For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems
Offered By: 44CON Information Security Conference via YouTube
Course Description
Overview
Syllabus
Intro
Point of Sale terminals
Bar in 44CON
Mobile pointofsale terminals
Previous research
Project overview
Security assessment
How payments work
Payment aggregators
Payment methods
EMV adoption
Schematic overview
Findings
Bluetooth
Bluetooth Protocol
Bluetooth Classic
Bluetooth Device Address
Bluetooth Attack Vectors
Maninthemiddle attacks
Enhanced data rates
Sending arbitrary commands
Prerequisites
Wireshark
In practice
In detail
What is fuzzing
The ESP32
Output
Sending
External Devices
Demo
Mac Stripe
Recommendations
Mobile POS
Reverse Engineering
Updating Process
Open Account
Un unencrypted firmware
Remote code execution
Why its important to have full access
Two potential problems
Scenario
Hardware Protection
Secondary Factors
Assessing risk
Conclusions
Vendors
Merchants
Taught by
44CON Information Security Conference
Related Courses
Dal Reverse engineering alla stampa 3DUniversity of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam