pull down to refresh
119 sats \ 2 replies \ @SimpleStacker 27 Mar \ parent \ on: Social Engineering Practice 0x03 security
With this great recon, it seems like it would be more fun to try a non-social route.
First thought is lockpicking. Check out the lock again, look for the manufacturer and see if you can buy the same model. Then practice on it at home until you can lockpick it pretty quickly.
Another thought is to check the vendor of the elevator control panel. Then look for known security vulnerabilities. Maybe there is a way to clone a guest access keyfob, or there's a special access code for maintenance? This is probably less likely to work, but if it does it will be the most fun way to pwn the system.
Another possibility is that after you check out the system specs, you see that it does not track the identity of the keycard users. If that's the case, then you can just clone your friend's keycard and use it, it won't be traced back to him.
Social approach may depend on whether you want to get access to the 8th floor alone, or is crashing a party ok? Seems like the guard doesn't really check your credentials if he knows there's a party going on. So just ask your friend to tell you next time another tenant is hosting a pool party, then tell the guard "I'm here for the pool party." Just make sure you dress really cool and look the part when you do it. (This also involves your friend, but not in any way that can be traced back to him.)
I was going to mention that about the system. I think it’s the best approach, along with lockpicking.
If you get a card with the same key, that’s enough. No one will question you.
reply
First thought is lockpicking. Check out the lock again, look for the manufacturer and see if you can buy the same model. Then practice on it at home until you can lockpick it pretty quickly.
this is a cool idea, I haven't thought of that! I wonder though if you can pick a lock that is additionally secured by a card reader. But a lock itself can be pretty hard to pick, too. I once had to get a door fixed and I used the opportunity to ask the artisan about locks and he showed me all the security features of my lock. I quickly lost hope to ever pick that lock, lol.
Another thought is to check the vendor of the elevator control panel. Then look for known security vulnerabilities. Maybe there is a way to clone a guest access keyfob, or there's a special access code for maintenance? This is probably less likely to work, but if it does it will be the most fun way to pwn the system.
Also very good idea but I need someone else's keyfob first unless it's really insecure. But it's definitely worth looking into!
is crashing a party ok?
Good question! Imo, it's okay. It does not get my friend into trouble and I simply want to get on the 8th floor. I don't even really want to stay there and get in the pool. I just want to prove to myself that I could get up there on my own.
So maybe I can just try to find a way to see if there's a party going on there so I don't even have to ask my friend.
reply