Dealing with ID badges

Yesterday I was having lunch with a friend and he asked me how do we deal with the ID badges. He was referring to the proximity badges, the ones with the RFID chip inside. I answered with the things we do to take care of this and I thought it'd be a good thing to post it here as well.

Ideally you would like access to a badge. This way you can duplicate it with a simple RFID copier and you can take closeup pictures and create a good fake as well. Having access to the badge is not always easy to do. So, we can do different things:

  • We can track an employee of the company that hired us and try to grab the badge from his/her car, or some other way, dup it and return it, or
  • We can take pictures during the recon phase and just duplicate them but without the actual RFID chip in it

The first technique is better because we can really walk into the building playing the part and have a working badge ID that we can use. The second technique is less preferable but we can still play with it: you just create the fake badge as closed to the real thing, wear your best suit and enter the building, then pretend the badge is not working. In the morning, when a lot of people enter, chances are someone will open the door for you upon seeing the badge that looks legit.

Based on experience either technique is good. Of course sometimes you don't have this luxury and, well, you have to think outside the box.

The Original 12 Explained

Great quote