A big part of performing any sort of physical penetration assessment involves a little bit of social engineering. More often than not, we choose to spoof a legitimate employee or vendor to attempt to enter the facility. Now, simply saying that you are Joe Schmo from Corporate isn’t likely to get you very far. A successful tester will have to look the part, dress the part, and, getting to the topic of this blog, be able to prove they are who they claim to be. The best way to do this is by crafting a legitimate-looking identification badge for the target organization.
Here’s What You’ll Need
- The Internet
- Photo Editing Software (ie: Photoshop)
- A Badge Printer with Blanks
* for a badge printer, I’m using a Badgy 200, ranges between $600 and $800. It’s a bit pricey, but you get what you pay for with this kind of technology.
Step 1: Reconnaissance
The first (and arguably most important) step is to identify who you’re going to be and for what company you work. The key thing to remember here is that you have to impersonate someone in a set of demographics relative to your own, and that includes a wide range of data points. From the obvious like age and ethnicity to the more obscure like job and even hobbies, you have to be able to hit as many as you can. If you’re mainly knowledgeable in information technology, it wouldn’t always make sense to impersonate someone from HR and vise-versa.
Once your mark is decided, use the Internet to begin looking for employees of the target organization. Look through Facebook pages, the company’s home page, Google images, everything. Find unedited photos of people wearing company badges. Save the pictures and move on to the next step.
If you can’t find a badge, it may be time to take a trip to the target company. See if you can’t grab a picture of the badge from there. This part is crucial because you must be able to get not only the placement of everything item on the badge correctly, but also determine if there are any additional badge items (case, holder, etc.) being used. You want your finished product to be able to hold up against a fair amount of scrutiny. Another important note here is to try and get both the front and back of the badge as it’ll ultimately add to the legitimacy.
Step 2: Creation
This step requires a bit of graphic design knowledge and talent. Once you have a clear picture of the badge, if the image is straight on, you could just import the picture into your photo editing software and grab distances and colors that way. More often than not, the image will be a bit blurry or pixelated and you have to work with what you have. This is where having a graphic artist on your team can be critical to the success of an engagement.
Open the photo editing suite of your choice and begin a new project. One thing to keep in mind here is the bigger the size of your canvas is, the clearer it will be printed, so I usually start with a size of w: 2126px h: 3386px.
After that, set up some guides so that you can center things such as pictures and text. Enable the grid on your software, or enable guides set at 50% alignment.
Now, you’re going to want to get everything organized. Start by grabbing the color of the badge you have in your picture. All photo-editing software has a color clone feature, so use that. Paint the background the same color then clone the color for the text. Most companies use #000 or black, but some use something else. Best bet is to clone the color.
Next, make sure you grab the logo for the company. This can easily be found on their website or through a Google Image search. Add that to it’s respective place on the badge.
After that, it’s time to place text. Make a new layer for each thing you type, such as first name, last name, position and so on. That way you can manipulate as you go and don’t need to delete a whole lot in the process.
After adding the text, move on to the picture. Take a somewhat unflattering picture of yourself, dull it up a bit in the photo-editing software so it looks as though the company just didn’t have good lighting and crop the picture down to your shoulders and face. Make sure you aren’t wearing any other identifying items.
Finally, it all comes down to placement. Make sure everything is placed as close as you can get it to the original picture keeping in mind that you are printing a badge, so leave some clearance on the sides.
Next, open a new file, same dimensions as before. Replicate any text or other items (such as magnetic strip) from the backside of the badge.
Step 3: Print
Print the front of your badge. Do the colors match? Is the placement correct? If not, adjust as necessary and print a test again. Once you’re satisfied, flip the card over and print the back of the badge. Again, make sure everything is good to go.
Step 4: Finalization
The last thing you want to do, unless your pretext dictates otherwise, is to show up with a shiny new badge. What I like to do is to take the badge, step on it a little and rub the badge on the carpet to get some scuffing-action on it. Doing that kind of gives some wear and tear out of the badge and makes it look a little older. Do the same if you intend on using a badge holder or sleeve.
Conclusion
Badge cloning isn’t really a hard process, but it does take some practice, a little skill, and a bit of an artistic side to do well, but the importance of being able to duplicate badges, make templates for later use and use again is extremely valuable in establishing legitimacy for any physical penetration type of engagement.
Happy Hunting!