Physical Security Intro Tryhackme Writeup
By Shamsher khna This is a Writeup of Tryhackme room “Physical Security Intro”
Room link: https://tryhackme.com/room/physicalsecurityintro
Task 1. Introduction
Learn the basics of physical security
A lot of times physical security is overlooked during red team engagements. Sure, it’s not as popular as cyber security, however having some basic knowledge of lock picking and bypasses are an important tool to have in your repertoire.
Below are some great videos that are a perfect introduction to physical security. If you have a basic knowledge of physical security already, you might be able to breeze through the room, however if you don’t, these videos will be one of the best introductions you could get.
I’ll Let Myself In: Tactics of Physical Pen Testers — Deviant Ollam
Video used with permission of Deviant Ollam
The Right Way To Do Wrong — Patrick McNeil
Video used with permission of Patrick McNeil
Task 2. Overt, Covert, and Surreptitious Entry
Learn the different methods of entry
Overt entry is when the method of entry causes damage or destruction. This could be damage or destruction to locks, doors, windows, walls or other objects.
Covert entry is usually undetectable to un-trained people. However, during a forensic investigation by trained professionals, the method of entry would be discovered.
Surreptitious entry is when the method of entry is undetectable to both un-trained and trained people. This method would most likely go unnoticed even during a forensic investigation.
For the questions below, we will use a multiple choice format. When answering, use the number next to the answer as your submitted answer.
- Overt
- Covert
- Surreptitious
Question 1. Using an angle grinder to cut a lock open is what type of entry?
Answer: 1
Question 2. Lock picking could be considered what type of entry?
Answer: 2
Question 3. Lock bypassing can be considered what type of entry?
Answer: 2
Question 4. Taking a photo of a key, decoding it and duplicating it can be considered what type of entry?
Answer: 3
Question 5. Determining the combination of a safe through surveillance can be considered what type of entry?
Answer: 3
Question 6. Breaking a window to gain entry can be considered what type of entry?
Answer: 1
Task 3. Lock Picking
Show that you have the basic knowledge of lock picking
Answer the questions below. If you are struggling with the questions, go back to the videos in the introduction. If you are still struggling, a quick Google search will help you answer the questions.
Question 1. What is the name of the tool which is used to apply torque to the core of a lock when picking?
Answer: Tension Wrench
Question 2. What is the term used for picking a single pin at a time?
Answer: Single Pin Picking
Question 3. What is the abbreviation commonly used to reference the above answer?
Answer: SPP
Question 4. What is the term used when you try to randomly set pins?
Answer: Raking
Question 5. This type of lock is typically cheap, low quality, and found on low security applications such as office desk cabinets.
Answer: Wafer Lock
Question 6. This type of pick profile is usually used when single pin picking.
Answer: Hook
Question 7. When single pin picking, this term refers to when you feel like you have set a pin and the core rotates slightly
Answer: False Set
Question 8. This type of security driver pin gives several clicks as it is being picked.
Answer: Serrated
Task 4. Lock Anatomy
Show that you have a basic understanding of a locks anatomy
There are many different types of locks, but below we will cover some of the more common locks such as pin tumbler locks. Some questions below work for more than just pin tumblers, but they usually cover a part of the lock that doesn’t have to do with the keyway.
Question 1. What is the interface between the two pins in a pin stack referred to as?
Answer: Shear Line
Question 2. What are the pins on the bottom half of a pin stack referred to as? (you don’t have to enter the word pin in the answer)
Answer: Key
Question 3. What are the pins on the top half of a pin stack referred to as? (you don’t have to enter the word pin in the answer)
Answer: Driver
Question 4. What non-shimmable elements do padlocks use to keep the shackle in place?
Answer: Ball Bearings
Question 5. What is the piece that allows locking lugs to retract when the core is turned?
Answer: Actuator
Question 6. What piece of a standard door latch should remain completely depressed when the door is closed to prevent loiding/slipping of the latch?
Answer: Dead latch
Question 7. What is the locking mechanism that has a bolt which protrudes into the frame of the door preventing it from opening?
Answer: Deadbolt
Task 5. Padlock Bypassing
Show that you have a basic knowledge of bypassing padlocks
Padlocks are a common security feature in many places. Have a basic knowledge of padlock bypassing can get you into server cages, lockers and more.
Question 1. A lock which is unshielded is susceptible to what bypass tool?
Answer: Knife
Question 2. A lock which has spring loaded locking lugs rather than ball bearings can be bypassed with what tool?
Answer: Shim
Question 3. Combination locks such as the Masterlock 5400D are susceptible to a bypass which reveals the combination What is this method known as?
Answer: Decoding
Question 4. The Masterlock 175 is infamous for its ability to be bypassed using what type of bypass?
Answer: Mini Knife
Question 5. What bypass method uses a key cut to the lowest depths and kinetic energy to bounce the driver pins above the shear line and allow a lock to be opened?
Answer: Bumping
Question 6. Locks which have spring loaded locking lugs can be opened by tapping a hammer on the side of the lock. What is this attack method called?
Answer: Rapping
Question 7. What type of pick takes advantage of lazy manufacturing practices by lifting all the key pins and driver pins above the shear line to bypass a lock?
Answer: Comb
Question 8. What tools can be wiggled inside the keyway of wafer locks to roughly simulate the biting of the key and open the lock?
Answer: Jiggler
Task 6. Hardware Bypassing
Show your know some basic hardware bypasses
Physical security isn’t all about lock picking. Sometimes there are easier and more creative ways to get a door open.
Question 1. What tool is used to reach under a door and actuate a handle from the interior?
Answer: Under The Door Tool
Question 2. What tool can be used to bypass a set of double doors which have a crash bar on the secure side?
Answer: Double Door Tool
Question 3. What item can be used to widen the gaps between doors and door frames or between double doors to allow for other bypass tools to be used? This tool is also common for automobile entry.
Answer: Air Wedge
Question 4. An improperly hung door which opens away from you can be bypassed using this type of tool?
Answer: Shim
Question 5. An improperly hung door which opens away from you can be bypassed using this type of tool?
Answer: traveler hook
Question 6. What type of material can be used to go over the door to grab the secure side handles when an under the door tool is not able to be used?
Answer: Film
Question 7. Canned air can be used to bypass what type of door controller hardware?
Answer: REX sensor
Question 8. Adams Rite hardware fixtures are susceptible to a bypass where a wire is snaked through the keyway and actuates the locking mechanism behind it, what could prevent this bypass?
Answer: shielding
You can find me on:
LinkedIn:- https://www.linkedin.com/in/shamsher-khan-651a35162/
Twitter:- https://twitter.com/shamsherkhannn
Tryhackme:- https://tryhackme.com/p/Shamsher
and thank you for taking the time to read my walkthrough.
If you found it helpful, please hit the 👏 button 👏 (up to 40x) and share
it to help others with similar interests! + Feedback is always welcome!
For more walkthroughs stay tuned…
Before you go…
Visit my other walkthrough’s:-
