Leave a comment

Heathrow Airport Departures Hacked

kiosk in airport…one more hacked airport

The Heathrow Airport of London is considered one of the most secure international airport of the world but nevertheless it has been hacked.

Recently the increasing terrorist threats, that make it an high risk target, brought to make more strict the security policy in force, with very accurate check-in procedures and continuous vigilance within the whole airports perimeter. In fact the level of attention for what concerns the physical security is sufficiently high, not the same seems to be for the information structures and IT security, as for instance at the Heathrow Airport Departures (but the same is valid for the Heathrow Terminals International Arrivals) few kiosks were been hacked.

One of our users has lately found something very interesting about that, in particular about the kiosks in airport, just like a hacked airport game, airport madness at the kiosk, customers data and privacy data were affected by a 0-day vulnerability.

Recently Honest (this is the nick of our affectionate user) has discovered (at London Heathrow Terminal 5) by a chance that the information/internet system used by customers of the London airport is not so safe, but easily vulnerable to hacker attacks (in the literally meaning, not in the overused and misinterpreted media one). Let’s start from the beginning.

Few days ago Honest contacts me to ask if we’d be interested to public an article on what he defines a real “scoop” about Heathrow Airport Terminals IT security. One more hacked airport.

Obviously this raised my curiosity and so Honest starts to tell me how he has found just for chance that some of the pc of Heathrow are highly exposed to external breach’s risks. In fact, he keep saying, on these pc (that are most probably installed by external providers in free concession) anyone could conduct different type of digital attacks that aim to take the machine’s control and turn it in a internet bot or a bridge, with a serious information security risk for whom used that machine and left sensitive data on it.

These computers are, indeed, dedicated to the customers use to surf paying through credit card. It’s easy to think, thou, that every user would inset the personal credit card code, log in an email account, digit password and so on; sensitive data that, as the machine’s low protection, would be easily grabbed and used for wrongful scopes. Honest assures to be able to provide the necessary acknowledgement to demonstrate what he said about the “hacked airport games” at the kiosk in airport .

Granted that I don’t know personally Honest and, before this occasion, we have never been in touch. About him I know just what he has told of himself: Honest is italian and works in the IT security field.

For this reason I didn’t consider immediately reliable his information, or at least give myself the benefit of the doubt, asking to our “sneak” for more details. Therefore Honest gives me the link of an image on a foreign server that represents a incriminated machine’s screenshot; clearly this is not sufficient to give plain credit to his story, that still needs a due check.

But in the deep, how does Honest discover this information leak of the system of one of the most important airport in the world? In the barest way,let’s say: Honest, transiting in the london hub, decides to use one of the computer to surf and perchance gets access to a window of Internet Explorer, simply because the software generates an unexpected pop-up after an error, bypassing in this way the dedicated portal that it’s supposed to inhibit the execution of the other programs of the pc.

By that the Honest’s curiosity takes soon the upper hand: he starts to verify a set of conditions; at the end of his “exploration” he is totally surprised by the exposition level of a machine that can potentially cause a big damage to the information security of London’s Heathrow airport.

Those terminals  are not owned by the airport itself, but by an external company provider (http://www.spectruminteractive.co.uk) that sells the service, but this doesn’t change the responsibility of whom proposes the service to the public of the customers (passengers and airport personnel).

Honest, indeed, clears that on the machine used by him it’s not only possible “getting around” the access, surfing for free instead that paying, but also installing different type of software, having access to the file system, turning it in a bot to intercept IP traffic or sniff access credential, or in a bridge with the extern. It’s important to highlight once again the prime responsibility goes specifically to Spectrum Interactive that has provided the machines and keeps their maintenance.

This article comes up from an analysis conducted on some of the machines present in

Heathrow airport

, and so it’s absolutely not sure that the vulnerabilities found are valid for all the other machines installed by the same provider, Spectrum Interactive, for the airport and in general for all its other clients.

Below it’s reported the technical analysis made by Honest with the relative evidences that confirm the vulnerabilities found.

File listing:

Through Internet Explorer it’s possible to access to all the hacked airport’s computer files.

Information Disclosure:

Some of the files used for the system deployment contain useful information to conduct more sophisticated attacks at the Heathrow airport.

Command execution: 

It was possible to execute commands on the machine through MsDos window.

Indeed, through a Gmail box dialog it’s was possible to upload the file, modify a link on the desktop in order to recall the file command.com.

Through the MsDos window it was allowed to visualize different computer information: IP address Computer’s name Installed softwares Windows Patch Moreover, always by using the internet explorer box dialog, it was possible installing softwares.

In the specific this technique permits to install: 

  • Keyloggers
  • Sniffer
  • Back Door
  • Malware
  • Etc…

Hacked Airport Remote Access 

The public address used by every machine is reachable remotely.

This means that external attacks are feasible and also the back door’s use can ensure the access by external users. These simple vulnerabilities make these computers completely under control of hypothetical bad-intentioned users and represent a big problem for the privacy of all the unaware internet users within the airport.

