c4281c5eeac2bb0f0cb0/selfserv_checkout_ds.pdf