This talk details a comprehensive reverse engineering analysis of stored-value laundry cards, prevalent in facilities worldwide. The widespread adoption of localised contactless payment solutions, attributed to their convenience, necessitates understanding their internal operations. This analysis explores the mechanisms behind value storage and modification within these cards. During this investigation, a data structure was identified that presented a significant vulnerability. The implications of this vulnerability raise serious concerns, which extend beyond laundry facilities, potentially impacting the security of similar contactless systems globally.

DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
5.4K views

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
11.1K views

DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
8.5K views

DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
3.6K views

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
5.4K views

DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
6.4K views