Click to go to Forum Home Click to go to maXbimmer Home

Go Back   maXbimmer Forums > Misc > Off-topic
User Name
Password


Welcome to Maxbimmer.com!

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

Reply
 
Thread Tools Rate Thread Display Modes
Old 03-23-2010, 11:41 AM   #1
nonlocal
Last of the Late-Brakers
 
nonlocal's Avatar
 
Join Date: Dec 2009
Location: Not here...
Posts: 674
[geek] Attempt to beat speed cameras w/ SQL Injection



nonlocal is offline   Reply With Quote
Old 03-23-2010, 11:41 AM   #2
5style
Hatters gon Hatt
 
5style's Avatar
 
Join Date: Feb 2004
Location: Toronot
Posts: 5,130
lol
__________________
Cayenne hunting!
5style is offline   Reply With Quote
Old 03-23-2010, 12:01 PM   #3
arek
3rd Gear Member
 
Join Date: Oct 2008
Location: Burlington/Poland
Posts: 586
The stickers on the windshield need to be removed aswell, they contain vehicle ID
arek is offline   Reply With Quote
Old 03-23-2010, 12:53 PM   #4
nonlocal
Last of the Late-Brakers
 
nonlocal's Avatar
 
Join Date: Dec 2009
Location: Not here...
Posts: 674
The idea here being not to hide vehicle ID-- though the banner does seem to partially obscure the plate-- but rather to fool the software running the camera into dropping the entry for his car before it ever gets processed.
nonlocal is offline   Reply With Quote
Old 03-23-2010, 01:01 PM   #5
kkeddy
2nd Gear Member
 
Join Date: Jan 2009
Location: toronto
Posts: 191
LOL. if he managed to get the database names and everything correctly, this may even end up into crashing the whole sql database LOL
__________________
2003 BMW 325i (sold)
2010 Civic Si (track) (sold)
2001 BMW e46 m3 (current)
kkeddy is offline   Reply With Quote
Old 03-23-2010, 01:38 PM   #6
Darkness95m3
6th Gear Member
 
Darkness95m3's Avatar
 
Join Date: Jan 2005
Location: Ontario
Posts: 2,677
Wtf?
Darkness95m3 is offline   Reply With Quote
Old 03-23-2010, 02:06 PM   #7
SamE30e
6th Gear Member
 
SamE30e's Avatar
 
Join Date: Jul 2007
Location: Milton
Posts: 2,881
Quote:
Originally Posted by Darkness95m3 View Post
Wtf?
The camera reads letters on the license plate, the theory is; if it reads this it will skip processing the photo for his car.
__________________
85 325 - 2.8 PTE6262 VEMS.
SamE30e is online now   Reply With Quote
Old 03-23-2010, 02:34 PM   #8
gervs
2nd Gear Member
 
gervs's Avatar
 
Join Date: Jul 2009
Location: Ottawa
Posts: 288
How do they know the cams don't run oracle back end?
gervs is offline   Reply With Quote
Old 03-23-2010, 02:39 PM   #9
abc12
4th Gear Member
 
Join Date: Sep 2003
Location: Toronto
Posts: 811
looks like a Renault, use to drive one, way back in the day. POS it was....
abc12 is offline   Reply With Quote
Old 03-23-2010, 03:00 PM   #10
nonlocal
Last of the Late-Brakers
 
nonlocal's Avatar
 
Join Date: Dec 2009
Location: Not here...
Posts: 674
Quote:
Originally Posted by gervs View Post
How do they know the cams don't run oracle back end?
This was my first thought too. Probably a moot point; You'd think the camera would be calibrated to read just the plate, not a banner across the whole bumper... This must be a joke in some software company's parking lot or something.

Still a clever laugh though.
nonlocal is offline   Reply With Quote
Old 03-23-2010, 04:00 PM   #11
gervs
2nd Gear Member
 
gervs's Avatar
 
Join Date: Jul 2009
Location: Ottawa
Posts: 288
Deff, I had a good laught at this, and showed the boys at the office (we are i.t. solutions). Might actually replicate it for a staff bbq this summer or something lol.
gervs is offline   Reply With Quote
Old 03-24-2010, 12:42 PM   #12
davericher20
black and blue
 
davericher20's Avatar
 
Join Date: Dec 2006
Location: 2 storey 3 bedroom 1 car garage
Posts: 3,608
soooo....what does that code mean?
__________________


Quote:
Originally Posted by JINT View Post
Some people have serious track experience from the cruise, so what is fast to you, isn't fast to them.
davericher20 is offline   Reply With Quote
Old 03-24-2010, 12:57 PM   #13
hockeyfan27
5th Gear Member
 
hockeyfan27's Avatar
 
Join Date: Jul 2009
Location: Durham Region
Posts: 945
Quote:
Originally Posted by nonlocal View Post
This was my first thought too. Probably a moot point; You'd think the camera would be calibrated to read just the plate, not a banner across the whole bumper... This must be a joke in some software company's parking lot or something.

Still a clever laugh though.
The plate can be mounted anywhere on the front bumper so it may read the whole surface and isolate the plate after the fact.

But I agree, it is most likely a joke.
__________________

1998 328ic - Sold
hockeyfan27 is offline   Reply With Quote
Old 03-24-2010, 10:39 PM   #14
nonlocal
Last of the Late-Brakers
 
nonlocal's Avatar
 
Join Date: Dec 2009
Location: Not here...
Posts: 674
Quote:
Originally Posted by hockeyfan27 View Post
The plate can be mounted anywhere on the front bumper so it may read the whole surface and isolate the plate after the fact.

But I agree, it is most likely a joke.
I would think the OCR portion of the operation-- which have to happen before this exploit could 'get in'-- would come after some sort of visual processing on the raw photo to isolate the plate, but I'm talking out of my ass and don't know anything about how the software behind traffic cameras works.

Maybe this would actually work, they didn't take the time to sanitize their inputs because they didn't foresee this vector of attack, and additionally they didn't network the cameras for remote patching for "security reasons" and now have to drive around to every camera if they want to update to close the hole, while hooting geeks drive around the city running reds at high speed and mooning municipal workers at the cameras.

Unlikely, but I'll hold out hope.
nonlocal is offline   Reply With Quote
Old 03-25-2010, 11:29 AM   #15
gervs
2nd Gear Member
 
gervs's Avatar
 
Join Date: Jul 2009
Location: Ottawa
Posts: 288
It's clearly a joke there is no way that would actually work. The only thing I can see this working is that the the system can't isolate the plate but then you can just put any series of number and letters instead of this command. Not the actual query running would work since I strongly doubt camera's would have any such rights on the database.

What would be fun though is using Microsoft's "TAGS" technology to spam the shit out of them when they try to pull up your records lol.
http://blogs.msdn.com/tag/archive/20...osoft-tag.aspx
gervs is offline   Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT -4. The time now is 06:07 PM.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
Maxbimmer Copyright 2001 - 2015