

Combo Breaker – 3D printed, battery powered lock cracking device - iamthepieman
http://samy.pl/combobreaker////

======
aidenn0
See [http://stantonconcepts.us/rks.html](http://stantonconcepts.us/rks.html)
for the reverse of this; a combination lock designed to only be opened by a
machine (you can do it by hand, but with 5 discs it takes a _long_ time)

~~~
e12e
Facinating concept. I suppose it should be pretty safe to build the machine
into the lock too (have the controller be a pretty straightforward
pin/pw->dial combo). Would still be vulnerable to keylogging -- but the
general principle of "just a decent/high-precision combination lock", paired
with "too many combination for brute force to be feasible" is interesting.

------
WaxProlix
Incredibly cool, is the algo for this available? It seems like a handy thing
to have in a mobile app...

Edit: It's not laid out as an algorithm proper, but the process is detailed on
a page[1] linked from his site. And, surprise surprise, the algo itself is
implemented in JS on the same page, so you can just view source to snag it ;)

1 [http://null-byte.wonderhowto.com/how-to/behind-hack-
discover...](http://null-byte.wonderhowto.com/how-to/behind-hack-
discovered-8-try-master-combo-lock-exploit-0161877/)

~~~
Intermernet
Also a video of Samy demonstrating why the attack works here:
[https://youtu.be/qkolWO6pAL8](https://youtu.be/qkolWO6pAL8)

It's interesting that the first digit of the combination can be found due to a
design shortcut taken by Master. The inner and outer discs are manufactured
identically which means that there is a redundant protrusion on the outer disc
which causes detectable friction when it hits the shackle collar. If Master
manufactured the out disc separately, without that protrusion, the first digit
would be much harder to discover.

------
eyeareque
Samy is the man. Such a cool, low cost technique that can be used and built on
for cracking many other combo locks as well. Nice work.

~~~
sitkack
Samy is a model for us all.

~~~
xyzzy123
but most of all, samy is my hero

------
creeble
So when will someone print a key-lock picker? More useful, methinks.

~~~
8ig8
You could also shim the lock open pretty quickly with a scrap of aluminum from
a beverage can. Examples...

[https://www.youtube.com/watch?v=GBOvt2VH5B0](https://www.youtube.com/watch?v=GBOvt2VH5B0)

[https://www.youtube.com/watch?v=jY_Q7nK6550](https://www.youtube.com/watch?v=jY_Q7nK6550)

~~~
sokoloff
The thinner pieces of metal from inside the anti-theft white plastic things on
DVDs, expensive tools, etc work way better (and less likely to cut you) than
aluminum can bits.

------
Shivetya
while cool those types of locks are more quickly solved with a hammer and
large screwdriver, well the screwdriver just makes it easier

~~~
e12e
Not if you want to leave no trace. Say you want to break in, install a
keylogger, and then leave.

------
Derpdiherp
While impressive, after watching his videos it becomes apparent it's a
vulnerability in that one particular model of lock. Not quite as impressive.

~~~
iamthepieman
I thought it was most interesting because it shows an automated mechanical
sensing device that exploits a common lock. Many other types of locks can be
picked by a human using sensory feedback and some basic techniques. It seems
like not too big a jump to see this kind of device being built for other locks
and even a more general purpose device being built for a wide range of locks.

~~~
sitkack
Metasploit for devices. With drones, ascenders and brute force, physical
security is dead. Anything too tedious for a human will be done by a robot.
Witness the touch screen robots that can unlock numeric passwords on smart
phones.

