I just have new assignment which is pentesting Electronic Data Capture (EDC)
application based, running on Hypercom Optimum series. This application is
used by prepaid card (a smart card chips) to update data inside the card. My
client suspected that an attacker may able to modify data inside the card by
circumventing dialup communication between EDC device and the server, but I
am not sure about that.
I saw from Optimum developer toolkit, they are using C or C++ for the roam
software. Include in the SDK are opensource compiler like GCC and GDB for
debugging stuff.
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
I just have new assignment which is pentesting Electronic Data Capture (EDC)
application based, running on Hypercom Optimum series. This application is
used by prepaid card (a smart card chips) to update data inside the card. My
client suspected that an attacker may able to modify data inside the card by
circumventing dialup communication between EDC device and the server, but I
am not sure about that.
I saw from Optimum developer toolkit, they are using C or C++ for the roam
software. Include in the SDK are opensource compiler like GCC and GDB for
debugging stuff.
Does anybody have good sources about this?
Thanks.
00f/r0aD
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]