Onity Door Lock Hack

A black hat hacker has unveiled a method that allows a fairly simple hardware gadget to unlock door locks manufactured by onity.

Onity door lock hack.

At the black hat security conference yesterday a hacker named cody brocious a mozilla software developer demonstrated how someone could gain instant untraceable access to millions of hotel rooms protected by key card locks made by onity. Every single onity key card lock has a dc power socket on the base. On one of our engagements we figured an onity hotel door unlocker would be useful to us. Why 100 s of thousands of tourists are vulnerable to theft of worse.

Approximately ten million onity ht locks are installed in hotels worldwide. It reinforced the warning sound by cody brocious when he presented the exploitat. It takes approximately 200 milliseconds from the time an attacker plugs the device in until the. Inspired by the james bond type setup we saw on the spiderlabs blog post we thought we de try to build a small simple and tsa friendly version of the onity key unlocker.

This accounts for over half of all the installed hotel locks and can be found in approximately a third of all hotels. Connecting a 9v battery with the wrong polarity to an arduino mini pro will make pretty sparks. Mozilla software developer cody brocious recently discovered two. Six years ago by contrast a security researcher published the code necessary to exploit a glaring vulnerability in widely used onity keycard locks on the web.

How the onity lock system is designed. That hack used an arduino compatible chip inside of a dry erase markeras an end run around the lock s electronics.