138
Tudor
6y

I recently won a "Hack the Bank" competition where I had to hack an ATM and withdraw a large sum of money.

But what's funny, is that after the competition ended, the organizers installed Kali on the actual ATM.

Comments
  • 21
    What was installed before? Windows XP unpatched since 2003?
  • 4
    @fuzzy-logic A 3 years old could hack that
  • 4
    What is s kali and why is it significant to your story?
  • 4
    @SSDD kali is GNU/Linux pentesting distro, it contains a lot of fun tools for cracking WiFi passowrds, passwords, hashes... it also containsany tools that can be used for social engineering ans so on
  • 1
    @D3add3d thanks. Why would they install that on a cash machine?
  • 5
    @SSDD have you heard of that thing called fun?
  • 7
    @hellvetica yes but banking institutions haven’t.
  • 2
    Curious to know how you did it
  • 2
    Can you educate us on how?
  • 0
    📌
  • 3
    For those eho may be wondering. We had no physical access to the ATM's ports. Just the screen and pin keyboard. We had to hack it remotly
  • 3
    @GMR516 I used ettercap filters to modify packets between the bank and ATM so I could retrieve more money.
  • 3
    @Tudor Was it real world scenario? I can’t imagine that you’d be able to do that irl, otherwise why wouldn’t more people?
  • 5
    @GMR516 It was. In the real world, you could access the USB ports with a key that is universal, so you could just insert a bash bunny to deploy Tupkin(ATM Malware). Here, we had no access to the USB ports. There is a big number of attacks lately in Russia. It's just that it is highly illegal and you can get a lot of jail time.
  • 2
    @Tudor Letting access to usb ports!!! What kind of security is that!, and btw, how did you hack it, seems interesting
  • 2
    Oh, how I wish to see these events with my own eyes xD

    !topic I've always wanted a fragon tattoo because of Backtrack, uh, Kali.
  • 0
    @-vim- Yes! The access to USB ports on real ATMs is accessed with a key that is the same for all ATMs and you can purchase it on Amazon. Here, it was a MITM attack where I faked packets sent from the "bank"
  • 3
    📌
  • 0
    This is one of the most pinned posts in devrant. I wonder why... 😈
Add Comment