Reference: OWASP discussion on point-of-sale (POS) malware
Lesson on "Anatomy of memory scraping credit card stealing POS malware" RE: Important Windows calls used by POS malware Step 1: Find POS process with credit card data EnumProcesses OpenProcess EnumProcessModules GetModuleBaseName Step 2: Elevate privilege to SE_DEBUG_NAME OpenProcessToken LookupPrivilegeValue AdjustTokenPrivilege Step 3: Open POS process OpenProcess Step 4: RAM Scraping VirtualQueryEx ReadProcessMemory
0 Comments
Leave a Reply. |
AuthorVitali Kremez Archives
September 2016
Categories |