QIWI PWN 2 PAY

At the ZeroNights conference, anyone will be welcome to participate in the hunt for vulnerabilities in QIWI payment terminals. Two completely functional terminals will be available during the entire event.

DON’T:

  • perform destructive actions which can physically damage the terminal
  • attack the bill acceptor sensors (fake banknotes, fishing)

DO:

  • use lockpicks for physical access to the terminal equipment
  • connect additional equipment to the terminal

We are interested in vulnerabilities which allow escaping into Windows layer or executing fake payments using data retrieved from the terminal. Depending on the criticality of a discovered vulnerability, the reward can amount to 150 thousand rubles and will be paid under the established bug bounty program.
Organizers:
Official support:
Participating:
Gold sponsor:
Silver sponsor:
Silver sponsor:
Silver sponsor:
Title media partner:
Gold media partner:
Silver media partner:
Strategic media partner:
Strategic media partner:
Media partner: