Archive for the ‘Lockpicking’ Category

« Older Entries
Newer Entries »

Czech Lockpicking Championships

Monday, October 31st, 2022

The Association of Czech Lockpickers held their yearly competition last weekend. Starting up after COVID, they offered a limited program without impressioning championships, but still included a padlock competition, blitz, cylinders and freestyle.

I (Walter) went over to participate. There were competitors from Czechia, Germany, Austria, Hungary and I was the representative for the Netherlands. The championships were held at a nice and cosy facility, giving ample room for socialising and catching up with old friends.

Some of the ‘usual suspects’ were absent due to work or for other reasons, but still there were plenty of people participating

Padlocks

First up was the padlock competition. The padlocks were provided and differed quite a lot in difficulty. You are allowed to test your tension wrench before the clock starts. For one particular lock, it was hard to test the tension wrench without accidentially already opening the lock.. on the other side of the spectrum, some of the Tokoz padlocks proven impossible to open in the allotted time.

I had a tool stuck in a lock which I why I didn’t make the A-finals. But all for the best, because in the B-final I then became second. There were 7 people in the A-final, 9 in the B-final.

Blitz

The blitz competition requires opening locks within a minute. Each participant brings their own lock. I was a bit confused here.. I’ve done such competitions before. I fondly remember the one held by SSDeV in 2003. People would give me the lock and tell me exactly how to open, because the goal here is not to bring a difficult lock, but to encourage beginning lockpickers to have success. It is a competition that should also show the audience that lockpicking is a sport that can be done by anyone. However, at this competition, there were very difficult locks, I even saw a Mul-T-Lock with the pin-in-pin system. It was no surprise that it take not long for most of the people to be out of the game, me included.

Cylinders

For me, the cylinder opening is the most interesting competition and I was looking forward to it, after the Blitz. For this competition, people take their own locks that they need to open within 5 minutes or they cannot participate. I took an Ivana Necoloc (rebranded Anker Infinity) that was used in the Toool championship finals (nobody opened it there in 15 minutes). For the first time, I prepared for a competition, because I practiced opening this lock within 5 minutes. I managed to do so here under stress as well (about 1’20) and could participate. The competition saw some very difficult locks, such as the EVVA ICS.

I made it to the A finals, even though I did not open the FAB lock. Later, I learned it has a very deep pin because of bump protection, which I somehow missed in the stress.

In the final, I openend a cheap lock (Legallais) and a Winkhaus, but left the EVVA ICS and Cisa SB (similar to Abus XP1) closed. The Cisa was almost completely picked until I made a mistake and had to start over. Jascha had the same happening to him. The last round I got Jascha’s Yale dimple lock which had dimples and sliders. I destroyed my lockpick on it, but opened it in 14’58! That, in the end, was enough for fourth place overall. I though my Ivana lock would be difficult enough to give me an advantage, but it turned out everybody in the A-finals opened it within the 15 minutes.

Freestyle

For the freestyle competition, the locks were once more provided. They needed to be opened within 5 minutes. I did not bring any electropicks or other ‘freestyle’ tools, so reverted to normal picking. I again made it to the A-finals. There, I opened 3 EVVA locks and 2 Euro Plus locks. Once I figured using the Bogoto was the way to go, I opened these in seconds, but unfortunately the first EVVA and Euro Plus took me 1’49 and 2’14. THere were 2 Mul-T-Lock interactive cylinders that “talked” to me but wouldn’ open in the end, a FAB 400 I had opened in the first round but wouldn’t open in the final and a Kaba Gemini that was only opened by the winner using an electropick (and a bit of luck). I think it was due to my time that I only became 7th here.

Overall it was a very nice competition with a good atmosphere. Thanks to the organisers!

Photos CCBY4.0 Walter @ Toool Blackbag

Posted in Lockpicking, Locks, Conference | Comments Off on Czech Lockpicking Championships

LockCon 2022 – Car Lockpicking Competition

Saturday, September 3rd, 2022

Our friends from Italy organized the Car lockpicking competition this year. Many car door locks, provided by ParmaKey, were picked during the competition.

First place in the competition won a Multipick ELITE pickset, an Italian bag, and a bottle of wine. Second and third place won a Multipick ELITE pickset. All winners got a trophy, and a custom engraved PACLOCK, a book on lock history, and a lock comic book.

Congrats to the winners!

