lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed May 25 20:45:54 2005 From: khermansen at ht-technology.com (Kristian Hermansen) Subject: Hack Your Credit Card Company I have recently discovered some pretty common ways to bypass/override credit card company online payment systems. Many of the hacks I have played around could result in a massive loss of income for the companies. I have added a simple page detailing how I did one of these attacks on my own company. You guys might be interested to know that almost every consumer online payment system I have run into has such issues. The link below will walk you through a very simple scenario I have played out in real-life, on a live system: http://www.kristianhermansen.com/cchack/hack_gm.html Credits go out to Jon Hermansen for a few details which helped with further exploitations. -- Kristian Hermansen <khermansen@...technology.com> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050525/334eb899/attachment-0001.bin