A moment’s inattention is all it takes to gather the information needed to make a physical copy of a key. It’s not necessarily an easy process, though, so if pen testing is your game, something like this Flipper Zero key copying toolchain can make the process quicker and easier when the opportunity presents itself.
Of course, we’re not advocating for any illegal here; this is just another tool for your lock-sports bag of tricks. And yes, there are plenty of other ways to accomplish this, but using a Flipper Zero to attack a strictly mechanical lock is kind of neat. The toolchain posted by [No-Lock216] starts with an app called KeyCopier, which draws a virtual key blank on the Flipper Zero screen.
The app allows you to move the baseline for each pin to the proper depth, quickly recording the bitting for the key. Later, the bitting can be entered into an online app called keygen which, along with information on the brand of lock and its warding, can produce an STL file suitable for downloading and printing.
Again, there are a ton of ways to make a copy of a key if you have physical access to it, and the comments of the original Reddit post were filled with suggestions amusingly missing the entire point of this. Yes, you can get a key cut at any hardware store for a buck or two that will obviously last a lot longer than a 3D printed copy. But if you only have a few seconds to gather the data from the key, an app like KeyCopier could be really convenient. Personally, we’d find a smartphone app handier, but if you’ve got a Flipper, why not leverage it?
Thanks to [JohnU] for the tip.
You don’t even need the flipper zero or 3d printer for this. All you need is a picture of the key, a blank, and a file. There is only about half a dozen or so bitting depths for a key. You can decode them and make a copy with a blank key, a file and a bitting chart. You only need to keep a couple different types of key blanks on hand for most door locks in the US.
The default method to do it quickly has for a long time been to push the key into a piece of putty. This way you can also push the end into the putty to get the profile. But indeed, if you want to go “electronic” (convenient), making a photograph is also an option. It helps if there is some size reference (ruler, or any object of known size) in the picture too. I have reverse engineered a few objects with the picture workbench in FreeCAD.
Yes, the putty method works well if you have physical access to the key. You can use a low melting point metal alloy to quickly cast a duplicate too.
I believe a bar of soap can also be used in a pinch. Or maybe that’s just in the movies.
I’m starting to think a sheet of rigid foam material that crushes. Might be even better since it would have dimensional stability without needing a protective casing.
I’d guess that the green foam used to hold dried flower arrangements would work well. Crushes super easy, holds its shape.
Which reminds me of when the TSA locks became compulsory for luggage flying into the US, one TSA agent posted a photo of himself proudly holding his new set of secret keys. It was less than a day later that people started posting 3D printed copies of these keys.
š¤£š¤£š¤£
No-one’s saying you need a flipper for this, or that it’s the only or best way – it’s just another way that’s kinda interesting.
A long time ago I was a pizza delivery guy.
I walk back to my car after delivering a pizza and… No key. It’s in the car :(
I walk back to the house and ask to use the phone so I can call a locksmith (this is pre-cellphones everywhere…)
Locksmith rolls up and asks “Can you see the key in the car?”
“Yep it’s right there on the seat”
He pulls out a blank and a file. Eyeballs the key… file, file file, looks at the key again, file, file file…
In a couple of min he tries the key… Door opens.
I was slack jaw amazed.
I think it cost me $25
That’s a good show for $25
You just know he was cutting to match the exact pin settings he’d eyeballed off the key, too. “Ok, 5…3…2…”
That’s an example of a legitimate, old school “locksmith” – creating a functional key with nothing but the most basic of hand tools.
Nowadays the person that comes out would most likely pry the door open with a wedge and retrieve the keys with a long-reach tool – basically the exact same thing the guy in the apartment below you would do with a bent coat hanger while drinking a beer…. only not charge you $125 for it.
There’s an android app for this as well:
https://github.com/MaximeBeasse/KeyDecoder
It’s a neat party trick to copy these lower security keys. It’s not a new process, it just becomes easier to accomplish. The key in the video is for a Schlage lock. These keys are rather flat, and the tolerances aren’t too impressive. The same process works for many locks, though. It just gets more difficult the more complex a system gets and the smaller the tolerances become.
The current state of the art is printing high security keys, many of which are still protected under patents. I’ve made about a dozen OpenSCAD designs of high security keys, where each design takes anywhere from a couple of hours to several days to perfect. I’ve made successful copies from the Bowley Rotasera (FFF) and Abloy Protec 2 (Resin). Others in the lockpicking community have copied EVVA 3KS, and ASSA Twin, and Fichet F3D, just to name a few.
I don’t believe making duplicates is as big of a deal as it used to be. However, many systems still rely on the difficulty to duplicate the key for their security. Losing sight of a key for a couple of minutes, or losing a single lock in the master keyed system, can compromise your whole system. I’ve simulated this attack with a set of nine beefy Abloy padlocks. I’ve disassembled one, printed all possible keys for this padlock, of which some were master keys for the whole set.
https://blackbag.toool.nl/?p=4202
‘flipper can do smartphone tasks somewhat less conveniently’ isn’t the ad for flipper that i was looking for
Can it really? All flipper devices are the same. How do I make sure the key guide is the same physical size across all phones? How do I stop the metal key from messing with a phone’s touchscreen?
What do you do with a broken Flipper? If only there were a way to calibrate a phone display. Maybe in the distant future this miracle will be possible.
The physical dimensions of your phone’s screen (in mm) are part of its display metadata, along with the resolution. It’s actually quite trivial to display graphics scaled to accurate real-world dimensions.
For example: The free “Device Info HW” app’s SCREEN page tells me that my own phone’s screen is 1080×2400@60 Hz, rendered on a physical display that measures 67×150 mm, for an X DPI of 409 and a Y DPI of 406.
all well and good, the next part of the skill set, is rekeying a lock, which no camera, or 3d printer can help with
it can be done with a tiny vice, and some small tools
but as they say…..it’s all spring loaded ;)
compared to buying new locks,@ 100 x 25 it is a skill that rapidly
pays off the frustrating learning curve
oh sweet fancy moses that would take 15 minutes clicking around and squinting at a Flipper lol. Better off to use any of the thousands of other methods of cloning. I would really rate it as yet another thing the flipper does not do very well lol. Overrated chunk of animations and illegible text.
This is a interesting article. There are other digital key copy options available on github. More convenient to me is using nfc to copy digital keycards, buspasses, cc, ect..
Playing with the STL generator, I eyeballed my house key. Had to adjust once. Took me all of 20 seconds. Interesting article, I would have never known about the keygen before. I’m just not seeing Key Copier as all that useful. Certainly qualifies as clever, tho.
Their’s a purple machine called an Easy Entrie that’s been out for two+ decades which essentially does this. It uses flat brass universal blanks with smiley faces on the heads and even cuts the proper side milling to replicate the keyway. Software was also available to certain customers allowing duplication from just a picture of the target key.
Lol noobs š there’s an app called snap decoder downloadable from the Google play store been there for maybe 10 years.
https://play.google.com/store/apps/details?id=com.whsoftware.snapdecoder