What is below proves the card holder PAN is in the clear in the dump…
public class memSecurity { public static void main (String args[]) throws Exception { String c = "1234567887654321"; Thread.sleep(180000); } }
Compile and run what is above, and at the same time, trigger a heap dump with jmap, then fire up jhat pointing to the just created heap dump, and you have your card number…
…and…