Safe Cracking With Signal Analysis

July 13, 2015 by Dan Maloney 46 Comments

[Dave Jones] over at EEVblog got his hands on a small safe with an electronic lock and decided to try his hand at safe cracking. But rather than breaking out the thermal drill or shaped charge, he hooked up his Rigol scope and attempted a safe cracking via signal analysis (YouTube link).

We have to say that safes Down Under seem much stouter than most of the inexpensive lock boxes we’ve seen in the US, at least in terms of the quality (and quantity) of the steel in the body of the safe. Even though [Dave] was looking for a way in through the electronics, he still needed to deal with all that steel to get himself out of a face-palm moment that resulted in a lockout. Once that was out of the way, he proceeded to capture usable signals from the internal microcontroller using the only two available contacts – the 9 volt battery connections. While he did get signals, he couldn’t find any signatures that would help determine the six digits in the PIN, and as he points out, even if he did, brute-forcing through the one million permutations to find the right code would take too long, given the wrong-code lockout feature of the lock.

Even though he failed to hack into this particular safe, there’s still plenty to be learned from his methods. And who’s to say that other similar locks aren’t a little more chatty about their internals? Maybe you could even manage to EMP your way past the lock.

Pictures That Defeat Key Locks

May 23, 2015 by Mike Szczys 65 Comments

We’re at LayerOne this weekend and one of the talks we were excited about didn’t disappoint. [Jos Weyers] presented Showing Keys in Public — What Could Possibly Go Wrong? The premise is that pictures of keys, in most cases, are as good as the keys themselves. And that pictures of keys keep getting published.

[Jos] spoke a bit about new services that offer things like 3D scanning and storage of your key for printing when you get locked out, or apps that ask you to take a picture of your key and they’ll mail you a duplicate. Obviously this isn’t the best of ideas; you’re giving away your passwords. And finding a locksmith is easier than findind a 3D printer. But it’s the media gaffs with important keys that intrigues us.

We’ve already seen the proof of concept for taking covert images to perfectly duplicate a key. But these examples are not so covert. One example is a police officer carrying around handcuff keys on a belt clip. Pose for a picture and that key design is now available to all. But news stories about compromised keys are the biggest offenders.

A master key for the NYC Subway was compromised and available for sale. The news coverage not only shows a picture at the top of the story of a man holding up the key straight on, but this image of it on a subway map which can be used to determine scale. This key, which is still published openly on the news story linked above, opens 468 doors to the subway system and these are more than just the ones that get you onto the platform for free. We were unable to determine if these locks have been changed, but the sheer number of them has us thinking that it’s unlikely.

Worse, was the availability of fire-department ~~master~~ keys ~~which open lock boxes outside of every building~~. (Correction: these are fire department keys but not the actual lock-box keys) A locksmith used to cut the original keys went out of business and sold off all their stock. These keys were being sold for $150, which is bad enough. But the news coverage showed each key on a white background, straight on, with annotations of where each type of key will work.

Other examples include video news stories about credit card skimmers installed in gas pumps — that coverage showed the key used to open the pump housing. There was also an example of speed camera control cabinet keys being shown by a reporter.

[Jos’] example of doing the right thing is to use a “prop” key for news stories. Here he is posing with a key after the talk. Unfortunately this is my own house key, but I’m the one taking pictures and I have blurred the teeth for my own security. However, I was shocked during image editing at the quality of the outline in the image — taken at 6000×4000 with no intent to make something that would serve as a source for a copy. It still came out remarkably clear.

Some locks are stronger than others, but they’re all meaningless if we’re giving away the keys.

Cracking A Combo Lock In Under 30 Seconds

May 17, 2015 by James Hobson 21 Comments

Forget the combination to your combo lock? Well if you’ve got a 3D printer, an Arduino, a servo and a stepper motor handy — you can build your own Combo Breaker pretty easily. It’s capable of solving any Master combination lock in 8 tries or less.

The creator [Samy Kamkar] is a privacy and security researcher, who absolutely loves finding holes in security. We actually just heard from him at our very own Hack a Day Prize: Los Angeles event, where he talked about his wireless keyboard sniffer he built into a cellphone charger.

He’s previously shown us how to crack a combo lock in 8 tries or less using an online calculator he made. This project is just an extension of that to automate the whole process.

As always he gives an extremely thorough explanation of the project in his build log video — including designing the 3D printed parts! If you wanna build your own it’ll cost just under $100 and you can grab all the necessary info and source files from his GitHub.

[Thanks for the tip Justin!]

Continue reading “Cracking A Combo Lock In Under 30 Seconds” →

Teardown: An Electronic Master Lock

April 29, 2015 by Brian Benchoff 35 Comments

[rohare] has an interesting teardown for us over on the keypicking lock picking forums. It’s a Masterlock combination lock – specifically the Masterlock 1500eXD – and yes, it’s a completely electronic lock with buttons and LEDs. Think that’s the mark of a terrible lock? You might be surprised.

