https://github.com/marschall/pan-grabber
A JVM Agent that extracts PANs from running Java applications.
https://github.com/marschall/pan-grabber
Last synced: 3 months ago
JSON representation
A JVM Agent that extracts PANs from running Java applications.
- Host: GitHub
- URL: https://github.com/marschall/pan-grabber
- Owner: marschall
- Created: 2014-11-22T19:52:10.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2020-11-15T19:57:08.000Z (over 4 years ago)
- Last Synced: 2025-01-16T02:45:03.165Z (4 months ago)
- Language: Java
- Size: 21.5 KB
- Stars: 1
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
PAN Grabber
===========
A JVM Agent that extracts PANs from running Java applications.
This is intended for research and education purposes.
The following very simple algorithm is used to detect PANs:
* `java.lang.String` of length 16
* passes the [Luhn check](http://en.wikipedia.org/wiki/Luhn_algorithm)
among other this leaves out the following PANs:
* longer than 16 digits
* stored in anything other than `java.lang.String` eg.
* `long`
* `BigInteger`
* `byte[]` or `char[]`
* `CharBuffer` or `ByteBuffer` especially direct allocated ones
It does not check the PANs against BIN ranges. It will also report PANs that start with digits other and 4 or 5.
JVMs supported:
* HotSpot
* JRockit (theoretically, untested)
JVMs not supported
* J9 (lacks runtime attach API)
* JVM embedded in other applications (libjvm eg. Eclipse)
Usage
-----
* compile the project with `mvn clean package`
* optionally start a sample application with `sh sample-application.sh`
* run `sh pan-grabber.sh`
Cost
----
The cost of [IterateThroughHeap](https://docs.oracle.com/javase/8/docs/platform/jvmti/jvmti.html#IterateThroughHeap) is quite high:
> During the execution of this function the state of the heap does not change: no objects are allocated, no objects are garbage collected, and the state of objects (including held values) does not change. As a result, threads executing Java programming language code, threads attempting to resume the execution of Java programming language code, and threads attempting to execute JNI functions are typically stalled.