chevron_left chevron_right
Login Register invert_colors photo_library


Stay updated and chat with others! - Join the Discord!
Thread Rating:
  • 0 Vote(s) - 0 Average


Vulnerable POS system with card info filter_list
Author
Message
Vulnerable POS system with card info #1
I found a vulnerable point of sale system that ended up having a database back end with some creditcard info.
Here's some proof: https://imgur.com/a/TCQlOOp

I wanna see if they have any other stuff but I hit a wall, maybe someone else can go further IP address is below

40 117 88 231

Reply

RE: Vulnerable POS system with card info #2
Bro, how many CCs linked to this POS?

Reply

RE: Vulnerable POS system with card info #3
i would definitely not sell them on tor
(This post was last modified: 04-27-2019, 08:42 PM by //////////////////////////////.)

Reply

RE: Vulnerable POS system with card info #4
When you say vulnerable are you meaning there is an exploit for said POS server/software. Or it uses default credentials?
Tips, Payments, or Generosity Btc: 1E2FfUo4kcTkuacYqiJ83tib4Dnvezhq48

Reply

RE: Vulnerable POS system with card info #5
Thanks. Tried. Not working anymore(

Reply

RE: Vulnerable POS system with card info #6
Oh, I'll be damned, I actually tried to get one of the credit car ds that you posted in the imgur image, "Your C a r d was declined by the issuing b a n k, Please try a different payment method." XD
Join HackChats at https://discord.gg/sUpZUxs

Reply

RE: Vulnerable POS system with card info #7
Okay so this guy is full of shit.
1. POS machines dont store cc data in plaintext or on the machine at all. There is no way if getting cc data from a POS machine this way.
You cant intercept packets sent to the company processing the payments because thats all encrypted and you also cant find stored cc data on these machines as these machines dont store cc data.
2. In order to exploits a POS machine you need a type of malware created for the soul purpose of scraping the machines RAM pretty much straight after a payment has been processed as cc data IS stored in the ram for a short period of time after a cc has been used on it. The said data would then be sent to a CNC server for the attack to collect and sell or use.
3. POS machines do not store the data included in the screenshot IE (CC number , expiry , CVV) a POS machine .... is a POS machine the payments are based on either NFC (or contactless) chip and pin , or magstripe and pin. This means that the data collected by said malware is going to be in the form of cc pins and magstripe data. Which are then cloned with a device called an MSR and taken to places (in real life) to then make purchases.
4. The format the apparent cc data is in ... is stored in a database format which reminds me of mysql ....which would be used for the users of a website.... not a POS machine at all.

Reply






Users browsing this thread: 1 Guest(s)