ebook img

Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks PDF

329 Pages·2012·8.57 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks

Keys to the Kingdom Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks Deviant Ollam Shane Lawson, Technical Editor Table of Contents Cover image Title page Copyright Dedication Author’s Note About the Author About the Technical Editor Chapter 1. Impressioning The Mechanics of Pin Tumbler Locks What is Impressioning? Why Choose Impressioning? How Impressioning Works Tips and Tricks Open! Locks That Resist Impressioning Training Aids and Exercises Summary Chapter 2. Soft Medium Attacks Foil Keys Wax Keys Mold-and-Cast Attacks Summary Chapter 3. Master-Keyed Systems Introduction How Master-Keying Works Attacking Master-Keyed Systems Other Methods of Master Key Compromise Defending Against This Attack Maison-Keying Summary Chapter 4. Bump Keys Introduction Snapping Attacks Bump Keys Summary Chapter 5. Overlifting Introduction Rear Shimming Overlifting Wafers Overlifting Pins Summary Chapter 6. Skeleton Keys Introduction Warded Locks Simple Skeleton Keys More Complicated Skeleton Keys Warded Picks Types of Warded Locks Summary Chapter 7. SmartKey Attacks Introduction The Kwikset SmartKey System Decoding SmartKey Locks Summary Chapter 8. Don’t Let Your Keys Talk to Strangers Introduction Key Decoding Key Photographing Making Keys Resistant to Decoding One More Trick Up Your Sleeve Summary Index Copyright Acquiring Editor: Chris Katsaropoulos Development Editor: Heather Scherer Project Manager: Paul Gottehrer Designer: Alisa Andreola Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA © 2012 Elsevier, Inc. All rights reserved No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data Application submitted British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library ISBN: 978-1-59749983-5 Printed in the United States of America For information on all Syngress publications visit our website at http://store.elsevier.com 12 13 14 15 16 10 9 8 7 6 5 4 3 2 1 Dedication to Daisy Do what you will, always. Walk where you like, your steps. Do as you please… I’ll back you up. Author’s Note This book was written over the course of six weeks, during which time I sat at my desk wearing my battered Navy watch cap alternately drinking bourbon and jasmine tea, as the same huge playlist repeated over and over and over again full of songs from Girlyman, Deadmau5, Gillian Welch, and the Ramones. Without the love and support from my exceptional mother and father I would have never been in a position to do any of this wonderful exploration and research, nor would I have learned how to find words within myself to put upon these pages. Thank you to Chris Katsaropoulos, Heather Sherer, Audrey Doyle, Paul Gottehrer, and everyone else at Syngress who was involved on this project. I always seem to choose very adventurous writing schedules and it’s a miracle that we all can keep up with the deadlines. Special thanks to Shane Lawson for choosing to take on the role of Tech Editor a second time… he keeps me from looking too foolish and for that I am ever- grateful. I must take a moment and offer my thanks and praise to all of the new TOOOL chapters which have been emerging across the United States and elsewhere. It’s a remarkable inspiration to see all of this interest developing and to have so many new faces appear at TOOOL events. I could not possibly recognize and honor all of the people responsible, but I hope it will be sufficient to say that we all owe the new leadership of the chapters in Chicago, Detroit, Des Moines, Jacksonville, Kansas City, New York, Portland, Reno, Rochester, and Montréal a big hand. They, along with the old guard in places like Philadelphia, Princeton, Boston, Ann Arbor, Baltimore, and the San Francisco Bay Area, consistently help TOOOL to grow and reach more people and touch more lives. TOOOL would like to thank all of the other sporting, hobbyist, and amateur lockpicking groups who help to spread knowledge and build interest in this fascinating field. SSDeV, LI, FALE, and the FOOLS are full of wonderful people who love to teach and have fun. An extra special thanks goes to Valanx, Dosman, and the rest of the FOOLS for reminding us to not be so serious, even when we have something serious to say. Thank you to Barry Wels, Jos Weyers, Dennis van Zuijlekom, dosman, datagram, and Patrick Thomas for your terrific photos and friendship. I must thank my roommates Babak Javadi and Andrew Righter for their support and understanding during this and all of my other projects. They are incredibly considerate whenever I must sequester myself in my office for 18-hour days without joining in to cook house dinners and they are always supportive of my busy travel schedule, showing a willingness to feed and look after my cats while I am away. (They have also shown unbelievably tolerance when these felines act up or pee on something that they shouldn’t!) Thank you to Dark Tangent for first suggesting that I turn my lockpicking content into training course, and to Ping Look and everyone else who works tirelessly so that Black Hat can keep ticking along. Extra special thanks to Bruce and Heidi for ShmooCon, where I gave my very first public lecture about lockpicking. You and all those who put in the monumental effort every year are the reason ShmooCon remains my favorite conference to this day. I also must give a terrific shout-out to the organizers of other

Description:
Lockpicking has become a popular topic with many in the security community. While many have chosen to learn the fine art of opening locks without keys, few people explore the fascinating methods of attack that are possible WITH keys. Keys to the Kingdom addresses the topics of impressioning, master
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.