parcomagic: security analysis of public terminals
DESCRIPTION
A video game called Watch Dogs offers a realistic view on our near future – our surroundings filled to the brim with digital devices, machines which accept and dispense cash, and a variety of other connected things ridden with all sorts of vulnerabilities, which a hacker can exploit. In the game, the main character successfully compromises a video surveillance system using a smartphone, gaining the ability to conduct surveillance and obtain additional information. The game’s fans are divided: some say this is too ‘dystopian’ – taking a smartphone and hacking into everything around you. Others are somewhat skeptical, saying that things really aren’t that great and the game world is in many ways a reflection of real life. Below, we argue that devices in parks and other public spaces, which we often pass without giving them a second thought, may be vulnerable and therefore dangerous, at least for our personal finances. ZeroNights 2014 is an international conference dedicated to the practical side of information security.TRANSCRIPT
![Page 1: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/1.jpg)
PARCOMAGICSecurity analysis of public terminals
Denis Makrushin (@difezza), Kaspersky Lab
Stanislav Merzlyakov, Positive Technologies
![Page 2: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/2.jpg)
WATCH OUT! WATCHDOGS.
2
![Page 3: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/3.jpg)
Common usage terminals
![Page 4: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/4.jpg)
Life is a good teacher
![Page 5: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/5.jpg)
Methodic of Penetration testing
Virtual keyboard
Moving in Control panel
Arbitrary code execution
Windows Help or Desktop
Input Data fuzzing
Tap-fuzzing
Escape from the application
Fullscreen application
Calling the additional elements of the
system’s interface
Calling the undocumented features of
the application
![Page 6: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/6.jpg)
View from the developer
![Page 7: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/7.jpg)
Street magic: escape from the app
![Page 8: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/8.jpg)
Street magic: virtual keyboard
![Page 9: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/9.jpg)
Who am I?
![Page 10: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/10.jpg)
Another kind of PoC
![Page 11: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/11.jpg)
Catch me!
![Page 12: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/12.jpg)
Post-exploitation
• Located in public places
• 24/7 available
• Same configuration
• The higher degree of
confidence from the user
• Connected to each other and to
private network
• Advertising
• Social engineering/phishing
• Botnet use cases
• Dump of app for offline
reversing
• Internal network attack
• …
![Page 13: Parcomagic: Security analysis of public terminals](https://reader033.vdocuments.mx/reader033/viewer/2022060200/5598af071a28ab1e158b4584/html5/thumbnails/13.jpg)
Take a look around
Firewall
Terminal’s
server
Main office