At the moment of the publication of this article, the security managers of Heathrow and of the service provider company have been already alerted of the case, as Honest affirms. Therefore probably these machines have been just dismissed. (kiosk in airport)

Moral of the hacked airport story:

We hope that after the publication of this article Heathrow’s management will realize that protecting their users, even from the Information technology point of view, is just as important as ensuring their physical security; therefore we strongly hope that the Spectrum Interactive will increase the level of attention providing their products through adopting more accurate security checks.

We consider important editing this article with the aim of warn all those who, through PC whose the level of security is not known or sure, access to their e-mail account or simply introduce sensitive data, like their credit card number, to brows in Internet or make online transactions.

Indeed, you may enter your data on computers, such as those ones in Heathrow, which could be used by ICT expert to conduct actions absolutely illegitimate or not legal. It’s very important that everyone become aware of the main issues relating to information security and is educated to adopt a greater attention just as it happens in other dangerous situations proper of everyday’s life.

Our thank is granted to Honest for the opportunity he gave us, through RedOracle.com, to highlight this issue and disclose the information as educational. This is not only applicable to Heathrow Airport Terminals and kiosk security (hacked airport games), but also to any public kiosk in other location.


airport hacked evidence 1 airport hacked evidence 2 airport hacked evidence 3 airport hacked evidence 4 airport hacked evidence 5


Tag: Airport Retail Kiosks, Airport Kiosk Business, Airport Life Hacks, Air Travel Hacks


Related Articles:


Password DB

Leave a comment

SSL interception advisory – Alert (TA17-075A)

The Security Impact of HTTPS Interception

TLS and its predecessor, Secure Sockets Layer (SSL), are important Internet protocols that encrypt communications over the Internet between the client and server, by making an identity chain using digital certificates to establish an identity chain showing that the connection is with a legitimate server verified by a trusted third-party certificate authority.

In order to work, therefore, an interception device must issue its own trusted certificate to client devices – or users would perpetually see warnings that their connection wasn’t secure.

HTTPS inspection works by intercepting the HTTPS network traffic and performing a man-in-the-middle (MiTM) attack on the connection. Browsers and alternative applications use this certificate to validate encrypted connections however that introduces 2 problems: 1st, it’s impracticable to verify public server’s certificate; but second, and additional significantly, the manner that the inspection product communicates with the online server becomes invisible to the user.

In alternative words, the user will solely make sure that their connection to the interception product is legit, however has no plan whether or not the rest of the communication – to the online server, over the internet – is secure or has been compromised.

And, it seems, several of these middleboxes and interception software package suites do a poor job of security themselves. several don’t properly verify the certificate chain of the server before re-encrypting and forwarding client information. Some do a poor job forwarding certificate-chain verification errors, keeping users within the dark over a attainable attack.

In alternative words: the trouble to visualize that a security system is functioning undermines the terribly security it’s presupposed to be checking.

Consider it as somebody exploit your front entrance wide open whereas they check that the key fits.

Following the academic article describing this issue:

Original Link here.

To verify whether your inspection product is performing the proper verification:


Please have also a look to the US-CRT Advisory

Leave a comment

Xperia Tablet Z2 – 23.4.A.1.232 / R5C – Root and Dual Recovery

23.4.A.1.232 / R5C CE3

now available for Sony Xperia Z2 Tablet (SGP521)


XperiFirm SGP521

Device: Xperia Z2 Tablet (SGP521)
CDA: 1282-0228
Market: CE3
Operator: Generic
Release: 23.4.A.1.232 / R5C

– SuperSU 2.52
– Dual Recovery

1) Use flashtool (Flashmode) to flash the ftf file on your SGP521, then unlock boot loader with flashtool and then enter android and enable USB debug
2) Use Flashtool (Fastboot mode) to flash the boot.img
3) Upload the SGP521_23.4.A.1.232_XZDRKernel2.8.21-RELEASE.flashable.zip and BETA-SuperSU-v2.52.zip on your SGP521 sdcard (external)
4) Reboot device and enter in recovery mode.
5) install XZDRKernel2.8.21
6) Reboot device and enter in recovery mode.
7) install SuperSU-v2.52
8) reboot and done!

Download links

FTF Magnet


RedOracle XDA

Leave a comment


Leading information security event with KEVIN MITNICK – June, 9, 10 and 11, 2008 in Nova Gorica, Slovenia

June 9 – Preconference Day with KEVIN MITNICK, world’s most famous (former) hacker, today’s social engineering expert. Before he was caught by the FBI he gained unauthorized access to computer systems at some of the largest corporations on the planet.

Listen to his Interview
His lectures are sold out all over the world in advance! 

June 10 and 11 – INFOSEK 2008-FORUM Conference in cooperation with The European Network and Information Security Agency-ENISA; besides Slovenian speakers conference brings information security experts from all over Europe (England, Italy, Spain, Norway, etc.) in whole day sessions in English.

Please visit http://www.infosek.net/index.php?lang=2 and get to know more about the program. 
Unique opportunity to hear so famous hacker so close to you and meet him face to face!