All in Fieldcraft

Big, expensive, digital lock defeated by an old credit card and a spring.

Red Teams
Fieldcraft, Physical

A few years back, a customer asked us to test their newly installed (and very expensive) surveillance and security system. The products promised them an automated system that was so secure they wouldn’t have to place a security guard there.

After some recon we discovered that while the entrance was guarded by a very secure keypad + access card combination lock, the inside had an automated “unlock” sensor so if anyone wanted to come out, the door would unlock from the inside.

After some careful review of the pictures we took we found out that the top and bottom of the doors were not sealed tight against the floor, we could see a tiny bit of light from there (we took the pictures with a high resolution night capable camera). A plan was set in motion.

We arrived, we approached the door and we remove the piece of gear that would, hopefully, allow us to bypass the very secure lock: a old credit card.

We slid the old credit card under the door and… nothing.


The AA

Red Teams
Fieldcraft, Digital, Red Teams

​On a rather interesting project, I spent an hour trying to convince the assistant of a CEO (the AA) I was targeting  to open a PDF that contained important information that I needed the CEO to consider. It was important to me that she open it while I was on the phone because I needed to verify that I had a connection to their network via the code I embedded in the weaponized PDF. 

She wouldn’t have it. She kept on saying that she would open it later when she was free. Not good. Eventually she got tired of me (I was using every trick in the book to convince her!) and she said: “Fine! I’ll open it.”

Using red teams to track criminals

Red Teams
Fieldcraft, Digital, Red Teams

​The use of hacking (I hate the *ethical hacking* name) techniques can be used for more than penetration testing and red team assessments. In one occasion, my team helped a law enforcement agency in the collection of information that lead to the capture of a criminal.

The owner of a company contacted the authorities about a former employee that took with him very sensitive and valuable proprietary information. They have some proof of it and were hoping the authorities could help locating and acquiring the proof he needed to take this person to court.  

After a few months of not going anywhere the company contacted us to see whether we could help the law enforcement officials locate and track the former employee (I'll refer to him as Bob). We were given all the information, including some really nice open source intelligence collected by the good guys. Two pieces of information gave us a good lead: Bob's personal email and his social media information.

Detecting potential threats like a sniper

Red Teams
Fieldcraft

​This is an idea I've been playing with for a while. It's still under development, but the basic technique is similar to the one snipers use to search and detect targets.

One of the skills we learned at the scout/sniper school was the detection of targets. We would lay on our bellies and try to find hidden objects that the instructors placed in the field via the use of scopes. We also needed to detect an instructor acting like a sniper.  

All the objects (or potential threats) were hidden in a large piece of land, some close and some far. It would have been almost impossible to randomly start scanning for the targets in such a large area, so a simple technique was used: begin scanning with the naked eye for objects near and from left to right, then move a bit farther from right to left, etc. Once you get to a point where the naked eye is not good anymore, use a scope.  

Essentially you create a grid on the area where you move from close to far and from left to right and scan each sector for a potential threat, then you log everything you see.


Digital Drones

Red Teams
Digital, Fieldcraft

​There has been a lot of talk about drones lately. There is no doubt that they are a valuable asset in the current war and they will most likely have a central role on upcoming wars.

But there is another kind of drone. The digital counterpart.

Digital drones are sophisticated little programs that hackers and security penetration testers have been using for years to recon their targets, to collect information, to download and upload malicious or utility code, to control the remote system or to attack it. They can also deliver a payload, execute it and self destroy.  

This is not new, we've been using these kind of programs to attack/recon since the 90s, however due to the increase support for more intelligent interfaces on operating systems, the drones too have gotten more intelligent and capable through the years.

Load More