Lasse got 1st place
Tom C got 2nd place
Nitiflor got 3rd place

Posted in Lockpicking, Uncategorized, LockCon, Conference | Comments Off on LockCon 2022 – Car Lockpicking Competition

LockCon 2022 – Lockpicking Competition

Saturday, September 3rd, 2022

During the Saturday, we ran the Lockpicking competition. For the first round, we had eight tables with eight participants each. Which all attempt to pick locks in 5 minute rounds, where everyone at the table gets to try all locks. The first and second best of the table get to the next round, which was four tables of four. The best of each table got to compete in the finals.

This year the competition had a wide selection of locks, from Abus, Corbin, Kibb, Iseo, Kale, Nemef, DMS, Winkhaus, DOM, S2, ERA, and Zeiss-Ikon, just to name a few.

First place in the competition won a custom engraved Abloy Classic lockpick by Jaakko and a Sparrows voucher of €100. Second place won a mh electronic lock bumping kit and a Sparrows voucher of €200. The third place won a set of Multipick LockNoob essentials lockpick kit. All winners got a trophy, and a custom engraved PACLOCK.

Congrats to the winners!

Oli got 1st place
Torsten got 2nd place
ImSchatten360 got 3rd place


Posted in Lockpicking, Uncategorized, LockCon, Conference | Comments Off on LockCon 2022 – Lockpicking Competition

LockCon 2022 – Toool Competition

Saturday, September 3rd, 2022

Toool NL has a competition with ~25 locks, which can be picked during Toool meetings. Each member times his opening attempts and points are awarded according to opening times. The competition ran from LockCon to LockCon, which was a bit longer than a year, this time.

Competition archive from 2004: https://toool.nl/competitie/

Competition from 2020: https://toool.nl/competitie2020/

First place in the competition won a custom engraved Abloy Classic lockpick by Jaakko. Second place won a Multipick Kronos electropick. The third place won a set of Multipick dimple lockpicks. All winners got a trophy, and a custom engraved PACLOCK.

Congrats to the winners!

Walter got 1st place with 250 points
Tom got 2nd place with 176 points
Jos got 3rd price with 160 points

Posted in Lockpicking, Uncategorized, LockCon, Conference | Comments Off on LockCon 2022 – Toool Competition

Castle De Berckt

Saturday, August 20th, 2022

This blog is a short photo tour of the venue for LockCon 2022.

Map of the Berckt estate. Please park at P2 and walk back around the Manor house to the Legion Hall.

Click the map to enlarge, or follow the link: https://blackbag.toool.nl/wp-content/uploads/2022/08/The-Berckt-estate.png

Image
The first sign you will see from the road.
Image
Image
Enter through the side guard gate. If you are by foot and the gate is closed, enter through the main entrance.
Image
Drive straight through to the end, then right turn into the parking area two (P2).

After parking, walk back the way you came and head over to the conference hall (Legion Hall).

Please, do not walk through the Manor House from the parking area, as another group has rented that hall and terrace, and we don’t want to disturb them.

Image
This is the Legion Hall and The Tower. We have this whole building!
Image
Alternative view from behind the main castle buildings, on the other side of the moat.
https://cdn.discordapp.com/attachments/1006820270847295578/1009751998494670848/castle_stage-Holly.png
Here’s a photo of our presentation hall. We will also run our competitions here.
https://cdn.discordapp.com/attachments/1006820270847295578/1010160714784190504/castle_dine_hall_01-Holly.png
Here’s the dining hall.

In case of doubt, please call the organisation or use street view.

Posted in Lockpicking, Uncategorized, LockCon, Gatherings | Comments Off on Castle De Berckt

LockCon 2022 registration is OPEN!

Saturday, May 21st, 2022

Is normality actually restoring in the world? To be honest, I have no idea…. But it IS restoring in the lockpick world as LockCon looks to happening this year!! \o/ 

After a mandatory pause, we are looking forward to again discuss all the things locks in a castle in the city of Baarlo. LockCon will be held from Thursday 25th of August to Sunday 28th of August.

Want to join? Maybe want to give a talk? Workshop? Host a competition? Sponsor us? Fill in your details here (link no longer active 20-08-2022) and we will get back to you. (Regular attendees, please check your email.)

More information on LockCon: https://toool.nl/LockCon and all Blagbag posts on LockCon: https://blackbag.toool.nl/?cat=3

We are looking forward to meeting all of you again!

Posted in Lockpicking, LockCon, Conference, Gatherings | 3 Comments »

Italian lockpicking contest

Thursday, May 19th, 2022

Last week, the ELF (European Locksmith Federation) convention that was to happen in 2020, finally took place. It was organised by ERSI (Esperti Riferme e Serrature Italia) in Bologna, Italy.

