Secret Mountain Base Recon: How We Infiltrated #shorts

Again, of course, it's a remote location. It's some random mountain, right? Uh extensive underground area, close to the public, but guided tours. Super interesting. Uh a bit of a bummer about that. Um you need to you needed to register for those two weeks up front with a minimum group size of 10 people. We were two testers and we were supposed to go there like 3 days later. So well um anyways we proceeded to do some embedded reconnaissance on site again because um this base and that entrance there was located uh near a public road or just right besides a public road and people usually just take breaks there because it's a semiopen public space. So

we did that at night because then nobody was around really at night everybody left. And we found that yeah there are locks that look like they were high security locks. So lockpicking not a good idea especially because there's a whole lot of CCTV cameras again. So they would surely like pick up that we were picking locks there. Not a good idea. There was a keep it in card reader. That was interesting because that had exposed screws. So you could theoretically fiddle with that but realistically you would order try to identify the exact model, order it to your to your company to your lab and then try to research it, try to break it open and find out how it works.

Obviously we couldn't do that in that amount of time. And we found that during the day, lots of traffic, but at night, no traffic at all. So, how would we then try and approach that? Well, we thought to ourselves, okay, there's an access card reader, but we won't realistically find any access cards laying around. And trying to get people to give us their access cards might be a bit tricky because most of the people going in there are like workers, and trying to convince them could be a bit tricky. Trying to disable alarm or CCTV installations, rather destructive. We wouldn't want to do that. Also the client didn't want us to uh lock picking not an option due to the monitoring

there and filling with the access controls there also not a good option. So that left us with the over entry and we were certain and the client was also that they didn't want us to destroy anything. So that left us with soul engineering and persistence.