Академический Документы
Профессиональный Документы
Культура Документы
CREDIT CARDS
INCOGNITO MODE
Ionut
Popescu
Penetration tester @ KPMG Romania
http://www.kpmg.com/ro/en/pages/default.aspx
1. Credit cards
2. Debit cards
3. Gift cards
4. Fleet cards
PAYMENT EXAMPLE
PAYMENT
AUTHORIZATION
VULNERABILITY AREAS
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
MAGNETIC STRIPE CREDIT
CARDS
Track 1 (79 bytes):
%B4005554444444403^GOMZIN/SLAVA^1512101000000012300?
MAGNETIC STRIPE CREDIT
CARDS
Track 2 (40 bytes):
;4005554444444403=1512101000000012300?
PAN PRIMARY ACCOUNT
NUMBER
Digits Value
And now how to solve those problems? Perhaps the simplest solution, Paget
advises, is to kill your cards RFID chip by frying it in the microwave. But
thats a more delicate task than it might seem. Three seconds in the
microwave will kill the chip, she says. Five seconds will set it on fire.
CREDIT CARD BREACH
Phishing
Skimming
CREDIT CARD BREACH
Note: Attackers may not know where to search for, so they search in almost all
processes.
Why:
- Application logs
- Temporary files
- Backup files
- Database files
Component Memory
Firefox.exe Mozilla Firefox code
kernel32.dll Windows component
ntdll.dll Windows component
nss3.dll Mozilla Firefox component
mozjs.dll Mozilla Firefox component
STACK Temporary data in memory
HEAP Temporary data in memory
NSS3.D
LL
Contains code related to Internet communication
Export functions:
- PR_Write: Used to send data to a server
- PR_Read: Used to read data from a server
ionut.popescu@outlook
.com