In this talk from No Hat 2024, I go through my exploration and reverse engineering of one of the most popular “Smart POS” credit card terminals currently in use worldwide. I present the research process that led me to the discovery of multiple software vulnerabilities, ultimately granting me persistent root access to the device’s operating system.
This talk was presented at the No Hat computer security conference, held in Bergamo (Italy) on October 19, 2024.