Exposed keys… as risky as exposed badges
Johnny’s skill in turning quick photographs into replicated credentials is well-known in the hacker world. Through covert tactics or good old social engineering, he can make a snapshot of someone’s badge and later replicate a duplicate suitable for getting him past many of the initial layers of a facility’s security.
The exact same principle can be applied, in fact, with locks and keys. Imagine this… you’re near someone else’s desk and you see their keys laying in plain view. A camera-equipped mobile phone and some pocket change is often all you need to completely compromise physical security in a big way. Believe it or not, the loose tolerances in many locks make it possible to generate copies of keys from blurry, low-res images.
You spot a keyring laying on a desk. Dig a quarter out of your pocket and place it next to the keys. Using nothing more than a cell phone camera, snap a picture of these items. There are plenty of ways to make that action next to unnoticeable. Even leaving the quarter there afterwards may not raise much suspicion. Someone may pocket it without batting an eye.
Print out this photograph. Compare it with a regular quarter to verify that you’re seeing a 1:1 size ratio. If adjustment is needed, nothing as sophisticated as Photoshop comes into play… a simple xerox machine with zoom capability can handle things.
Take a bit of metal from an aluminum beverage can… perhaps a folded segment, the double-thickness can provide added strength. Again, this is an item that wouldn’t ever look out of place at an office; many businesses have vending machines on the premises. Tape or glue the printed paper on the metal and cut the key out using the copied image as a template.
Insert the metal “key” that you have created into the lock. In this case, I’ve used a basic desk drawer / filing cabinet lock. It may take a bit of finesse and jiggling, but most locks will accept the thin can metal without much trouble. Making a small crease longitudinally down the aluminum will often help prevent it from folding or crumpling.
With a bit of jiggling and wiggling, often the lock will start to yield as wafers being to nestle into the necessary heights. Notice the black sharpie mark on the lock in the photos… the black marks line up in the “locked” position.
The marks are now quite clearly out of alignment… due to the fact that the lock is open!
Some people may not think that simple aluminum has the strength to perform this trick. When experimenting with it, people suggested I also use a torsion wrench from a pick kit to aid in rotating the plug. I didn’t need to, however. The lock opened just that easily.
So remember, attackers can duplicate your security badge after just a quick look or photo, and they can do the same thing with keys. It’s a bad idea to wear them on a belt loop, or leave them laying out on a desk, even when you’re sitting close to them. You never know who may be looking over your shoulder.
