Physical Security – We Hack People

War Story: “Can I see that?”

August 18, 2022

When traveling for these types of assessments, we always consider the location of a client’s facilities. Often, we’re fortunate enough that these locations are adjacent to a hotel, café, food court, or a shared facility in general. How does this help, other than the convenience of a nap or food in between efforts? To a malicious actor, one can use this to conduct passive reconnaissance to gather useful information which is anything from the target facility’s dress code, ingress/egress points, security camera placement, style of… … More War Story: “Can I see that?”

Open a Locked Door With Canned Air or Hand Warmer – Covert Entry Techniques

January 24, 2022

The Attack: In our presentations on “Covert Entry“, we discuss bypassing locked doors equipped with REX (request-to-exit) sensors as it’s one of the go-to vulnerabilities that we exploit during assessments. The vulnerability is very common, and the attack is quick. When we share this information, there are those who think it’s just a “trick” and … More Open a Locked Door With Canned Air or Hand Warmer – Covert Entry Techniques

Tactical Reversed Lock Picking Practice Stand

September 4, 2020

“This device allows you to practice lock picking as though you’re having to reach through security bars, and the lock is not in clear view.“ When we first learn to pick locks, we often hold the padlock comfortable in our hands, placing it in the perfect position. This helps us to learn the basic, and … More Tactical Reversed Lock Picking Practice Stand

Who’s Your Hacker -Presentation

June 10, 2020

Who’s Your Hacker interviewed Tim and I regarding social engineering, penetration testing, red teaming, surveillance, and much more. There were great questions, and some great insight to what we do. 🙂 Thanks for having us on!

Open a locked door with a piece of plastic

January 29, 2020

Opening a locked door with just a piece of plastic is just as bad and simple as it sounds. If a lock is not equipped with, or has a deadlatch button that’s improperly configure, it’s very easy and quick to slip the latch and let yourself in. In the following videos, you’ll see where I … More Open a locked door with a piece of plastic

Improved Canned Air Attacks Against REX Sensors

August 28, 2019

Bypassing Request-to-Exit (REX) sensors with canned air and other mediums isn’t a new attack, and is widely used as a covert method of entry. However, there are times where this attack could be possible, but certain elements such as a small physical gap that the straw can’t fit through, REX sensor being farther away, etc., … More Improved Canned Air Attacks Against REX Sensors

Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

September 18, 2018

Recently, we assessed two point-of-sale (POS) systems for clients in different industries – Retail and Restaurants. POS systems are the latest and greatest hacking target taking place around the nation. In the last couple of years, we’ve read a lot about big organizations being hacked and credit card information stolen. In these instances, terminals from the … More Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

Protecting from the Under-the-Door Tool

August 11, 2018

If you’re not familiar with the Under-the-Door (UtDT), it’s a device that fits between the physical gap at the bottom of doors, is then rotated upwards, grasps the lever-style door handle, pulls down and opens the door from the inside. It’s very easy to use, and is publicly available for purchase. Lever Handle: Under-the-Door tool: … More Protecting from the Under-the-Door Tool

Crash Bar Bypass Tools for DEF CON 26

August 9, 2018

Just for fun, I decided to make a few crash bar (J tool) bypass tools to hand out at DEF CON 26. They are made with weldable wire, and some heat shrink for the grip, and to help prevent scratching. Also, for the sake of size, I decided to create a very small hook that … More Crash Bar Bypass Tools for DEF CON 26

Proxmark 3 Cheat Sheet and RFID Thief Instructions

July 16, 2018

Found some awesome write-ups from Alex Dib regarding building your own RFID cloner and a useful Proxmark3 cheat sheet, and wanted to share! Proxmark3 Cheat Sheet Great cheat sheet for those using the Proxmark3 software. https://scund00r.com/all/rfid/2018/06/05/proxmark-cheatsheet.html RFID Thief v2.0 Very detailed write-up for building your own long-range RFID cloner. https://scund00r.com/all/rfid/tutorial/2018/07/12/rfid-theif-v2.html

Proxmark3 Resources

November 8, 2017

Resource to flash the Proxmark3 from the standard HF mode, to LF mode: https://legacysecuritygroup.com/index.php/projects/categories/9-rfid/7-proxmark-3-emulating-hid-tags-in-standalone-mode WINDOWS Download the github proxmark3 standalone LF emulator Master by Corey Harding —https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator Run Easy Flash Utility for Windows .bat This tool is handy for reflashing your Proxmark3 for whatever you need it for Reference: https://www.youtube.com/watch?v=06DgTuJcMQ8 Plug in your Proxmark3 and … More Proxmark3 Resources

We Hack People – Covert Entry

Tim Roberts, Brent White – Covert Entry, Social Engineering, Red Team, Hacking, Physical Security, Bypass, Lock picking

Category: Physical Security