// Kodak Picture Maker: In's and Out's // // by bland_inquisitor // // http://www.oldskoolphreak.com The contents of this article are for informational purposes only!! I am sharing some aspects of this technology with you because the chances are slim you will have the same opportunity to get some hands-on alone time with one of these machines. If you do anything illegal, tough cookies. This article is issued as a Retail Hacking Advisory. The securtiy on these kiosks is practically non-existant. At the end of this paper, I will suggest some simple securtiy measures that both Kodak and the retail establishments should implement to keep unauthorized users from compromising these systems. The default screen is the main menu. The items on this screen are: picture, picture cd, diskette, digital camera, and Print Previous Pictures. To the right of the main catagories, there are options, and setup. In the options menu (not password protected), the submenus are Input type, and Output type. The setup menu is far more interesting. After entering the password, or rather the store number, the setup menu appeared. The options here are: system calibration, set output size, select language, system configuration, software installation, run health checks, logs, select user mode, and shut down system. Most of the categories are self-explainatary, but the two areas of interest are health checks and system configuration. The health check menu provides a wealth of information about the inner workings of the kiosk. The menu I saw looked like the following: System Checks System DRAM: 40Mb OK Hard Disk: 510Mb OK KIM Board: OK Video Frame Buffer: OK Touch Controller: OK Device Checks Print Scanner PS2000 Found ID=2 Film Scanner Not Found CD-Rom Found ID=6 PCMCIA Drive Found ID=4 Diskette Drive Found Software Version ID KPM 7.5 Printer Checks Large Format Printer Found ID=4 Small Format Printer NOT FOUND Engine Information P6000360, DPKB0170, CSKB0140 Router NOT FOUND After checking out the system checks menu, I went to the System Configuration menu. In this menu, I found the set user mode preferences, manage passwords, network configuration, Kodak photonet online configuration, ISP configuration, and DNS configuration menus. Inside the ISP and DNS menus I found the following items: the kiosk IP, Net Mask, Broadcast Address, and router address. All of these numbers were present, and there was no additional security measure in place. Kodak should know that over 90% of system intrusions are performed by people who are close to the corporation. There should be a seperate password required to view the system configuration menu, because the people on the retail side of the system really have no business knowing this information. These passwords should be given only to the Kodak representative responsible for troubleshooting the kiosk. On the retail side of the units, the store number is a POOR password for anything. There are databases on the internet that show store numbers for various retail chains, and also the store numbers are printed on most reciepts. These suggestions are very simple to implement, and could very well save both companies the cost and embarassment of having their systems compromised.