Blog: Internet Of Things

Stupidly insecure electronic / RFID door lock

consultant-placeholder10 Ken Munro 19 Aug 2016

It’s Friday, so here’s probably the least secure electronic door lock we’ve ever seen, as demonstrated at Infosec this year.


Bought from Amazon for about £10, complete with RFID key fobs.

Opening the door lock, method 1

First, the fascia is held in place with one screw. If it’s not a tamper proof screw, then a few seconds with a screwdriver and some security bits and you have access to the back of the plate and the terminals.


Short PUSH to GND and the electronic lock unlocks.


You can also prize the fascia off with a screwdriver if you can’t get the screw out.


Opening the door lock, method 2

Hit the reset button instead

That resets the PIN to 99019901. Enter PIN, unlock door, walk in.

Yes, seriously

This was beyond easy, so we’ve also written up an attack against the RFID side of the lock too. That’s for next Friday!