User Controls
Determining what OS certain devices use
-
2022-04-16 at 2:02 AM UTCI need some ideas on determining what OS is running on a multitude of devices that are not my own and would be difficult to access. I think social engineering might be the best way but I am also considering spying using tiny cameras.
These devices are devices such as payment systems at restaurants, cash registers, and other payment-related systems. -
2022-04-22 at 8:29 PM UTC
Originally posted by Misterigh These devices are devices such as payment systems at restaurants, cash registers, and other payment-related systems.
Windows XP
About six months ago I was at the drive through ATM at a local CHASE bank and the thing rebooted while I was using it...and it rebooted into WinXP...first before it's Chase "wrapper/front end" popped up...what the fuck... -
2022-04-22 at 8:47 PM UTCI went to the bank to move some money and I saw the screen and it was XP I was like WTF??
-
2022-04-22 at 8:52 PM UTC
Originally posted by Misterigh I need some ideas on determining what OS is running on a multitude of devices that are not my own and would be difficult to access. I think social engineering might be the best way but I am also considering spying using tiny cameras.
These devices are devices such as payment systems at restaurants, cash registers, and other payment-related systems.
I would guess some flavor of LINUX.
https://distrowatch.com/ -
2022-05-10 at 10:50 AM UTCThings like Cash Registers run on Debian, the subway in my neck of the woods runs on Debian too. ATMs will vary between Windows XP and 7, and if you have a payment system that is not directly affiliated with a bank it will almost always run on Linux.
Those little boxes that can scan your credit card at restaurants generally have some proprietary stuff on ARM Architecture. So that may be a bitch.
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import os
if 'WINDOWS' in os.getenv('PATH'):
print("You're on Windows, bro")
elif '/bin/sh' in os.getenv('PATH'):
print("Some Linux flavor")
OS Module has a bunch of methods as useful as those illustrated above. You can compile to exe with Pyinstaller. And you can either download a static binary of the Python Interpreter for use on Linux or pack your Python program with everything it needs.
If you manage to gain remote access make sure to download RootHelper from my repo to the device you're on. I designed it for enumeration and privilege escalation. Maybe write something in PowerShell for Windows, or just keep everything Python.
As a matter of fact, for my personal use i have a variant of RootHelper written in C, obfuscated, encoded, and it uses LD_PRELOAD so no worries with regards to compatibility. -
2022-05-10 at 11:21 AM UTCmost cash registers I've seen run Windows, yeah payment devices like Tyro use some kind of embedded lunix as I understand it
-
2022-05-10 at 12:42 PM UTCIf it’s a cash register and you can’t interact with it there’s really not much you can do just by looking at a screen.
Although even if you actually have a terminal it’s not always trivial. Linux and most (all?) unicies have uname which is the go-to. Apparently windows has a binary called “systeminfo”, so there’s all the common stuff covered.
In both cases it’s the OS attempting to make itself known to you though. There’s not exactly a precise place you can look at to figure out “what OS is this” or even really what it means to be one OS vs another (the kernel? Many distros run the same kernel but are generally considered different OSs, you can patch the kernel but still generally be considered to be using the same OS)
Idk really, it gets kinda philosophical on what you think an OS is. -
2022-05-10 at 12:59 PM UTCThat's why it's gonna be nice once everyone gets on windows 11 it's literally going to be the last version of windows they ever come out with because Microsoft has perfected the system literally there's no change they could have to make that would necessitate making a new OS
-
2022-05-10 at 2:01 PM UTC@Lanny
You enum the Architecture. So you know whether you're on ARM, x64, or x86. Then based on that info you send your compiled C/C++ binary over or deliver through some other vector so you can start enumeration operations. Inline Asm for different OS'. With regards to Windows, the kernel is the right place to look, you can either enum from the hardware up to the kernel up to the drivers and infer precisely what you are working with that way. Either by dropping a driver, Windows Drivers can generally enum all other drivers by virtue of having read permission in the mode that they operate in.
Or you need to Escalate Privs on Windows, because there's tooling to do most of the enumaration with standard Windows Utils. From the hardware up to the drivers and daemons.
REM As you mentioned System Info gives all the info
REM Interestngly hotfixes too for security &c.
REM Which can then be uninstalled with the `wusa` utility
systeminfo.exe
Domain: ********
Logon Server: \\******
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB4562830
[02]: KB5003304
[03]: KB5007401
[04]: KB5012599
[05]: KB5011651
--------------------------------------------------------------------------
REM this is also a thing
REM I left a lot out but you can have this tool write out a logfile IIRC
clinfo.exe
--------------------------SNIP----------------------------------------------
Name: Intel(R) Core(TM) i9 CPU
Vendor: GenuineIntel
Device OpenCL C version: OpenCL C 1.2
Driver version: 1800.11 (sse2)
Profile: FULL_PROFILE
-------------------------SNIP-----------------------------------------------
Simple GUI goes a long way.
And if you're going to write a kernel mode enum tool, having genuine certs, or being able to spoof them will be very helpful.
Anyway, just my thoughts. I realize this is probably overkill for OP's purposes but i had a think and this is what i came up with. -
2022-05-10 at 2:05 PM UTCjust rob them with a gun retard
-
2022-05-10 at 2:07 PM UTC
Originally posted by Lanny If it’s a cash register and you can’t interact with it there’s really not much you can do just by looking at a screen.
Although even if you actually have a terminal it’s not always trivial. Linux and most (all?) unicies have uname which is the go-to. Apparently windows has a binary called “systeminfo”, so there’s all the common stuff covered.
In both cases it’s the OS attempting to make itself known to you though. There’s not exactly a precise place you can look at to figure out “what OS is this” or even really what it means to be one OS vs another (the kernel? Many distros run the same kernel but are generally considered different OSs, you can patch the kernel but still generally be considered to be using the same OS)
Idk really, it gets kinda philosophical on what you think an OS is.
Blah blah blah.
What a lonely word salad guy says -
2022-05-10 at 3:25 PM UTC
Originally posted by Jiggaboo_Johnson Windows XP
About six months ago I was at the drive through ATM at a local CHASE bank and the thing rebooted while I was using it…and it rebooted into WinXP…first before it's Chase "wrapper/front end" popped up…what the fuck…
all atms i've came across are running on XP. -
2022-05-10 at 3:26 PM UTCcontrary to popular opinion and beliefs, XP is sitll the most secure OS in the market today.
-spectral can attest ti the truthfullnes of this statement. -
2022-05-10 at 3:47 PM UTCCan a Linux light vers.. work on my Amazon Fire Tab?
I fucking hate their proprietary OS blocking Google play -
2022-05-10 at 3:48 PM UTC
-
2022-05-10 at 3:51 PM UTCWhy would corporate banks run a known security problematic piece of shit like Windows Platform
We had Wizardz at Wells and Bnk-o-t-West in 1995 which was a secured network that Avis Rent and Hertz and some airlines used 8n the 1980s -
2022-05-10 at 3:54 PM UTCFirst BBS I used was Wizardz which ran on satellites in the late 1980s.
Not much different than &TOTSE
I believed Wildcat Host-BBS was what it used -
2022-05-10 at 4:57 PM UTC
-
2022-05-10 at 4:58 PM UTC
-
2022-05-10 at 5:01 PM UTC"Positive Technologies' study had its researchers try to penetrate 26 machines from various manufacturers and service providers.
The researchers found that 15 of the ATMs were running Windows XP, 22 were vulnerable to a “network spoofing” attack, 18 were vulnerable to 'black box' attacks, 20 could be forced to exit kiosk mode via USB or PS/2 and 24 had no data encryption in place on their hard drives."
