As I found later on my trip, there are advantages to staying at cheaper hotels. While the major chains typically use LodgeNet or something like it, your basic motel typically offers unsecured cable TV. Often times, even if the cable is locked on the TV, it can be unscrewed from the connector on the wall. The coax locks most often used are cylinders of hard plastic, wrapped around the connector that hooks up the cable to the TV. This also leaves the TV pretty much useless for the next guest, which can drain your karma account.
Got a good hotel hacking story? This site may earn affiliate commissions from the links on this page. He found that many of those systems give access to information depending on an ID associated with the room's TV. By changing that ID, he said that he was able to access information for other rooms.
Many such hotel systems show guest bills, phone and room service records and offer video check-out. Laurie found that the hotel TV systems also have special controls for hotel employees. Housekeeping staff can report a room as clean, for example. Additionally, he found that some systems let room service staff input billing for the minibar, which he now controlled. In one Holiday Inn hotel he found the system that controlled an electronic lock on the minibar.
While staying at a Hilton hotel in Paris, Laurie automated his hack and placed a camera in front of the TV. He snapped pictures of every screen and found out the occupancy rate of the hotel, the names of the guests, what they were paying, where they were calling and how long they had been at the hotel. He showed the pictures at Defcon, but obscured the guest names.
Part of Laurie's hack is simple. Even though the server responded OK, it is possible the submission was not processed. This site uses Akismet to reduce spam. Learn how your comment data is processed. This article is more than 5 years old. Sign up to our newsletter Security news, advice, and tips. Android Vulnerability Hotel internet of things vulnerability. Unpatchable BadUSB code is now publicly available. Fry all the things! USB Kill zaps tons of computing devices.
What do you think? Leave a comment Cancel reply Your email address will not be published.
0コメント