Blog: Internet Of Things
Stupidly insecure electronic / RFID door lock
It’s Friday, so here’s probably the least secure electronic door lock we’ve ever seen, as demonstrated at Infosec this year.
Bought from Amazon for about £10, complete with RFID key fobs.
Opening the door lock, method 1
First, the fascia is held in place with one screw. If it’s not a tamper proof screw, then a few seconds with a screwdriver and some security bits and you have access to the back of the plate and the terminals.
Short PUSH to GND and the electronic lock unlocks.
You can also prize the fascia off with a screwdriver if you can’t get the screw out.
Opening the door lock, method 2
Hit the reset button instead
That resets the PIN to 99019901. Enter PIN, unlock door, walk in.
This was beyond easy, so we’ve also written up an attack against the RFID side of the lock too. That’s for next Friday!