All in Red Teams

The Blind Spot and the Lock Pick

Red Teams
Physical, Fieldcraft, Rules, Red Teams

We needed to access the server room of a security company. The target was one specific server that was not accessible via the internet or their internal network. It was well protected by an air-gap and really tight access controls.  
We decided to go at it by hand: break our way into the building, find the server room and mannually disable the server as a way of saying "we were here".

Entering the building was complicated but after several days of recon we managed to come up with a plan that worked.  
Once we were inside the building we began looking for the server room. We didn't have much time, people could challenge what we were doing at any moment and while we had a cover story, it would not hold for long, especially since we didn't have time to fake the ID cards or the visitor badges. 

At the end, it was a cleaning person that pointed us to the server room. Once we arrived there, we noticed two things: there was a camera on top of the entrance (and we knew that all cameras were being monitored) and the serve room had a commond lock on the door, no ID card reader or keypad.

What?

Yes... These people invested in top of the line security but they had a simple lock on the server room.

Tailgate And An Invitation In

Red Teams
Physical, Fieldcraft, Red Teams

A few months ago we had a very interesting physical assesment of the offices of a new customer. The security director wanted to know the current state of their physical security and how aware were their employees of threats.  
This is a small startup company, but doing very interesting work in the security field themselves.  

The director told us: *you can do whatever you want and exploit any and all vulnerabilities you find. Just let me know immediately.*

The time frame was set to 2 days. So we set to work.

The first day was used for a quick onsite recon. I went into the building where the customer's offices were located, while JD scouted the perimeter.  
The main entrace was guarded only by a keycard reader and a locked door. So, I waited *on the phone* for a few minutes until a person working in the building came in and opened the door. I walk right after him, still *on the phone*. He never challenged me or asked me not to tailgate.

In the meantime, JD found that the back entrance was guarded only by a very shiny but easy to pick padlock. It had a nice sign saying 

"Restricted Area. No Unauthorized Personnel Beyond This Point". 

Load More