Tim Yunusov & Leigh-Anne Galloway
Tim Yunusov - Security Researcher at Positive Technologies
Leigh-Anne Galloway - Security Researcher at Positive Technologies
For the Love of Money: Finding and exploiting vulnerabilities in mobile point of sales systems
Workshops which shows how to interact with bluetooth's devices and make RE of a dumb mobile applications are very popular. But in reality you meet a huge gap between these devices and real-life industrial software and hardware. Modern mobile POS terminals - are piece of art from a security perspective, with integrated anti-tampering protections, encrypted card's data and anti-root mechanisms, imlemented in mobile apps. But if you will be persistant enough and improve publicly available POC for "smart led's controller bia bluetooth" for doing interaction with mPOS, you can actually find something - from replay and tampering attacks, to BOF and code execution in a firmware of modern mPOS.
Plan of workshop:
- research overview
- components overview
- communication interception's ways:
- mobile app RE and information gathering
- rooted device and developer's options
- bluetooth MITM
- protocol' reconstruction
- replay and tampering attacks
- automation and fuzzing devices: PayPal miura010, iZettle DateCS, SumUp
Tim Yunusov is an expert in the area of banking security and application security. He has authored multiple research in these areas including "Apple Pay replay attacks" (Black Hat USA 2017), "7 sins of ATM protection against logical attacks" (PacSec, POC), "Bruteforce of PHPSESSID", "XML Out-Of-Band" (Black Hat EU), and is rated in the Top Ten Web Hacking Techniques by WhiteHat Security. He regularly speaks at conferences and has previously spoken at CanSecWest, Black Hat USA, Black Hat Europe, HackInTheBox, Nullcon, NoSuchCon, Hack In Paris, ZeroNights, and Positive Hack Days.
Leigh-Anne Galloway is a Security Researcher who specializes in the areas of application and payment security. Leigh-Anne started her career in incident response, leading investigations into payment card data breaches. This is where she discovered her passion for security advisory and payment technologies. She has presented and authored research on ATM security, application security and payment technology vulnerabilities, and has previously spoken at DevSecCon, BSides, Hacktivity, 8dot8, OWASP, and Troopers.