How to Rob an Online Bank (and get away with it) - Acros Security
12.07.2015 Views
Share Embed Flag

How to Rob an Online Bank (and get away with it) - Acros Security

How to Rob an Online Bank (and get away with it) - Acros Security

How to Rob an Online Bank (and get away with it) - Acros Security

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
  • No tags were found...
acros.si

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Apply: Penetration Testers• Staging != Production• Authentication, back-end processing, scheduled jobs• Find bugs in staging, verify in production• Successful tests in production may be hard <strong>to</strong> undo(therefore test <strong>w<strong>it</strong>h</strong> small amounts)• Vulnerabil<strong>it</strong>ies• Use HTTP proxy* <strong>to</strong> “eliminate” client user interface• Be really thorough <strong>w<strong>it</strong>h</strong> negative numbers• Base64 encoding is often mere obfuscation• B<strong>an</strong>ks are focused on authentication, not authorization* https://www.owasp.org/index.php/Phoenix/Tools#HTTP_proxying_.2F_ed<strong>it</strong>ing48

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!