Submit Search
Upload
DEF CON 27 - BILL GRAYDON - restricted keys
•
0 likes
•
59 views
Felipe Prado
Follow
DEF CON 27 - BILL GRAYDON - restricted keys
Read less
Read more
Technology
Report
Share
Report
Share
1 of 97
Download now
Download to read offline
Recommended
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
Felipe Prado
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
Felipe Prado
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got ants
Felipe Prado
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryption
Felipe Prado
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
Felipe Prado
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a government
Felipe Prado
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
Felipe Prado
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
Felipe Prado
Recommended
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
Felipe Prado
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
Felipe Prado
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got ants
Felipe Prado
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryption
Felipe Prado
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
Felipe Prado
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a government
Felipe Prado
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
Felipe Prado
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
Felipe Prado
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
Felipe Prado
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
Felipe Prado
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
Felipe Prado
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
Felipe Prado
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
Felipe Prado
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
Felipe Prado
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
Felipe Prado
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
Felipe Prado
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
Felipe Prado
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Felipe Prado
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
Felipe Prado
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
Felipe Prado
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Felipe Prado
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
Felipe Prado
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
Felipe Prado
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
Felipe Prado
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
Felipe Prado
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
Felipe Prado
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
Felipe Prado
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
Felipe Prado
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Neo4j
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
More Related Content
More from Felipe Prado
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
Felipe Prado
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
Felipe Prado
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
Felipe Prado
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
Felipe Prado
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
Felipe Prado
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
Felipe Prado
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
Felipe Prado
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
Felipe Prado
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
Felipe Prado
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
Felipe Prado
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
Felipe Prado
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
Felipe Prado
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
Felipe Prado
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
Felipe Prado
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
Felipe Prado
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
Felipe Prado
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
Felipe Prado
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
Felipe Prado
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
Felipe Prado
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
Felipe Prado
More from Felipe Prado
(20)
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
DEF CON 23 - Zack Allen and Rusty Bower - malware in gaming
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
DEF CON 23 - Yaniv Balmas and Lior Oppenheim - key logger-video mouse
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
DEF CON 23 - Yan Shoshitaishvili - fish wang angry hacking
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
DEF CON 23 - Xntrik - hooked browser meshed networks with webRTC and BeEF
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Weston Hecker - goodbye memory scraping malware
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
Recently uploaded
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Neo4j
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Neo4j
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
soniya singh
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
null - The Open Security Community
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
The transition to renewables in India.pdf
The transition to renewables in India.pdf
Competition Advisory Services (India) LLP
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
BookNet Canada
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
null - The Open Security Community
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
Recently uploaded
(20)
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
The transition to renewables in India.pdf
The transition to renewables in India.pdf
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
DEF CON 27 - BILL GRAYDON - restricted keys
1.
Duplicating Restricted Keys Billy
& Bobby Graydon
2.
Outline 1. Keyways 2. Other
Stuff
3.
How keys work
4.
How Key Cutting
works
5.
How keyways work
6.
7.
8.
9.
3D Printing
10.
11.
The Old Approach
to Keyway Research
12.
Our Approach to
Keyway Research
13.
14.
C: E: F:
∩: ∪:
15.
16.
17.
18.
BEST A Bump
Key
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
Pic of CPC
arrow press dies
30.
31.
Pic of pressed
CPC blanks
32.
33.
34.
35.
36.
37.
38.
39.
40.
Medeco Press
41.
42.
43.
Lost Lock... + + =
44.
Lost Lock... + + =
45.
46.
Lost Lock... + + =
47.
48.
49.
M3 Blank Manufacturing
50.
m3 Variations
51.
Master m3 Keyway
52.
53.
54.
55.
56.
M3 Cut on
M19, working
57.
58.
Photographing a Lock →
59.
60.
Measuring the Key
61.
62.
Photographing the Key
63.
Milling Marks -
Shallow Slope Gives Precision rD G
64.
65.
Outline 1. Keyways 2. Other
Stuff a. Sidewinder Keys b. Primus c. Assa d. Medeco Angled Cuts e. Dimple Locks, Mul-T-Lock f. Interactive Components, Mul-T-Lock g. Disc Detainer Locks, Abloy h. Patents i. Duplication Authorisation Cards
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
MT5 Patent =
No ebay blanks
85.
86.
Outline 1. Keyways 2. Other
Stuff 3. Bonus! Remediation
87.
Lost Lock =
Lost GMK =
88.
Sectional keyways - great
as an extra security control. Bad as the only one.
89.
Restricted keyways - great
as an extra security control. Bad as the only one.
90.
“physical keys are
dead hurr durr”
91.
“physical keys are
dead hurr durr”
92.
Understand your threat
model.
93.
94.
95.
4N6
96.
Microscopy
97.
Questions! b.graydon@ggrsecurity.com r.graydon@ggrsecurity.com
Download now