Hacking POS Systems
Offered By: NorthSec via YouTube
Course Description
Overview
Syllabus
Intro
PCI-DSS vs PA-DSS
Physical Access
Kiosk Breakouts: Administrative Start-up Script
Kiosk Breakouts: Accessibility Keyboard Shortcuts
Kiosk Breakouts: Microsoft Office Macros
Kiosk Breakouts: Context Menu via Internet Explorer
Kiosk Breakouts: Notepad++ Run Prompt
Keyboards with Media Keys
Barcode Scanners as Keyboards
Privilege Escalation
Remarks on Scoping
Getting the Goods
MagStripe Reader "Malware"
MagStripe Reader: Authentication Weakness
Two-tier Architecture and Direct Database Access
Oracle OPERA: Disclosed Vulnerabilities
Oracle OPERA: Exposed Session Logs (#1)
Oracle OPERA: Exposed Database Creds (#2)
Oracle OPERA: Remote Code Execution (#3)
Oracle OPERA: Extracting Sensitive Data
Arbitrary Refunds with URI Schemes
Takeaways
Taught by
NorthSec
Related Courses
Data Wrangling with MongoDBMongoDB via Udacity Data Science Essentials for SAP
OnSAP Academy via Independent Herramientas de la Inteligencia de Negocios
Galileo University via edX Digital Media Analytics: Using 'Listening Data'
Purdue University via FutureLearn Advanced Business Analytics
University of Colorado Boulder via Coursera