You can login if you already have an account or register by clicking the button below.
Registering is free and all you need is a username and password. We never ask you for your e-mail.
This attack method is only effective on systems that use a "keyboard wedge" style barcode scanner. Keyboard wedge scanners emulate standard keyboard input to allow easy reading of scanned codes. Whatever the scanner reads from a valid barcode is sent to the computer as a series of keyboard keycodes. No special software is needed to capture the output since it simply looks like something a user typed. This is why you can send these keystrokes to execute commands. Other forms of barcode scanners that have more complex interfaces and require device drivers will not be susceptible to this type of attack. Keyboard wedges are common, but not every barcode scanner works this way. Also, most higher-up models of scanners can be programmed to not allow certain types of character or keycode output so a properly configured wedge scanner can easily mitigate this problem.
view the rest of the comments →
[–] Morbo 0 points 3 points 3 points (+3|-0) ago
This attack method is only effective on systems that use a "keyboard wedge" style barcode scanner. Keyboard wedge scanners emulate standard keyboard input to allow easy reading of scanned codes. Whatever the scanner reads from a valid barcode is sent to the computer as a series of keyboard keycodes. No special software is needed to capture the output since it simply looks like something a user typed. This is why you can send these keystrokes to execute commands. Other forms of barcode scanners that have more complex interfaces and require device drivers will not be susceptible to this type of attack. Keyboard wedges are common, but not every barcode scanner works this way. Also, most higher-up models of scanners can be programmed to not allow certain types of character or keycode output so a properly configured wedge scanner can easily mitigate this problem.