Safe autodialer

safe cracker

Two clever students at MIT have built this impressive brute force safe cracker. Their target: a document safe with a S&G 8400 lock. The 8400 is a group 1 manipulation proof lock. Group 1 locks will resist manipulation by an expert for at least 20 hours. These guys used a stepper motor to move the dial and built a custom controller for it. The dial has butterfly knob in the center which must be rotated before and after each combination. That job is handled by a hobby servo. The torque required to open the safe is higher than the stepper motor, so when the optical encoder detects that the motor has stalled you know you’ve found the combination.

Related: Automated Master Lock crackers

51 thoughts on “Safe autodialer

  1. well i think its quite smart realy but there is a easy way to open asafe of this kind a portapack oxy/acceteline much quicker burn baby burn

  2. Attempting to “open” a safe by using an oxy acetylene cutter would be a very poor plan. Say it were a safe full of monies. Once you were done hacking away for ages with the cutter and finaly open it, ohnoes! you cremated the money/any other contents.

  3. @steve (and everyone else)

    The 20 Hr rating includes the time it would take to get into the safe using an oxy/acetylene torch. To rate a safe, they take the quickest time out of using a torch, picking it, using a boroscope, etc…

    So no, an oxy/acetylene torch would not be faster. (Even if you didn’t worry about the documents inside)

  4. a oxy/acet torch works great until you hit an air pocket or a concrete pocket. i’ve taken many vehicles appart with a torch and even things like mud on frame rails really affect your cutting. a little bit of concrete between a few layers of steel would really really slow you down.

  5. darkaxi0m: Yeah, that’s exactly what I thought.. I was kind of wondering, ‘how can an autodialer be safe?’ Darn synonyms and English language!

  6. so the article doesn’t list the average number of combinations that are tried, nor does it list the amount of time combination that the machine requires. Is there any way to get these two figures to determine how much longer than the 20 hour minimum this technique requries? (I assume it doesn’t beat the safe’s minimum time rating)

  7. If ya’ll go and read the link…

    “The Autodailer successfully detected the correct combination after running for about 21,000 cycles.”

    and

    “…that opened a “manipulation proof”, high security safe in just a few hours.”

  8. matt it didntsay it was a document safe did it i only thought of the fastest way to open it dumb arss right back at you ok relax guys go get a doule cheese burger and fries or even a hot dog PMSL

  9. Steve you retard it clearly says on the second line it is a document safe…

    As for your refrences to the rest of us being overweight, I for one, am not overweight, the fact that you associate overweightness with this website means one of four things
    1) You are extremely judgemental
    2) You are probbably overweight and feel you need something to blame it on
    3) You see yourself as above the rest of us, for whatever reason, this site was made for the adverage joe blow hacker, not some fat complaining whining prick like you
    or
    4) All of the above (Most likely)

    Serious, your wife must be proud (she was overwhelmed by how much bigger my cock was than yours ;))

  10. The problems is, I think, Ben, that steve is one of these people that has no shame and has his knuckles too close to the ground to know when he’s beat.

  11. “I’m still a full time student at MIT,”… but next week, you’ll be a pimp on the beaches of Tahiti, sipping a fancy umbrella-drink for the next sixty years!

  12. for ur imformation i am only 12 stone and ur wife never complained aboute my cock infact she seaid that it is the first time she has ever had a orgasm u lardy arss basterd and iam above all of u simply because i am BRITISH that is reason enough so go back and tell ur wife she is a crap fuck ok guys next

  13. steve, what country are you from?

    I can’t think of any many languages where punctuation is not used in writing.

    Fragged: a wife? you really think that he has a wife? the guy is probably 15!

  14. kik azz take on the “unbreakable”, steve…your posts here are rather interesting, but merely thinking superiority due to nationality is the sole reason this world is in such a shitty state. For the record go take a look in a history book, the US 1st whipped ur azz, 2nd saved urs an europe’s ass, and 3rd currently has ur country in check like a cheap hooker…hrrrm…cant rly have a flame war if the flame stops due to coherancy…krip out…

  15. “by Mike
    @steve (and everyone else)

    The 20 Hr rating includes the time it would take to get into the safe using an oxy/acetylene torch.

    The 20 Hr rating does not include using an oxy/acetylene torch or other tools.
    The longest time rating for burglary protection on safes is 60 minutes.

    Manipulation proof locks are more to keep spies out than a burglar.
    The government stoped useing these type of locks 15 years ago.

  16. america the only nation to joine a war three years after it started 1942 and claime that they won it they couldnt even beat a load of rice pickers IE VIETNAM PISS POOR AMERICA coudnt punch its way out of a paper bag if it wasnt for us british u would have NOTHING .america colt pistols .and winchesters versus bow and arrow.red skins win

  17. Reducing the keyspace is one of the worst things you can do as a secur-er and one of the best things to do as an attacker.

