Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks
4.5/5
()
About this ebook
Lockpicking has become a popular topic with many in the security community. While many have chosen to learn the fine art of opening locks without keys, few people explore the fascinating methods of attack that are possible WITH keys. Keys to the Kingdom addresses the topics of impressioning, master key escalation, skeleton keys, and bumping attacks that go well beyond any treatment of these topics in the author’s previous book, Practical Lock Picking.
This material is all new and focuses on locks currently in use as well as ones that have recently emerged on the market. Hackers and pen testers or persons tasked with defending their infrastructure and property from invasion will find these techniques uniquely valuable. As with Deviant Ollam’s previous book, Practical Lock Picking, Keys to the Kingdom includes full-color versions of all diagrams and photographs. Check out the companion website which includes instructional videos that provide readers with a full-on training seminar from the author.
- Excellent companion to Deviant Ollam’s Practical Lock Picking
- Understand the typical failings of common security hardware in order to avoid these weaknesses
- Learn advanced methods of physical attack in order to be more successful with penetration testing
- Detailed full-color photos in the book make learning easy, and companion website is filled with invalualble training videos from Dev!
Deviant Ollam
Deviant Ollam's first and strongest love has always been teaching. A graduate of the New Jersey Institute of Technology's Science, Technology, and Society program, he is always fascinated by the interplay that connects human values and social trends to developments in the technical world. While earning his BS degree at NJIT, Deviant also completed the History degree program federated between that institution and Rutgers University. While paying the bills as a security auditor and penetration testing consultant with The CORE Group, Deviant is also a member of the Board of Directors of the U.S. division of TOOOL, The Open Organisation Of Lockpickers. Every year at DEFCON and ShmooCon, Deviant runs the Lockpick Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point. His favorite Amendments to the U.S. Constitution are, in no particular order, the 1st, 2nd, 9th, and 10th.
Related to Keys to the Kingdom
Related ebooks
The Fine Art of Getting Even Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 4 out of 5 stars4/5High-Security Mechanical Locks: An Encyclopedic Reference Rating: 5 out of 5 stars5/5Locksmithing, Second Edition Rating: 0 out of 5 stars0 ratingsLow Tech Hacking: Street Smarts for Security Professionals Rating: 4 out of 5 stars4/5The Complete Book of Locks and Locksmithing, Seventh Edition Rating: 3 out of 5 stars3/5No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing Rating: 4 out of 5 stars4/5The CIA Lockpicking Manual Rating: 5 out of 5 stars5/5Penetration Tester's Open Source Toolkit Rating: 4 out of 5 stars4/5Unauthorised Access: Physical Penetration Testing For IT Security Teams Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar: Hacking the Planet, #1 Rating: 5 out of 5 stars5/5How I Rob Banks: And Other Such Places Rating: 0 out of 5 stars0 ratingsHardware Hacking: Have Fun while Voiding your Warranty Rating: 5 out of 5 stars5/5Burp Suite A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsLocksmith and Security Professionals' Exam Study Guide Rating: 0 out of 5 stars0 ratingsThe Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Metasploit Bootcamp Rating: 5 out of 5 stars5/5The Book of Bad:: Stuff You Should Know Unless You’re a Pussy Rating: 4 out of 5 stars4/5Nmap 6: Network Exploration and Security Auditing Cookbook Rating: 0 out of 5 stars0 ratingsThe Pretext Playbook: Instruction Manual for Intentional Misleading Fabrication Rating: 5 out of 5 stars5/5Social Engineering Penetration Testing: Executing Social Engineering Pen Tests, Assessments and Defense Rating: 0 out of 5 stars0 ratingsReversing: Secrets of Reverse Engineering Rating: 4 out of 5 stars4/5Kali Linux Cookbook Rating: 4 out of 5 stars4/5Kali Linux Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsMobile Device Exploitation Cookbook Rating: 0 out of 5 stars0 ratingsBlackhatonomics: An Inside Look at the Economics of Cybercrime Rating: 3 out of 5 stars3/5
Business For You
Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust Rating: 4 out of 5 stars4/5Emotional Intelligence: Exploring the Most Powerful Intelligence Ever Discovered Rating: 5 out of 5 stars5/5The Intelligent Investor, Rev. Ed: The Definitive Book on Value Investing Rating: 4 out of 5 stars4/5Your Next Five Moves: Master the Art of Business Strategy Rating: 5 out of 5 stars5/5Crucial Conversations Tools for Talking When Stakes Are High, Second Edition Rating: 4 out of 5 stars4/5Carol Dweck's Mindset The New Psychology of Success: Summary and Analysis Rating: 4 out of 5 stars4/5The Richest Man in Babylon: The most inspiring book on wealth ever written Rating: 5 out of 5 stars5/5The Everything Guide To Being A Paralegal: Winning Secrets to a Successful Career! Rating: 5 out of 5 stars5/5Becoming Bulletproof: Protect Yourself, Read People, Influence Situations, and Live Fearlessly Rating: 4 out of 5 stars4/5Summary of Tiffany Aliche's Get Good with Money Rating: 4 out of 5 stars4/5Tools Of Titans: The Tactics, Routines, and Habits of Billionaires, Icons, and World-Class Performers Rating: 4 out of 5 stars4/5Leadership and Self-Deception: Getting out of the Box Rating: 4 out of 5 stars4/5The Book of Beautiful Questions: The Powerful Questions That Will Help You Decide, Create, Connect, and Lead Rating: 4 out of 5 stars4/5Confessions of an Economic Hit Man, 3rd Edition Rating: 5 out of 5 stars5/5Crucial Conversations: Tools for Talking When Stakes are High, Third Edition Rating: 4 out of 5 stars4/5The Catalyst: How to Change Anyone's Mind Rating: 4 out of 5 stars4/5The Five Dysfunctions of a Team: A Leadership Fable, 20th Anniversary Edition Rating: 4 out of 5 stars4/5Buy, Rehab, Rent, Refinance, Repeat: The BRRRR Rental Property Investment Strategy Made Simple Rating: 5 out of 5 stars5/5Just Listen: Discover the Secret to Getting Through to Absolutely Anyone Rating: 4 out of 5 stars4/5Capitalism and Freedom Rating: 4 out of 5 stars4/5The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers Rating: 4 out of 5 stars4/5How to Get Ideas Rating: 5 out of 5 stars5/5Set for Life: An All-Out Approach to Early Financial Freedom Rating: 4 out of 5 stars4/5Nickel and Dimed: On (Not) Getting By in America Rating: 4 out of 5 stars4/5
Reviews for Keys to the Kingdom
6 ratings1 review
- Rating: 5 out of 5 stars5/5Very informative, very well explained with no ambiguity. I hope to get a chance to buy Deviant a whiskey some day even in his writing he comes off as a super nice guy.
