17 replies to this topic

[aperfectcircle1]

What OS do they use? and how does they work o.o is they hackable ?

[zandi]

if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

[aperfectcircle1]

if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

oooo thx in order to extract information, would you use a sniffer or try to establish a shell in the system? I heard you cant sniff WPA/WPA2 traffic in monitor mode because of client keys :S

[n3xg3n]

if you're talking about POS (point of sale) systems common in stores & restaurants, all the ones i've seen are windows, and simply run a POS program on them that does all the hard work behind making a purchase. if you want to look at them, i'd recommend finding some way into the network and scanning them to see what kind of network services they're running. from there and some screensurfing you might be able to find out what POS they're using and research that.

oooo thx in order to extract information, would you use a sniffer or try to establish a shell in the system? I heard you cant sniff WPA/WPA2 traffic in monitor mode because of client keys :S

Whether or not you would use a sniffer or get a shell on the system is really dependent. Sniffing the traffic will probably be a lot easier and if it gives you all the information you're looking for then that is great. Getting a shell on the system would be a lot harder because you need to find some vulnerability that lets you exploit your way on to the system. If you need control of the system to achieve your ends, a sniffer really isn't going to do much for you (unless you can sniff a username and password for the system).

Even though you mightn't be able to passively sniff in monitor mode, that doesn't mean that all is lost. There still might be ways to sniff the traffic such as ARP poisoning (or if you're feeling adventurous, a physical tap).

[m3747r0n]

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

Edited by m3747r0n, 24 May 2010 - 03:15 AM.

[aperfectcircle1]

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

so if I were to try to intercept and unencrypt traffic... what would one do

[m3747r0n]

Most run Windows POS (Point of Sale) or Windows Piece Of Shit as its commonly known to anyone that has had the unpleasantness of working with it. Some also use Windows XP for embedded systems. Traffic is run through a VPN.

so if I were to try to intercept and unencrypt traffic... what would one do

You could look into vpn man in the middle attacks.

[phr33zr byt3]

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.

[aperfectcircle1]

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.

Where is the sql database with payment information located?

[phr33zr byt3]

I'm not sure where the sql database is,but once your in the network you could just scan for open ports with nmap and investigate from there and you would probably get some of that info anyway by running a man in the middle attack.

[PurpleJesus]

In somewhere like walmart,there price scanners run windows CE and the scanner is a program that auto runs.If you unplug the price scanner and plug it back in it will reboot.You could attempt to stop the program before it runs and then run something like Wireless Keyview from nirsoft.net to see the stored WPA key that goes to the walmart wireless network.Then you would have direct access to the walmart wireless network where all the POS systems send their traffic.

Where is the sql database with payment information located?

maybe here: http://www.joplinglo...remains-mystery

[phr33zr byt3]

Maybe, Area 51 is a giant walmart data center? lulz!

[nyphonejacks]

[quote name='PurpleJesus' date='29 May 2010 - 09:55 AM' timestamp='1275141324' post='353202']
[quote name='aperfectcircle1' date='28 May 2010 - 07:07 PM' timestamp='1275091634' post='353180']

maybe here: http://www.joplinglo...remains-mystery
[/quote]
now that is some scary shit... and i thought that google was the one violating everyones privacy....

[aperfectcircle1]

[quote name='nyphonejacks' date='29 May 2010 - 09:17 PM' timestamp='1275185836' post='353223']
[quote name='PurpleJesus' date='29 May 2010 - 09:55 AM' timestamp='1275141324' post='353202']
[quote name='aperfectcircle1' date='28 May 2010 - 07:07 PM' timestamp='1275091634' post='353180']

maybe here: http://www.joplinglo...remains-mystery
[/quote]
now that is some scary shit... and i thought that google was the one violating everyones privacy....
[/quote]

O_O

[m3747r0n]

[quote name='aperfectcircle1' date='30 May 2010 - 06:48 PM' timestamp='1275241720' post='353244']
[quote name='nyphonejacks' date='29 May 2010 - 09:17 PM' timestamp='1275185836' post='353223']
[quote name='PurpleJesus' date='29 May 2010 - 09:55 AM' timestamp='1275141324' post='353202']
[quote name='aperfectcircle1' date='28 May 2010 - 07:07 PM' timestamp='1275091634' post='353180']

maybe here: http://www.joplinglo...remains-mystery
[/quote]
now that is some scary shit... and i thought that google was the one violating everyones privacy....
[/quote]

O_O
[/quote]

http://www.peopleofwalmart.com/ They would most likely just give you their data if you asked

Edited by m3747r0n, 30 May 2010 - 04:15 PM.

[aperfectcircle1]

[quote name='m3747r0n' date='30 May 2010 - 04:11 PM' timestamp='1275253865' post='353250']
[quote name='aperfectcircle1' date='30 May 2010 - 06:48 PM' timestamp='1275241720' post='353244']
[quote name='nyphonejacks' date='29 May 2010 - 09:17 PM' timestamp='1275185836' post='353223']
[quote name='PurpleJesus' date='29 May 2010 - 09:55 AM' timestamp='1275141324' post='353202']
[quote name='aperfectcircle1' date='28 May 2010 - 07:07 PM' timestamp='1275091634' post='353180']

maybe here: http://www.joplinglo...remains-mystery
[/quote]
now that is some scary shit... and i thought that google was the one violating everyones privacy....
[/quote]

O_O
[/quote]

http://www.peopleofwalmart.com/ They would most likely just give you their data if you asked
[/quote]

LOL. I might consider that

[phr33zr byt3]

Yea,lulz,if you don't tell anyone about that picture of me on peopleofwalmart.com i'll break into walmart and steal their data.

[aperfectcircle1]

what about using netcat to connect to a SQL port and executing SQL commands and injection. Like ms-sql 1433 1434. Im not sure of the syntax to use but maybe do like user: SA password: 1=1 >.>