FTK regular expression

Does this search for every single credit/debit card number possible?

While I haven't tried this method (usually use the CreditCardFinder Module in EnCase), if you're using a regex, it will find all numbers that meet the criteria of the regex. Once you have the list, you'll need to check them against the Luhn formula to determine if they are legit credit card numbers. I'd also include a check for determining the cc brand.

H

Sorry for my ignorance KeyDet, but

Luhn formula ??

and how would i include a check for determining the credit card brand?

Thanks for the pointers/ any further info

If you Google for the info, you'll find it on WikiPedia…

A regular expression search in FTK is a live search. FTK provides some pre-defined regular expressions including Visa & MasterCard numbers.

Cheers guys, how do you think i should go about searching for the last 3 digits (security number) on the security strip on the back of visa/master cards.
If i do a regular expression search for this then surely the results will be ridiculous… 😯

Maybe doing the above is not an option.. how would you go about including a check for the credit card brand?

Thanks

[quote=strobak"]how would you go about including a check for the credit card brand?The structure of the string is different for different cards say MC vs. Visa vs. AMEX.

can you expand on this?

I've found what i was looking for D good feeling

If your regular expression for AMEX is ^([34|37]{2})([0-9]{13})$ and your expression for VISA or MC is ^(5[1-5]\d{2})\d{12}|(4\d{3})(\d{12}|\d{9})$ they will not find the same sequence. If you want to further limit your search for MC or Visa, MC starts with a 51, 52, 53, 54 or 55 and Visa with a 4. So you could write ^([51|52|53|54|55]{2})([0-9]{14})$ or ^([4]{1})([0-9]{12,15})$. Regular expressions can be very, very helpful.