A scantily-clad Chinese hacker has released the source files for a pair of 3D-printed shoes useful for smuggling hacking gear across business borders.
Posted on Reddit and Imgur, a hacker under the name 'SexyCyborg' revealed a photo gallery and step-by-step guide to creating a pair of 3D-printed high heels suitable for smuggling hacking tools into corporate buildings.
Many businesses will insist that guests leave smartphones and bags at the gate. However, the black platform shoes have compartments suitable for carrying penetration testing and sniffing kits.
Developed with the help of a 3D printer, the "Wu Ying Shoes," meaning "shadowless" from folk hero Wong Fei Hung's shadowless kick, act as a means to "distract the target with my upper body and they don't see the real danger on my feet," according to the Chinese hacker.
Each shoe has a drawer which can be slid out without the shoes being taken off. These compartments can contain various payloads, such as malicious flash drives and a penetration testing drop box.
For the purposes of testing, the hacker included a wireless router running OpenWRT with a rechargeable battery which could be left running inside the shoe for purposes such as Wi-Fi sniffing or logging, or could also be connected to an open network jack inside the building. This then gives attackers the option to potentially gain remote access via SSH tunnel.
The hacker commented:
"Installing OpenWRT on the TL-MR10U is just like upgrading the firmware on any router. It's two links and a button -- nothing to it. There's a lot of different software you can run once you have OpenWRT flashed.
This router may-or-may-not be running a custom version of Wispi for the TP-Link TL-MR10U because if it was it would probably be illegal in China so maybe it's not. But if it was I could run Jasager/Karma which lets you can fake being a friendly/known Wi-Fi access point and set up a fake login page to capture passwords, among other cool tricks. Wispi also has a few other handy utilities."
In the other shoe, the hacker included a USB keystroke recorder, retractable ethernet cable, and a basic lock pick.
Before this project is dismissed as a potential attention-seeking episode, she does have a point to make. Social engineering is a sure-fire way to gain entry into a secure building -- whether through uniforms, an official manner or by acting the casual, unshaven IT hound.
I remember one scenario in which a business owner challenged a security professional to steal credentials on a server. After discovering entry across the Web was difficult, the security professional simply acted as the resident IT man, walked into the office belonging to his challenger, and sauntered out with it.
While this tactic is often successful, this doesn't mean you can easily smuggle your kit in with you, and discovery may arouse suspicions.
Therefore, despite the way the project has been displayed, the use of clothing as a means to attack companies is an interesting and novel way to approach the challenge. Networks which trade zero-day vulnerabilities between groups, stolen data sales across the Dark Web and high-profile attacks are becoming commonplace -- and as some businesses begin to take security more seriously from the ground up, we should expect physical access tactics to also evolve in sophistication.
For the enterprise, this means that investment and training should not focus exclusively on Internet-based threats, but gatekeepers who control access to buildings must also be trained in how to detect suspicious activities, social engineering and perhaps even clothing which doesn't fit the mould.
The shoe designs can be downloaded under an open-source license here.
Top 5 security practices in staying safe online: From the experts