The first impressions of this lock were surprisingly positive. It was heavy, the shackle doesn’t move at all when you pull on it. Even the buttons and LEDs made sense. Once the back of the lock was drilled open, things got even more impressive. This lock might actually be well-built, with a ‘butterfly’ mechanism resembling a legendary padlock, actuated by a small but sufficient motor. Even the electronics are well-designed, with the programming port blocked by the shackle when it’s closed. [rohare] suspects the electronics aren’t made by Masterlock, but they are installed in a very secure enclosure.

The teardown concludes with a fair assessment that could also be interpreted as a challenge: [rohare] couldn’t find any obvious flaws to be exploited, or a simple way to break the lock. He concludes the most probable way of breaking this lock would be, “knowing some trick of logic that bypasses the codes on the electronics”. That sounds like a good enough challenge for us, and we’re eagerly awaiting the first person to digitally unlock this physical lock.

3D Printing Lock Picks

December 1, 2014 by Brian Benchoff 24 Comments

Over at the 23B hackerspace in Fullerton, CA, [Dano] had an interesting idea. He took a zip tie, and trimmed it to have the same profile of a lock pick. It worked. Not well, mind you, but it worked. After a few uses, the pick disintegrated, but still the concept of picks you can take through a TSA checkpoint was proven.

A few days after this demonstration, [C] realized he had a very fancy Objet 3D printer at work, and thought printing some pics out would be an admirable goal. After taking an image of some picks through the autotracer in Solidworks, [C] had an STL that could be printed on a fancy, high-end 3D printer. The printer ultimately used for these picks was a Objet 30 Pro, with .001″ layer thickness and 600dpi resolution. After receiving the picks, [C] dug out an old lock and went to town. The lock quickly yielded to the pick, and once again the concept of plastic lock picks was proven.

Although the picks worked, there were a few problems: only half the picks were sized appropriately to fit inside a lock. Two picks also broke within 15 minutes, something that won’t happen with traditional metal picks.

Still, once the models are figured out, it’s easy to reproduce them time and time again. A perfect lock pick design is then trivial, and making an injection mold becomes possible. They might still break, but they’ll be far easier to manufacture and simple to replace.

3D Printed Bump Keys

August 29, 2014 by Matt Terndrup 28 Comments

Getting past a locked door is easy if you have the right tools. It’s just a matter of knowing how to adjust the pins inside to an even level while turning the mechanism at the same time when everything is perfectly in place. That’s the beauty of a bump key. You never have to see the actual key or what it looks like. And with a simple hit to the back of the key, and bumping it just enough, the lock can magically be opened.

Lock picking items like this can be ordered online for a couple of dollars, or as [Jos Weyers] and [Christian Holler] showed in a recent Wired article, alternatively you can print your own at home. The video of these 3D printed keys (which can be viewed below) attempts to prove that a person can unlock a door with plastic, which was a little bit surprising to us because it seems like the edges would break off right away. But as it turns out, a thin plastic bump key can be made and does function. Not sure how long these keys can last though, but sometimes all you really need is a one time use when trying to open a specific, tricky lock.

As the article states, “Weyers and Holler aren’t trying to teach thieves and spies a new trick for breaking into high-security facilities; instead, they want to warn lockmakers about the possibility of 3-D printable bump keys so they might defend against it.” Although this information is geared towards lockmakers, we see our Hackaday readers finding this data useful as well. Organizers of hackerspaces who hold regular lock-picking events might want to print their own keys and teach classes centered around security. The uses for this are boundless in regards to educating the public about how locks truly work.

Continue reading “3D Printed Bump Keys” →

Turning Street Sweeper Bristles Into Lock Picking Tools…For Science!

August 8, 2014 by Matt Terndrup 25 Comments

In between writing for Hackaday, most of us (if not all of us) like to design projects on our own, creating whatever might come to mind. I, for instance, enjoy experimenting with lock picking techniques at industrial, gritty, and real warehouses in Southern California learning how to utilize the resources there, turning spare parts into something completely different.

One such skill I learned is how easy it is to make lock picking sets from discarded scraps of metal. The documentation is found on a personal blog of mine called HackerTrips (we cover our own stuff sometimes). It contains several photos and descriptions of the process involved which I picked up thanks to a hackerspace in Fullerton where local makers dream up all kinds of interesting projects.

The project starts out by walking on the streets, which is a rarity these days. This is because the general modes of transportation now are either a car, a bus, a subway, a train, a bike, or a plane, which puts the attention on the destination at hand rather than peering into the fractures of the road. This means that a lot of the time, people don’t notice the hidden treasures found on the side of the street, including the street sweeper bristles that have been knocked off their edges.

Continue reading “Turning Street Sweeper Bristles Into Lock Picking Tools…For Science!” →