Hacking QR Codes with QRGen to Attack Scanning Devices [Tutorial]

August 23, 2019 by 37 Comments

How to Use QR Codes to Hack Mobile Phones & Scanners
Full Tutorial: https://nulb.app/x4l5g
Subscribe to Null Byte: https://goo.gl/J6wEnH
Kody’s Twitter: https://twitter.com/KodyKinzie

QR Codes are a fun way of scanning information with your mobile device on the go. However, this popular technique can be taken advantage of and used to inject malicious code and commands by a knowledgeable hacker. On this episode of Cyber Weapons Lab, we’ll introduce you to a malicious QR code generator called QRGen.

Do not attempt to scan any malicious QR codes with a scanner you don’t own. Only use for testing on your own devices and networks.

Follow Null Byte on:
Twitter: https://twitter.com/nullbytewht
Flipboard: https://flip.it/3.Gf_0
Weekly newsletter: https://eepurl.com/dE3Ovb


37 Replies to “Hacking QR Codes with QRGen to Attack Scanning Devices [Tutorial]”

  1. tys k says:

    hello null bite im a bit of a script kiddie that absolutely loves your videos!
    i love it when you make a video of something thats usefull in real life
    could you please make a video on how to spoof my cars blackbox preferbly in a bit of a polemon go kind of way where i can decite where my cars myself ?
    this would make my life a ton easier and cheaper

  2. Goals 4k6 says:

    Why you are not uploading videos
    Its been a month

  3. Zodin Dev says:

    Maybe he's born with it maybe it's amphetamiiiines

  4. Happy Camper says:

    Can I do all this in my Mac ? Or Should I get Virtual Box and run Linux in it ?

  5. Didn't know you were a script kiddy

  6. Meir Knapp says:

    What's the app you're using on Android?

  7. can I put a sticker on your laptop, or send you a t-shirt to wear?

  8. I've been wondering for years now if someone could perform a SQL Injection using QR codes in a store. Imagine having a QR code on your iPhone display and having the in store price-check scanner scan it, only to have the embedded SQL Injection change the price for the item in the database. I'm sure that's illegal and I've never more than worried about it. I hope that the merchant's software folks have protected their scanner software inputs the same way you would protect other database access software.

  9. Kirk Schafer says:

    Caveat emptor: Some of the domains in the exploit list (apparently from payloadbox) are currently inhabited by squatters. Nasty trap potential there.

  10. who wants to make $100K, i have a machine that reads QR codes then dispenses cash. if you can break it i'll pay you!

  11. sara sabri says:

    hi can you help me in email or whats app plz i need help:(

  12. Moro Wenka says:

    $BASH badstuff.sh // wow +||
    SUN $$HAX$$ _BIGTIME_x_X-_X

  13. NullByte reminds me of Kevin Rose from the TechTV days

  14. Is this possible with barcodes?

  15. Got saved me from scam when I met hacker 1805codes generating me a legit private key 🔑

  16. spywolf says:

    From about 3 days …fraud calls are disturbing me …so I decided to hack their QR code…

  17. What to do with these qr codes

  18. User Grey says:

    how can i make my payloads? i mean, in what language are they made?

  19. Rich AF says:

    S. Korea government is using the qr codes to check the identity of anyone entering the amusement parks, karaoke shops, restaurants, theaters, etc. for the sake of chine-se-virus prevention…and many are concerned these collected personal data will be gleaned as big data and sent to the chinese government (S Korea now works like a sub-state to China, ugh). That's why I HATE showing any kind of codes containing my personal information just to enjoy those facilities. Can I use any fake qr codes to mess with these gov't geezers??? Frustrating….

  20. WOW imagine printing QR codes on stickers and just pasting it all over times square.

  21. Farhath Banu says:

    please can anyone explain me the worlist commands ?

  22. Basically SnowCrash for phones

  23. How do you get the passwords

  24. But what can we do after generating these payloads. I mean other than checking what it contains. LIKE HOW WE CAN USE THEM TO ACCESS THE SCANNING DEVICE. ASKING OUT OF CURIOSITY

  25. Sir,is it possible to add msf payloads to these qr codes using qr gen,if it is possible please make video on that sir,please i would be very grateful to you,please sir…….

  26. How do u save the words list idk what to press

  27. Hmmm dude why not put a warning into the start of the video saying this is for. Education purpose only
    You must do it to avoid any legal risks

Leave a Comment

Your email address will not be published. Required fields are marked *