The significance of protecting sensitive information cannot be emphasized in the current digital era, where security breaches are becoming more frequent. Inside this small country called Maldives in many Governments, Private organizations or homes people choose to use ZKteco access control. This blog explores the world of ZKteco backdoor, its possible effects, and the lessons we may learn from it.
Understanding Backdoors
Backdoors are secret entry points in software systems that allow illegal access without standard authentication. They are often used by developers or attackers for debugging or maintenance purposes. ZKteco Support uses backdoors for giving support to users if they forget password or having difficulties accessing Admin menu.
| Attendence | Access Control |
|---|---|
 |
 |
Video Demonstration on Accessing ZKTeco Access Control without Admin access
Formula for the Password
There isn't much to explain here, it is a simple calculation that involves subtraction of time on the device with 9999 and multiplying the result with the result.
In the video above the time on device was 09:29. Here is how the calculation was done.
9999 - 0929 = 9070
9070 * 9070 = 82264900
UserID: 8888
Password: 82264900
Try it
Conclusion
In order to secure the device from being accessed it is important to setup a firewall which block any outside connections to the Access Control software and most importantly Audit device logging as it logs User Access to Admin menu on time. I personally recommended to keep Access Control for the door lock inside the room if possible and install Fingerprint Reader on the outside of the room. This was one of the most interesting discoveries I found while roaming with the device.