parcomagic security analysis of public terminals denis makrushin (@difezza), kaspersky lab stanislav...
TRANSCRIPT
PARCOMAGICSecurity analysis of public terminals
Denis Makrushin (@difezza), Kaspersky LabStanislav Merzlyakov Positive Technologies
Watch out! Watchdogs.
Common usage devices
Life is a good teacher
Possibility of evil input
Possibility of evil input
Possibility of evil input
Methodic of Penetration testing
Virtual keyboard
Usage special crafted info or symbols to open files, execute scripts, injection
or BOF
Moving in Control panel
Execute your code
Right click, gestures, opening windows Start menu
Windows Help or Desktop
Input Data fuzzing
Tap-fuzzing
Escape from the application
Fullscreen application
View from the developer
Street magic: escape from the app
Street magic: virtual keyboard
Who am i?
Another kind of POC?
Catch me!
Bad full screen
Yep, bad full screen again
Post-exploitation
• Located in public places• 24/7 available• Same configuration• The higher degree of
confidence from the user• Connected to each other and to
private network
• Advertising• Social engineering/phishing• Botnet use cases• Dump of app for offline
reversing• Internal network attack• …
Take a look around
Firewall
Terminal’s server
Main office