
Fun Hack: How to open many keypad-access doors - drusenko
http://david.weebly.com/1/post/2009/03/how-to-open-many-keypad-access-doors.html
======
brk
Cool. On a similar note, for most gated communities where there is also a
keypad (for residents or visitors) to get in, 0911 works on 90+% of them. This
is the standard "backdoor" for police/fire/EMS.

------
AndrewO
Slightly OT: I'd never seen the effect he has in his header. If anyone's
interested, I found the docs & demos on it here:
<http://webdev.stephband.info/parallax.html>

~~~
flatline
Thanks, that was by far the coolest thing about the article...

------
mixmax
This points to a much broader security problem: Default admin passwords. They
are everywhere, from elevators to routers, and it seems like 90% of devices
are just left out in the open with the default admin password.

Instead of having a default password there should be a step in the setup where
you are prompted for an admin password. Yes, there will be a lot of easily
guessable passwords, but surely it's better than a factory default.

~~~
brk
Having been involved in new products ranging from consumer electronics to
security devices, the problem with this is that people will get too creative
with their passwords, forget them, and then get mad when a factory default
loses all settings.

In my experience, it's a losing battle no matter how you approach it. Make
people specify a password, but then often times one person stages it and
another installs it, so do you make an easy password for staging it? Do you
add the overhead of making a device that enforces strong passwords? And so
on...

The closest thing to a best solution I've seen is a 2-factor system, a
passcode along with some kind of hardware dongle to default or get admin
access.

~~~
mixmax
Good points - this is obviously a hard problem that hasn't been solved.
Basically there are two opposites that both need to be fulfilled to solve the
problem: It has to be both easy and secure.

------
iuguy
For other systems throwing some fine dust or flour over the pad before someone
uses it will get you 80% there. If it's dry and someone's already used it
recently you can spot what the numbers are by brushing the dust off.

~~~
ryanmahoski
Very MacGyver. From Radio Shack parts you can build a piezo sensor circuit and
stick that on the keypad.

~~~
rman666
I think you mean, McGruber, <http://www.google.com/search?q=macgruber>

------
jamesbritt
2600 magazine had a nice article 10 years ago about default codes for many
different keypad locks (including FedEx drop-boxes). I worked in hotel
security at the time, and discovered that many of these defaults were in use
at assorted locations where I worked.

That changed.

See also:

<http://www.cirt.net/passwords>

<http://www.routerpasswords.com/>

------
unalone
Why do Weebly links provide the subdomain, but other URLs (I'm thinking
Tumblr) only show the root domain?

~~~
smanek
Because Weebly is a YC company, and PG probably hard coded in an exception for
them ;-)

------
Create
Siemens elevators have a (~n unsurprising) default code of "0000". But this is
nothing new.

<http://www.cs.virginia.edu/cs588/safecracker.pdf>

------
Mystalic
Could a company like Semtex really overlook that type of thing? I don't really
condone breaking and entering, but it kind of shows the issues with anything
protected with a password.

~~~
teej
Thye fault lies in whomever set up the system in leaving the admin password as
the default.

~~~
cdr
I would disagree - end users being lazy/unknowledgeable is something
foreseeable, so the company could do something like starting with a random
admin password or requiring that the admin password be changed before use.
Home router manufacturers seem to be doing increasingly better at this.

~~~
DougBTX
AFAIK, most (home/office) security systems are not set up by the end users.
Mine has an "engineer" code which is more powerful than the normal user code,
and in principle is not left as the default by the installer. He will in turn
charge you to come round and enter it if it is ever required.

------
gregwebs
I question whether publicly posting these discoveries on a blog is in line
with the hacker ethic. I have figured out how to open doors before, but I
didn't use it for personal gain or feel the need to brag about it.

~~~
tlrobinson
Part of the "hacker ethic" includes the notion that _information_ should be
free. How you use that information is another matter.

If it were commonly known that this default code existed it's less likely that
those who are responsible for setting up these keypads would leave the default
set.

Those wishing to exploit it are the ones who actively seek out this sort of
information.

