![Page 1: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/1.jpg)
PARCOMAGICSecurity analysis of public terminals
Denis Makrushin (@difezza), Kaspersky LabStanislav Merzlyakov Positive Technologies
![Page 2: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/2.jpg)
Watch out! Watchdogs.
![Page 3: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/3.jpg)
Common usage devices
![Page 4: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/4.jpg)
Life is a good teacher
![Page 5: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/5.jpg)
Possibility of evil input
![Page 6: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/6.jpg)
Possibility of evil input
![Page 7: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/7.jpg)
Possibility of evil input
![Page 8: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/8.jpg)
Methodic of Penetration testing
Virtual keyboard
Usage special crafted info or symbols to open files, execute scripts, injection
or BOF
Moving in Control panel
Execute your code
Right click, gestures, opening windows Start menu
Windows Help or Desktop
Input Data fuzzing
Tap-fuzzing
Escape from the application
Fullscreen application
![Page 9: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/9.jpg)
View from the developer
![Page 10: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/10.jpg)
Street magic: escape from the app
![Page 11: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/11.jpg)
Street magic: virtual keyboard
![Page 12: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/12.jpg)
Who am i?
![Page 13: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/13.jpg)
Another kind of POC?
![Page 14: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/14.jpg)
Catch me!
![Page 15: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/15.jpg)
Bad full screen
![Page 16: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/16.jpg)
Yep, bad full screen again
![Page 17: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/17.jpg)
Post-exploitation
• Located in public places• 24/7 available• Same configuration• The higher degree of
confidence from the user• Connected to each other and to
private network
• Advertising• Social engineering/phishing• Botnet use cases• Dump of app for offline
reversing• Internal network attack• …
![Page 18: PARCOMAGIC Security analysis of public terminals Denis Makrushin (@difezza), Kaspersky Lab Stanislav MerzlyakovPositive Technologies](https://reader030.vdocument.in/reader030/viewer/2022033105/5697bfca1a28abf838ca94aa/html5/thumbnails/18.jpg)
Take a look around
Firewall
Terminal’s server
Main office