Offensive Security Rants & Threat Actor Roleplay
25 April 2019
Hello floppy disk fanatics! Welcome to my first blog post. A few weeks ago I was browsing the l33t hacker site known as YouTube when I stumbled upon a video by the infamous hacking group known as a̶n̶o̶n̶y̶m̶o̶o̶s̶e Hak5. This video was advertising the Keysy, a tool designed by TinyLabs which can backup four RFID credentials into a keyfob or keycard. It was only seconds after viewing this video when the police kicked down my door, stole my VHS tapes, Yu-Gi-Oh deck, and my five-pound maltese named Puff.
If you didn’t know, RFID is a system to allow external access and is appealing to many because it’s essentially “keyless entry”. I don’t really understand the spooky magic of RFID systems, but after using a preinstalled tool on Kali Linux Google.com, I discovered that “simple RFID tags are described as passive. Instead of containing batteries, they work entirely by responding to the incoming radio waves from the scanner or transmitter“. From these radio waves, there is power to activate the chip, open the door, and walk the dinosaur.
So I purchased this tool online, and it gets delivered to my house in less than a week. The Internet allows for that.. Crazy right?
I’ve attached the video by Hak5 for all of you hooligans who are interested.
BUT. Something that really grinds my gears about this video is that there’s no demo of the Keysy. How am I supposed to know that this tool really works? Did Darren Kitchen pull a fast one and spend my hard earned money to escape to Tahiti?
The office that I work in has a door (amazing) and I knew if I cloned my keycard, I could waltz on into through this door. So, after getting the “okay sir” from my boss, I used the Keysy, the keyfob that came with it, and my trusty keycard.
I was unable to upload videos to Medium, and I was too lazy to upload them to YouTube individually so instead I uploaded them to Imgur. So click here to view me opening the door, or just take my word for it.
You’re totally right internet stranger. It’s really that easy to make everyone in the office feel unsafe.
I’m a college student which means I have no money to buy a Proxmark3 (the dream). Which means I buy tools that aren’t $300 and test security with them. The Keysy, as I mentioned before is only $40, and although it’s not advertised for offensive security - my video speaks for itself. It’s incredibly easy for anyone to purchase this tool, and potentially gain unauthorized access to a building.
I opened this door with permission from my boss (who’s not my official boss but that’s a story for another day). Do not purchase the Keysy, start cloning cards, and opening doors without permission. That’s illegal. You are going to get roundhouse kicked if you open the wrong door.
If you’re going to purchase the Keysy and perform testing, make sure you have authorization from the appropriate individuals. I’m not responsible for your actions, and we have to keep Peter Parker happy by listening to Uncle Ben.
Of course there are! We really want to focus on preventing cloning in the first place since that’s the cheaper option. I have some testing to do before I go in depth with spooky cryptography and faraday bags. However, while you’re twiddling your thumbs, and playing Runescape 3, waiting for your favorite hacker Parzival to put out his follow-up article on mitigation’s. You can buy an RFID blocking container such as this.