Train station platform screen (funny/interesting)

[ayu]

Ok so me and some mates were waiting for the train today, and all of a sudden the platform screen that shows the times, etc, started to flash and act weird. And i said to one of my mates "you know, that screen has an IP, which means it's in a network, which means it has vulnerabilities", and he answered "Well since we don't know it's IP or anything else about it, we can't do much right now can we?"

So....the second he said that, i turn around...and..WOSH....it was like the fucking screen heard our convo. On the damn screen was all the info we would need, IP, netmask, software info, kernel...etc, we didn't have time to grab the version numbers but we did see that it was IP 192.168.0.10 and that the creator of the software was Sandisk.

I also took a note that the screen had an antenna (like an old analog one for TV's) on top of it, which made me assume that the signal is sent from the screen with an DA converter and then received and translated back with a AD converter.

I don't really have a question, but i do want anyone who reads this to give me his/her thoughts about this, brainstorm a bit, and help me to get some ideas on how to progress on getting more info about this screen and the network it's connected to

[DNR]

IP 192.168.0.10 is an obvious wifi network Sandisk is not coming up as anything but storage disk and screen protectors. The car antenna is still a RF receiver. It is possible someone was there to update the screen and overheard you talking, if the screens computer is simple it might only perform communication one-way - that is the operator would have to view the screen to see the result of his input to the screens computer.

DNR

[ayu]

Seeing that it's connected to a wireless network, would you think that a regular WiFi card would work to discover the network that it's connected to?

Or do you think that other equipment is needed?

[DNR]

Well, remember it might be one-way commo - a transmitter talks to the LED marquee, but the marquee doesn't respond via wifi, but via its LED marquee.. You might not get any leaked wifi signals unless the person is there with the transmitter editiing the marquee - sort of like sitting out in a parking lot trying to capture someone using a car alarm remote - to capture its signal.

I have searched for a technical manual, but can't find one.

What is missing is to observe or get a hold of the transmitter used to edit the marquee.

everyone try to get up close to one of these things and get a manufacturer, it can't be sandisk..

DNR

[Lyecdevf]

I have been thinking about hacking various appliances that connect to the internet or use IP networks. I read about refrigerators that connect to the stores via internet to order food. I figure it would be fun to hack those.

[hpprinter100]

ask someone at the infomation desk for how the network is set up and pretend that you are doing a project on train station security xD

[ayu]

ask someone at the infomation desk for how the network is set up and pretend that you are doing a project on train station security xD

I don't think they know xD and even if they did i don't think they would tell me ^^

[DNR]

BTW Hp that was not a bad suggestion, a social engineering tact too. You also exploit the fact that people like to talk about themselves or their jobs, and try to befriend someone that works there.
I even used my jobs to gain nfo on stuff not related - I got a manual for a NCR automatic teller cash machine and got to check it out completely (it was dropped off and to be installed at the place I was working at)

Lye also has another point where ever you go, keep an eye out for network appliances, IPs and passwords pasted on computers, a unlocked closet with all the routers, a basement with a PBX...all those manuals..

DNR

[rhysh]

your best bet is its running windows xp pro on a domain

i watched them work on there comp at the railway station one day

but i never seem to be able to find the network..they probably dont broadcast an ssid..so you will need a network sniffer.maybe that will help