Presented at
CactusCon 11 (2023),
Jan. 27, 2023, 4:30 p.m.
(30 minutes).
Isn't it annoying when you go to your favorite restaurant and you have to pay for your food? What if we told you that you didn't have to, that instead you could trick restaurants into giving you whatever food you want for free.
Almost all restaurants manage their payments and orders through a Point of Sale (POS) system which runs on their local wireless network. Meaning that upon gaining access to the local Wi-Fi network, an attacker can work to exploit the POS service. As novice security researchers, we've learned various Wi-Fi hacking methods, and tested them at several restaurants to find common vulnerabilities. With approval, we then find the POS system in use and exploit it to accept our commands.
In this talk, we'll walk you through various Wi-Fi hacking techniques and how to enumerate a system to find and exploit a POS to get free food.
Presenters:
-
Megi Bashi
- Cybersecurity Undergrad, Arizona State University
Megi Bashi is a recent Computer Systems Engineering and Cybersecurity graduate from Arizona State University. She is a blue-team Information Security Analyst working in Consulting. Megi is passionate about finding security loopholes, OSINT and playing Capture the Flag (CTF) Tournaments. Her goal is to become an ethical hacker.
-
Ryan Dinnan
- Cybersecurity Undergrad, Arizona State University
Ryan Dinnan is a senior Computer Systems Engineering student at Arizona State University. A Cybersecurity enthusiast, Ryan has plenty of experience in a variety of cyber fields with special interest in Application Security and OSINT. Ryan has interned with NaviSec and American Express where he's received first hand practice with Penetration Testing and Web-Application Security Testing. When he's not hacking or studying, you'll find him watching movies and hiking.
Links:
Similar Presentations: