- Latest News!
- Mission Briefing
- Corporate Directory
- Domain Names
- Extension Lists
- Hackable Gadgets
- Pay Phone Numbers
- Phreaking
- Toll-free Numbers
- Contribute!
Wal+Mart Hackable Gadgets
CD Barcode Reader and Audio Players
Most Wal+Marts have a couple of stations where you can scan a popular CD
with a barcode reader, and the machine will play a track from the album.
These machines are all networked, likely run OS/2, and are fairly easy to
reboot much like the price checkers and other devices connected via either
RJ-11 or CAT-5. Once rebooted, you can access the Network BIOS. There have
been mixed results with this, though it is certainly worth a look.
Especially if you can access all of the music available.
Fujifilm and Kodak Picture Kiosks
These kiosks can be hacked in a variety of ways. An article in
2600: The Hacker Quarterly
detailed how to access the entire image archive of every customer who had
used a kiosk that day by simply using an unprotected menu on the Kodak
machines. You simply have to know where the menu is, and you're in. There is
also an obscene amount of removable media drives and ports open on these
kiosks, and the below example shows a method to access those drives on a
Kodak box.
1. Click the Setup button in the upper right-hand corner. Enter the store
number at the password prompt. Try other common passwords, like 1111 or
1234, if the store number doesn't work. Now click Configure System Settings.
Configure System Settings
2. Then click Configure Network.
Configure Network
3. Click Network Configuration and you're greeted with Windows Explorer.
Network Cofiguration
Windows Explorer
4. Click the up arrow twice, past the Control Panel, to My Computer.
My Computer
This specific instance was an attempt to run
Firefox Portable.
Removable drives are mounted read-only and the system disallowed writing to
a hard drive, so this attempt was unsuccessful.
Write Protect Error
Gift Registries
Wal+Mart in-store gift registries provide shoppers' personal information to
anyone that follows these steps:
1. Select "Update A Registry."
2. Enter First and Last names. Choose common names like Linda Smith or
Roberto Gonzales. If there are more than fifty matches, you'll have to
narrow your search.
3. Choose a name from the list and enter 1234 as the PIN. If that particular
name doesn't work, try another from the list. In the unlikely even that one
from the list doesn't work, start over and try another common name.
Wal+Mart suggests 1234 as a PIN, and customers take that to heart, allowing
the viewing and editing of registrants' personal information. Do not change,
nor act upon, information gained.
Handheld CSM Workstation
The CSM handheld which is really nothing more than a Pocket PC running some
in-house apps are used for the front end of the store. You'll find Customer
Service Managers (CSMs) using these frequently in most stores. These are
what the action codes are for (see Tables 1 and 2). When cashiers type a
certain code into their register it will send a message to the handheld to
let the CSM know what the cashiers need. It can be a request for a certain
amount of change, a bathroom break, or even a pissed off customer. In all
there are around 80 requests that will pop up on the screen for the CSM to
approve or deny (in most cases) from the handheld itself by typing in their
password and pressing enter to show that they authorized the request. More
simple requests such a bathroom breaks, change requests, etc. can be
approved or denied or told to wait just by tapping the screen. These are
wireless as well and run on the same network that Telxon handhelds use.
Table 1: Cashier Codes - Action Codes
1 - Complete Transaciton Void
2 - Terminal Statistics Report
3 - Terminal Accounting Report
4 - Department Totals
6 - Price Inquiry
7 - Reset Transaction Number
9 - Training Mode
10 - Operator Performance
13 - Payroll Check Cashing
14 - Application Memory Usage
17 - Refresh Tax Tables
18 - Refresh Configuration
23 - Suspended Transaction Report
24 - CSM Override Approval
25 - Shopping Card Cash Back
55 - Reload Phone Cards
60 - Print Previous Journal Data
61 - Reprint Previous Receipt
69 - Cashier Online Training
70 - Utility Payments
91 - TC # Lookup and Decryption
Table 2: Cashier Codes - CSM Assistance Codes
202 - Cancel Previous Request
203 - Need Change
204 - Need Restroom Break
205 - Need Break / Lunch
206 - Need Receipt Tape
207 - Need Carry Out
208 - Need Cash Pickup
209 - Need Price Check
210 - Need Cleanup **Dry**
211 - Break $100 Bill
212 - Need Loan
213 - Need WIC Assistance
214 - Lines Are Long
215 - Need Cleanup **Wet**
216 - Customer Emergency
217 - Need Round of Change
218 - Need Check Approval
219 - Need Bags
220 - Need Stamps
221 - Need Propane Tank
248 - Training Question
The hackability here is immense because you are essentially playing around
on a Pocket PC. Finding one shouldn't be to hard. Especially if you're
looking for one that is logged in as it will usually be putting off a loud,
sharp beep tone when a request is received. You could cause real hell on
some CSMs with this toy in the wrong hands, especially when you go telling
cashiers that they're not getting their change, bathroom breaks or lunch
breaks from 50 feet away with the tap of a stylus. To have the most fun you
will want to find one logged in, otherwise the login screen will appear and
it is impossible to get it off the screen as it always boots to the login
screen. Login rules here apply the same as the Telxon. User must be valid
and must be clocked in at the time.
