YoVDO

PinPadPwn

Offered By: 44CON Information Security Conference via YouTube

Tags

44CON Courses Cybersecurity Courses Ethical Hacking Courses Exploit Development Courses Smart Cards Courses

Course Description

Overview

Explore the vulnerabilities of pin pads and payment terminals in this 57-minute conference talk from the 44CON Information Security Conference. Delve into the complexities of Chip and Pin technology, EMV protocols, and the expanding attack surface of payment devices. Learn about memory corruption vulnerabilities and their potential for code execution on terminals. Examine case studies, witness demonstrations of exploits, and understand the implications for payment security. Gain insights into vendor fixes, device administration, and future security considerations for payment systems.

Syllabus

Intro
Rafael
Payment terminals
Previous attacks
Attack Surface
Research Approach
Common setups
Payment ecosystem
Chippin payments
Chipandpin payments
Smart cards
EMV Lab Doc
First Attempt
Smart Card
Case Studies
Payment Terminal
Network Interface
Memory Dump
Password Check
EMV Buffer Overflow
Demo
Demo Summary
Vendor Fix
Device Overview
Payment Application
Remote Administration
Demonstration
Payment
CashInHide
Future Work
More Updates
Conclusion
Security
Security questions


Taught by

44CON Information Security Conference

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent
Reverse Engineering and Exploit Development
Udemy
Penetration Testing: Advanced Kali Linux
LinkedIn Learning
Linux x86 Assembly and Shellcoding
Udemy
Python : Sıfırdan İleri Seviyeye - Etik Hacker Örnekleriyle
Udemy