Book preview
Keys to the Kingdom - Deviant Ollam
years.
Chapter 1
Impressioning
Chapter Outline
The Mechanics of Pin Tumbler Locks
What Is Impressioning?
Why Choose Impressioning?
How Impressioning Works
Tips and Tricks
Open!
Locks That Resist Impressioning
Training Aids and Exercises
Summary
A topic that has generated great interest and discussion among lock pickers and penetration testers in recent years is the tactic of impressioning. Of course, like many exciting trends that capture the attention of the security industry, impressioning is not brand new. As is the case with most lock-opening methods, this has been a skill in the arsenal of locksmiths and covert operatives for some time… however, precious little has been written or reported about it publicly. Only in recent years has the topic of impressioning received increased focus at security conferences and locksport competitions.
As you will soon see, there is legitimate reason to be excited about impressioning. Not only is the tactic very covert—at least outwardly—but if it is completed properly, you will have essentially compromised your target lock for good. A successful lock picking attack means you have opened the lock in that particular instance. A successful impressioning attack means that you have opened the lock in perpetuity.
The Mechanics of Pin Tumbler Locks
Although many of you are likely already familiar with the means by which mechanical locks function, it would be appropriate to give a brief overview of such facts here, to ensure that all readers are comfortable with this concept and to introduce the style of diagrams that I like to use in all of my instructional materials which pertain to locks.
The style of lock with which the majority of people are most acquainted is the pin tumbler design. I realize that many of you may already be familiar with this hardware (indeed, diagrams and photographs of all shapes and sizes abound on the Internet and in other printed works), but I feel it would be proper to review this mechanism briefly, in order to guarantee that all readers understand how it functions and how it can be exploited.
The pin tumbler mechanism is one of the oldest lock designs in existence and is still widely used today. It consists of a round component referred to as a plug which rotates in order to engage or move some additional mechanism (such as a latch or cam or tailpiece connected to the rear side of the plug). When the lock is at rest, the plug is blocked from rotating by means of pins. These pins are installed in such a way as to prevent turning of the plug. Only if the pins are moved to a precise position (usually by inserting the correct key into the lock) can the plug become unobstructed and free to move.
The basic diagram that I like to use in all of my instruction about locks can be seen in Figure 1.1. This is an image of a pin tumbler lock, seen from both a forward-facing perspective (on the left side of this diagram) and from a side-view perspective (on the right side of this diagram). In this image, the plug referred to above is shown in a rather bright shade of yellow. The plug is situated in the housing, which in my diagrams is shown in a pale beige hue. The pins which prevent (or allow) the plug to turn appear in two varieties: key pins (shown in red) and driver pins (shown in blue) and they are acted upon by springs installed in each pin chamber. As you can see in Figure 1.1, when the lock is at rest it is the driver pins which obstruct the plug’s movement.
Figure 1.1 Here we see all the basic components of a pin tumbler lock. The plug, the housing, the pins, and the springs… most of the locks which we use every day consist of little more than these simple pieces.
Pin tumbler lock operation
When a user inserts the proper key into a lock, the key pins ride along the edge of the key’s blade (see Figure 1.2). The blade travels into the lock until the key comes to rest either by its tip encountering the rear of the keyway or by the key’s shoulder coming to rest on the front face of the lock. Locks that function in this manner are called tip-stopped or shoulder-stopped, respectively.
Figure 1.2 A key being inserted into a pin tumbler lock. Its blade moves the pin stacks as it rides against them.
When the proper key has been fully inserted into a lock, a unique phenomenon can be observed… all of the pin stacks will have been pushed into exactly the right position such that the split between the key pins and driver pins (known as the pin shear line) will be aligned across the edge of the plug. When the pin stacks are all in this perfect position, there is nothing obstructing the plug from turning. This alignment is represented in Figure 1.3.
Figure 1.3 The correct key for this lock has been fully inserted.
Let’s take a closer look at this phenomenon, without the appearance of a key in our diagrams, to ensure that everyone is fully-aware of what is taking place. Figure 1.4 shows quite clearly how all the pin stacks have now been raised to a height that will allow the plug to move freely and rotate within the housing. The key pins (shown in red) are all contained perfectly within the plug, and the driver pins (shown in blue) have all been moved completely out of the plug and are resting in the housing. If a user were attempting to operate this lock, it would turn feely, as seen in Figure 1.5.