Versus71 Posted January 16, 2014 Report Posted January 16, 2014 Because of the nature of barcodes, developers may not be expecting attacks from that vector and thus don't sanitize their inputs properly. I had previously written "XSS, Command and SQL Injection vectors: Beyond the Form" so this was right up my alley. I constructed this page that lets you make barcodes in Code 93, Code 39, Code 39ext and Code 128A, B and C.Link:http://www.irongeek.com/xss-sql-injection-fuzzing-barcode-generator.php Quote
blech Posted January 16, 2014 Report Posted January 16, 2014 chesti asta este de cand eram eu tanar... tot aici se incadreaza si faza cand lipesti pe produse din supermarket barcode cu functia de reset settings pentru aparatele de citit coduri.aparatele alea pentru cei care nu stiu se programeaza prin intermediul unui sheet plin cu barcode-uri care se scaneaza pe rand in functie de cum vrei sa se comporte pistolul. Quote
robyyxx Posted January 16, 2014 Report Posted January 16, 2014 (edited) Daca va vine sa credeti ieri seara inainte sa ma culc fix la asta m-am gandit.Dar nu stiu daca aparatul recunoaste encodingul adica sa poata citi numai cifre iar caracterele si simbolurile sa nu le poata recunoaste. Edited January 16, 2014 by robyyxx Quote
ovidelu47 Posted January 16, 2014 Report Posted January 16, 2014 Suna interesant robyyxx dar e riscant. Quote