Jovan Zivanovic

Reverse Vending Machine (RVM) Security: Real World Exploits / Vulnerabilities

Security is often an optional, paid feature. Learn how this choice enabled researchers to print fraudulent cash receipts from a supermarket's reverse vending machines.

Reverse Vending Machine (RVM) Security: Real World Exploits / Vulnerabilities
#1about 3 minutes

The financial incentive for hacking reverse vending machines

Reverse vending machines present a security risk because they exchange returned bottles for money, creating an opportunity for financial exploits.

#2about 4 minutes

Understanding the bottle detection and refund process

RVMs use a combination of sensors like barcode scanners, weight sensors, shape detectors, and material analysis to validate and process returned bottles.

#3about 4 minutes

Categorizing common reverse vending machine attack vectors

Attacks on RVMs fall into three main categories: insider manipulation, tricking the bottle acceptance system, and misclassifying bottles for higher payouts.

#4about 4 minutes

Analyzing supermarket receipts to find security flaws

By collecting and comparing receipts from different supermarket chains, researchers identified patterns in barcode generation to find potential vulnerabilities.

#5about 4 minutes

Discovering a predictable and static barcode vulnerability

One supermarket chain used a static EAN-13 barcode on receipts where the refund amount was directly encoded, making it easy to forge.

#6about 2 minutes

Forging a valid receipt with a script and printer

A simple script and a thermal printer can generate a forged receipt with a custom refund amount that is accepted by the store's checkout system.

#7about 2 minutes

The vendor response to the disclosed vulnerability

The RVM manufacturer confirmed the vulnerability and stated that the secure, cloud-validated solution is an optional feature that customers must pay extra for.

#8about 3 minutes

Finding similar and new exploits in Finland's RVMs

An investigation in Finland revealed the same receipt forgery vulnerability, plus a new attack involving swapping barcode stickers on bottles to claim a higher refund.

#9about 2 minutes

Mitigating receipt fraud with a cloud validation system

The most effective way to prevent receipt forgery is to use a centralized data store that generates a unique ID for each receipt and invalidates it after one use.

#10about 9 minutes

Q&A on blockchain, pentesting, and ethical implications

The speaker discusses using blockchain for validation, the importance of early security involvement and pentesting, and the ethics of exploiting recycling systems.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Examining IDOR vulnerabilities in major companies
03:04 MIN

Examining IDOR vulnerabilities in major companies

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR

Addressing unique security risks in RAG systems
02:00 MIN

Addressing unique security risks in RAG systems

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

A practical demonstration of exploiting IDOR vulnerabilities
14:52 MIN

A practical demonstration of exploiting IDOR vulnerabilities

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR

Common security failures beyond individual coding errors
03:27 MIN

Common security failures beyond individual coding errors

Maturity assessment for technicians or how I learned to love OWASP SAMM

From vulnerability researcher to automated security founder
05:31 MIN

From vulnerability researcher to automated security founder

The transformative impact of GenAI for software development and its implications for cybersecurity

Why attackers use prompt injection techniques
05:38 MIN

Why attackers use prompt injection techniques

Manipulating The Machine: Prompt Injections And Counter Measures

Key takeaways on prompt injection security
02:13 MIN

Key takeaways on prompt injection security

Manipulating The Machine: Prompt Injections And Counter Measures

Securing against AI-driven supply chain attacks
05:09 MIN

Securing against AI-driven supply chain attacks

WeAreDevelopers LIVE: What's happening to React?, All-in-one editors, Fireships and Firebases & more

Featured Partners

Related Videos

See all videos
Cyber Security: Small, and Large!
37:32

Cyber Security: Small, and Large!

Martin Schmiedecker

Getting under the skin: The Social Engineering techniques
43:56

Getting under the skin: The Social Engineering techniques

Mauro Verderosa

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR
40:38

How to Cause (or Prevent) a Massive Data Breach- Secure Coding and IDOR

Anna Bacher

The attacker's footprint
2:08:06

The attacker's footprint

Antonio de Mello & Amine Abed

Security Challenges of Breaking A Monolith
45:19

Security Challenges of Breaking A Monolith

Reinhard Kugler

Cracking the Code: Decoding Anti-Bot Systems!
57:47

Cracking the Code: Decoding Anti-Bot Systems!

Fabien Vauchelles

Typed Security: Preventing Vulnerabilities By Design
58:19

Typed Security: Preventing Vulnerabilities By Design

Michael Koppmann

You click, you lose: a practical look at VSCode's security
29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

Related Articles

View all articles
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
Chris Heilmann
Dev Digest 110 - XY marks the spotty security
This time we give you a collection of links about the XZ backdoor, solve the last CODE100 puzzle, announce the next round of it, let you play with colours and explain why Lava lamps are great to keep the web secure.News and ArticlesThe big piece of n...
Dev Digest 110 - XY marks the spotty security
Chris Heilmann
Dev Digest 129 - Now that's what I call private data!
News and ArticlesAfter declaring Google a monopoly there are now considerations to force it to break up - isn't that what the whole Alphabet thing was about? In the last act of Crowdstrike coverage here, they released a deep analysis of the outage th...
Dev Digest 129 - Now that's what I call private data!
Dev Digest 105 - Security First
Last Friday's Dev Digest was mostly about security and game topics, so let's take a look what you didn't get in your inbox. We also covered some brand new online courses to get started as a developer or refresh your knowledge. And we wrapped up CODE1...
Dev Digest 105 - Security First

From learning to earning

Jobs that call for the skills explored in this talk.

Joby

Joby

Saby Company Page
Sarajevo, Bosnia and Herzegovina

Remote
40-45K
Junior
Ruby on Rails
Microsoft SQL Server
Google Cloud Platform
+2