Break into Xerox's distribution network and track down that printer

You check the time to find you've still got a few hours left before you need to be at the meet. You set an alarm on your rig to go off 30 minutes before, that should give you enough time. Now to work.

Cracking into Xerox's distribution centre is easy. Most distribution centres are pretty low-tech and this particular Xerox one is no different. While most of the computers connected to the outside world are modern and well protected, their internal stock-tracking system is ancient. It does a simple job and it does it well, why bother upgrading it? You love that attitude and it's the one that lets you in through a well-documented exploit discovered half a decade ago.

Once you're in, you look up the historical records for the serial number. A different warehouse has the records but luckily their system is smart enough to route the request to the correct one. Gotta love redundancy. The unit was shipped from their manufacturing plant in New York then routed to a wholesalers. getting the wholesalers name is easy enough and from that and a little googling, you find their website. Some simple coaxing of their poorly crafting login script manages to get you into their administration backend and from there you find out that the printer was shipped to a local computer store. Interesting.

The store is on the way to the meet, with some social engineering, you could probably get the clerk there to give you the information you need. You print off a fake Xerox-branded name badge. You don't really know what they look like or even if they wear them but most people will just see the badge and bow to authority anyway.

The alarm beeps on the computer. Time to go.

The End

11 comments about this story Feed