g/pax-pwn
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

typo

Browse Source
This commit is contained in:
Giulio 2020-11-01 20:41:21 +01:00
parent 42ee93a278
commit ebe6ea5149
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Readme.md
View File

@ -374,7 +374,7 @@ The graphic interface library is `libxui.so`.
By finding a vulnerability in a Merchant App, in `libosal.so` or in one in the kernel drivers a remote attack via a payment vector is theoretically possible. Unfortunately, due to the lack of second hand production PoS in the used market, I'm unable to get a test device with a working Merchant App unless I open a contract with a bank (which I don't want to). If anyone has contacts or is willing to provide one, or need assistance for futher research drop me an email or a tweet. By finding a vulnerability in a Merchant App, in `libosal.so` or in one in the kernel drivers a remote attack via a payment vector is theoretically possible. Unfortunately, due to the lack of second hand production PoS in the used market, I'm unable to get a test device with a working Merchant App unless I open a contract with a bank (which I don't want to). If anyone has contacts or is willing to provide one, or need assistance for futher research drop me an email or a tweet.
## Reporting ## Reporting
I tried contacting several times PAX Global via email and never got a reply related to anything: neither about the security vulneabilities, neither on inquiries about the source code fot the GPL licensed software (Linux/U-Boot). I tried contacting several times PAX Global via email and never got a reply related to anything: neither about the security vulneabilities, neither on inquiries about the source code for the GPL licensed software (Linux/U-Boot).
## Fun fact ## Fun fact
I had issues understanding the `shadow` password format: I had issues understanding the `shadow` password format: