Physical Penetration Testing
Redacted from Walter Belgers's SHA2017 talk:
http://bit.ly/2x6jIn3
- no code
- no CVE
- no framework
- no buffer overflow
- no asm
- no ebuild
only tricks!
Disclaimer
Data protection
IT Security vs Physical Security
Hack a Data Center
Step 1
Break into
"Problem"
A door without external handle (i.e. emergency exit)
Solution
Under the door tool
Solution
"Problem"
A door without an handle (i.e. door knob)
Solution
A door without an handle (i.e. door knob)
"Problem"
A door with a block device
Solution
"Problem"
A door with a [block]chain :D
Solution 1/2
Solution 2/2
Problem
for real...
""Problem""
An unlocked door with a hole
""Problem""
An unlocked door with a hole
"Problem"
A vasistas windows half opened
Solution
This thing...
Solution
in action
Brute-force
Exploit physical weakness: lock snapping
Brute-force
Exploit physical weakness
Lockpicking
next time.....
"Problem"
Sliding door with enter only validation
Solution?
What would yo do?