Verified case study

Penetration Testing

by Vince Warrington | 1 August 2016

Penetration Testing


We were approached by a software company who were developing a new iteration of their most popular product. 

We were tasked with not only performing penetration tests on the new software, but also assessing how secure their environment was, as they had concerns that the successful launch of the new product could be compromised if pirated copies were made available on the internet


Project approach

After the ‘Rules of Engagement’ had been defined and agreed, we undertook the tests with three agreed goals;

  • To develop and implement penetration tests for the new software under ‘Clear’ conditions, where the source code and Project Team would be available to answer our questions.
  • To attempt remote penetration of the company network under ‘Obscure’ conditions, where certain aspects of their network were revealed to us in advance (such as IP Address Ranges) but the test was otherwise without assistance. 
  • To attempt to gain physical access to the development servers the new software was residing on under ‘Dark’ conditions, where no information or access would be provided in advance. 

As the company already had robust Project Management processes we were not surprised to find few vulnerabilities with their new product, as their internal IT Security had signed-off at each defined Project Gate. 

Similarly, as they were also used to remote hackers attempting to gain access to their company network, this route also presented few opportunities for attack. 

However, we were able to undertake and successfully execute physical access to the development servers. 

Our research indicated that they were held in a Third Party Data Centre. After studying the facility we were able to create replica ID Cards, which would enable us to pass off as legitimate employees. We then bypassed the physical security barriers by ‘Tailgating’ employees returning from a lunch break.

Once inside, we were able to use Social Engineering techniques to discover the appropriate server room location, along with the Server Racks in which the target was located. 

As the server room was protected by a swipe card system, we deployed another Social Engineering attack to gain access from a legitimate employee. Once inside it was an easy task to identify the physical servers and take photographs to prove our results. We then departed the building.



Our client was surprised to discover how easily we had accessed the servers, and we worked with them and the Data Centre company to improve physical access control.


Vince Warrington

Vince is an expert in data protection and cyber security. He runs Protective Intelligence, an information security consultancy.