    Another example is the default password my university uses after a reset. its first inital/last initial/birthday(mmddyyy)/last4 of social or student id.

    The first initial and last initial are part of the email/userid. The birthday can be found in the student directory (myspace and facebook werent popular when I did this test). That leaves a mere 1000 combonations and no retry limit. A simple java app popped it in about 3 minutes (with a delay to make it not look like a DoS).

    For some more fun, dont look at locks. Look at hinges. If the hinge is on the outside of what you’re locking only a proper safe bolt will keep the door on.

  18. The article links to some really useful sites. I guess the 20hr rating assumes that the safe is in a secure enough location that someone carrying a torch would be noticed :P Brick of thermite maybe? Considering attacks like this, wouldn’t it be safer to make your combination one of the “forbidden” ones as they outnumber the secure ones?

  19. packetmonkee:

    I did read the article, there is no indication as to if the number of attempted combinations on the one safe they opened is indicative of the average number of combinations that are required.

    additionally, citing “a few” hours is pretty vague.

  20. now hey………..the wife here……….dont get me involved in your childish fights……. as for cocks………….i only feed them seed……u saddos

  21. lol the sad thing is steve has to pretend he has a wife…perhaps this has degraded into childishness….yippie! i love it, a bit of mudslangin nvr hurt ne one, althou it mite hurt steve’s ego a bit…

  22. even steves wife admits she dont get cock

    FYI steve i dont have a wife, i’m 16… I do have a girlfriend, everyone tells me they’ll have her once i’m done, as for your nationality it explains about half the reason you are like you are, the other half probbably comes from being a waste of space that used to get pissed on during high school, who now spends his time looking for mail order brides that’d take him as an alternative to girlfriends (Because all you can get is a mammoth, and even she’s hotter than you)

    Why dont you upload a picture of you and your wife so we can all see how hot she is

    Reply to my own last post: Shit, i would never fuck a british woman +o(

  23. hey, this looks like a cool hack; shame dont have a safe to try on :-(

    to all the people offended by “Steve” – Dont take his actions as an exaple of a british person; take him as an example of a knob head.

  24. im only 10 and i’m read hack a day everyday and even have as a rss fead and then i this crap you guys are sissys my 8 year old brother could say better insults.

  25. ok i hate the stupid “im younger that makes me smart cuz i read this site!!!” this is turning into. it doesn’t make you seem smart. stop it.

    and

    @Freiheit,
    about what you were saying with the hinges, that is so true. it’s all about the weakest link (not the show with the brit lady) in the system. I’ve seen doors that have these metal fixtures on the door and on the frame, with a lock attatched through both of them. the metal fixtures were screwed on.
    but for this “document safe” in question, i would hope there is not such a glaring hole.

    finally

    as for the hack itself: i love stuff like this because its simplistic elegance. brute force is amazingly elegant in my opinion. it’s failproof and simple.
    simply amazing.

  26. FYI, the S&G 8400 is obsolete for high level gov. security. All of the new locks are self powering electric locks. If you misdial the safe it automatically locks you out for an increasing number of minutes.

    Ohh yah, and the 20 man hr rating is for manually getting the combo to the safe. Usually physically busting the safe open is no more than 20 minutes. But heck isn’t it faster and quieter to break into a building with a jack and a pallete and steal the entire safe rather than sit there with a firey (alarmy) torch or a noisey cut off wheel?

  27. off topic – Someone should make a poll and hackaday readers should submit their age (annonymously obviously). Would make for interesting stats.
    I’m 14 and read it every day/night (pretty much)

  28. fraggd i know u could never have a british woman they prefer men not mice and are probably to slim for americans as they dont sitt around all day eating jumbo hotdogs and cheese burgers LOVE STEVE

  29. ok rob thought my spelling was bad till i saw ur post exaple EXAMPLE I THINK UR THE KNOB HEAD GO BACK TO SCHOOL U IDIOT

  30. steve – I know quite well how to spell “example”. That is what we refer to as a ‘typo’. This is when a key is accidentally pressed when typing or when is accidentally missed when typing. Stop nitpicking. Move on! Get over yourself; you’re a human being and therefore are equally as low as everybody else on the planet.

  31. Steve you are what we real British call a Tw*t. You have probably not got a single bit of engineering skill in your body, or even in your family, so do every body a favour and show us what you are made of and hack something, maybe with LEDs. And as for the rest of you taking the p*ss out of Briton be it England, Ireland, Scotland or Wales we can not help it if we have some idiots in our country and dick for a leader, but just remember that dicks f*ck Busses.

  32. “did any one else get the idea from the title that this was a [Safe] Wardialer?”

    thank god! i thought i was the only one.

  33. Where are the plans? Where can I get the directions, code and list of materials? Or is this just smoke and mirrors? I see alot of talk but no actual machine. Just a comment, or observation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s