Onity Door Lock Hack

At the black hat security conference yesterday a hacker named cody brocious a mozilla software developer demonstrated how someone could gain instant untraceable access to millions of hotel rooms protected by key card locks made by onity.

Onity door lock hack.

Every single onity key card lock has a dc power socket on the base. Six years ago by contrast a security researcher published the code necessary to exploit a glaring vulnerability in widely used onity keycard locks on the web. Inspired by the james bond type setup we saw on the spiderlabs blog post we thought we de try to build a small simple and tsa friendly version of the onity key unlocker. A black hat hacker has unveiled a method that allows a fairly simple hardware gadget to unlock door locks manufactured by onity.

It takes approximately 200 milliseconds from the time an attacker plugs the device in until the. Why 100 s of thousands of tourists are vulnerable to theft of worse. It reinforced the warning sound by cody brocious when he presented the exploitat. That hack used an arduino compatible chip inside of a dry erase markeras an end run around the lock s electronics.

On one of our engagements we figured an onity hotel door unlocker would be useful to us. This accounts for over half of all the installed hotel locks and can be found in approximately a third of all hotels. Providers of software and systems that meet the needs of hotel operators for security energy conservation management solutions and guestroom comfort. Approximately ten million onity ht locks are installed in hotels worldwide.

How the onity lock system is designed. We hope to reveal unique insight into the way the onity ht system works and detail various vulnerabilities therein.