This article is more than 1 year old

Pentester says he broke into datacenter via hidden route running behind toilets

Lock down your 'piss corridor' – or even better, don't have one at all

Many security breaches involve leaks, but not perhaps in the same way as one revealed by noted security consultant Andrew Tierney, who managed to gain unauthorized access to a datacenter via what he delightfully terms the "piss corridor."

Tierney, who works as a consultant for security services outfit Pen Test Partners, revealed in a Twitter thread how one of his more memorable exploits involved demonstrating that it was possible to gain physical access to the supposedly secure area of a datacenter via its toilets.

Posting a diagram to illustrate, Tierney showed that the unnamed facility had a separate bathroom area for the general office space and the secure area where the IT infrastructure is housed. However, the two toilet facilities were adjoined, and Tierney realized there was actually a shared access space for servicing the toilets that ran behind both sets of cubicles, which he christened the "piss corridor."

It turned out this access space could be reached through a concealed door in an accessible cubicle – a larger cubicle designed for wheelchair access – on either side of the secure/insecure divide. So that's exactly what Tierney did, entering the toilets on the general office space side and accessing the "piss corridor" via the accessible cubicle, exiting on the supposedly secure side the same way.

Tierney omits to mention whether the concealed doors were locked to prevent any curious toilet patrons from entering the access space, or whether he had to pick the locks to gain entry.

The only awkward moment might have come had the accessible cubicle on the secure side been occupied when Tierney opened the concealed door, and so he claims that he only did this after "*really* making sure there wasn't someone else in the other accessible cubicle."

Flushed with his success, Tierney noted that he had just managed to defeat the datacenter's security protection which involved mantrap entry gates where personnel had to "surrender all digital devices" upon entry. Even worse, the toilet layout was visible for all to see on public planning documents, meaning that anyone could have figured out how to bypass security.

The lesson for operators of secure facilities is take great care that you are not caught short with such obvious ways of bypassing physical security controls, and remember it is always about more than just IP access. ®

More about


Send us news

Other stories you might like