POS Touchpad/Cardreader
These can be found at the registers in any store that has decided to switch
from the old pads. They are touch screens, and as you guessed it, are
hackable. Just tap the four corners in a (usually) counter clockwise motion
and you'll be instantly greeted with tons of settings. You can pretty much
render one of these unusable by tweaking the wrong settings of changing
connection settings so be careful. You'll find settings for contrast,
connections, logos, font sizes, etc. Lots of fun to be had with these. They
don't even have to be connected to a register that is logged in. Just so
long as you find one that is on and glowing bright with it's Wal+Mart
screensaver bouncing around the screen.
Portable Shopping System
There isn't much to be said about this one. You can get into a couple
dialogs to control contrast, battery saving options, etc. You'll find these
at the jewelry counter and they're used to create gift registries. Very
easily obtained and sadly nothing much to hack on them. They are typically
not used in wireless mode and just store the item's UPC to internal memory,
which is then docked and used to print gift registry tickets and to create a
gift registry account. You can try to hack it if you must, but I wouldn't
recommend it as these bring nothing to the table.
Price Scanners
You'll find these strapped to polls all over the store. They are there for
YOU to use. How you use the one you find really doesn't matter because
chances are nobody is going to give a damn. These run a version of Windows
CE and are fully wireless. They are only plugged in to a power outlet and
settings can be accessed by doing a four corner tap or with a button
sequence. The sequence of the tap or button presses will be different
depending on the type of scanner you might find in your store. This only
applies to stores with the newer color scanners not the old monochrome ones.
As far as I know and in my experience the monochrome scanners are unhackable
because they're primitive and pretty much dumb clients.
Not a lot you can screw up, but it is fun to see the different settings
these tiny kiosks have inside.
Telxon Units
The standard Telxon unit with color screen.
Again, standard Telxon unit with RFID reader attached.
You will find the first standard version of the Telxon in many different
locations throughout the store. They may be gray or brown. Some may be older
versions with grayscale or monocrome LCD screens. Regardless of what version
you may run upon they all serve the same purpose. In a perfect store you, as
a customer, should never find these left unattended. Lucky for you Wal+Mart
stores are rarely perfect.
It is a handheld computer running a version of DOS or Windows CE so the
tasks this little baby can perform are nearly endless. It is possible to
scan items and mark them as stolen, change the price of a UPC when scanned
at a register, see how many of a certain UPC is in inventory at a store,
order an item, chanage how many of a certain item is listed in inventory,
print associate namebadge barcodes that are used for clocking in/out, link
up to a portable thermal printer to print labels or to a laserjet printer
typically located behind the layaway doors to print larger signs, etc. If
you can think of it and find it under the user's menu then you can do it.
These are wireless as you will find out with a lot of Wal+Mart toys and they
all run on 802.11 (not sure of the type a, b or g?) at 5.5mbps with WEP
encryption.
The main problem with hacking these is that the security is pretty stiff.
For a user to login to a Telxon they must have valid a user name and
password and be clocked in. It will auto-logoff after 15 minutes of idle
use. Not all associates can login to these. It is mostly department
managers and up, however many associates that work on the sales floor can
login to them. What an associate can do with the posession of a Telxon is
set with certain permissions by the personel manager and store management.
Don't fret and mark this off your list as a lot of associates will leave
these laying around while logged in an unlocked totally free for you to
play with as you like. If you can figure out how to navigate the menus and
the programs on the Telxon and do it quickly without being noticed you could
do some real damage. Be careful of who you decide to mess with as you may
end up getting someone fired when it shows up that the legitimate user
decided to change the price on an item from $350 to $5. Someone would be
getting their ass canned within minutes as Telxon use is monitored heavily.