The lockpicking competitions were set up by the folks from ParmaKey, such as Ivo, and they had help from Federico, now secretary of ERSI. Ivo and his team led the lever lockpicking contest at LockCon in 2019 as well and they used the same setup in Bologna.

There were three (small) competitions, in lockpicking, lever lockpicking and car opening.

In the lockpicking competition, there were cylinders and padlocks, both pin tumbler and dimple. In the final round, Torsten was the only one to open all 6 locks for the win. Both Béla and Harry opened 4, and with just a 4 second difference in total times, Béla took second place.

Competition in full swing
Torsten won the picking competition
Top-3 in lockpicking from Germany (Torsten, left), Hungary (Béla, right) and Greece (Harry, in white shirt), also showing Ivo (and Federico on the far left)

Then there was the lever lockpicking. Nice wooden stands were used with LEDs to show the lock being opened up to four times. These were 4 throw Italian locks, the same as those used at the previous LockCon. Both Morris and Mirko had 13 throws in total, but Morris did it a minute faster, earning him first place, with Mirko second. Federico Z. became third with 10 throws in total.

Morris won the level lockpicking competition

The third competition used similar wooden blocks as those used for lever lockpicking, but these held car locks (including the door handles). The corresponding lishi tool was supplied with each lock. Gianluigi won the final, opening 6 locks. Giovanni became second, opening 6 locks as well but slower, and Béla became third with 5 locks opened.

Gianluigi received his first prize in car opening

– Walter

Posted in Lockpicking, Conference | Comments Off on Italian lockpicking contest

2-in-1 for Abus, that barely works.

Saturday, January 8th, 2022

Lishi 2-in-1 have been around for a long time, both for automotive and more recently for pin tumbler locks. Sadly, these tools are quite costly as they are keyway specific. Furthermore, this type of tool can’t be made for some locks as the keyways are too tight. Or so I thought, as of writing there are several 2-in-1 for sale for the paracentric Yale keyway. As I was intrigued, I’ve bought an off brand 2-in1 for CISA. In testing the tool, I’ve found various limitations that might impact the usefulness of this tool.

Let’s start from the beginning, Lishi is the brand name of a series of lockpicking tools designed and made by Zhi Qin Li. The Lishi company split up and Zhi Qin Li still sells his 2-in-1 under the brand Original Lishi, while another company sells them under the brand Genuine Lishi.

Original Lishi sells a variety of tools, the one generally referred to as a Lishi is a 2-in-1 lockpick that both applies a turning force and a tool for picking individual elements. The tool can also be used to decode the lock once the lock is open, and a key can be cut in the field with another of Li’s tools.

Lishi for the Schlage SC4 keyway.

So, what does a Lishi 2-in-1 lockpick do? The tool consists of two parts; the body that is used as a turning tool and the thin feeler that’s used as a lockpick. This in itself would not be too useful, however, the body has a chart of where the lockpick is in the lock. You move the pointer to the desired element, indicated by the vertical lines, and push down lightly on the pointer. This in turn moves the lockpick, pushing down on the element in the lock. You can feel if the element is binding or not. And just as lockpicking, you go through the lock, pin by pin, and feel for the binders. Then you set each binder and search for the next one, until all elements are set. Click on one, click on three… Open!

From y2k these tools have been available for automotive locks as the combination of open keyways, many wafers, and typically low tolerances work very well for this tool. 2015 was the year 2-in-1 picks became available for pin tumbler lock for the USA market. (Schlage, Kwikset, and Master). Most of these locks have wide keyways, low tolerance, and very few security pins.

I’ve played with a few of these tools, but didn’t find them too useful. I’m not a locksmith, not in the USA. For me, they would be mostly a novelty. But the pick I’m about to show can be a game changer as it targets European locks I’m familiar with.

In December, I was notified a seller on AliExpress sells 2-in-1 (not a Lishi!) for the paracentric Yale keyway. The consensus under lockpickers is that this tool could not exist, because the keyway is too tight and has no straight access to the pins. I was curious enough to fork over €50, and bought one for CISA as it’s very close if not identical to the Abus C83, the lock we use for impressioning championships.

The seller is quite open about the tool’s limitations and wrote on the lever “80% coverage. Without pin 8 or 9”. While this sounds like it’ll open 80% of locks, but it doesn’t seem to be the whole story, as we will find out. The biggest concern with a tool that works on a subsection of locks is if the user can detect the tool does not work, instead of user error or lack of skill. I suspect so, but it will be far from easy. In short, a lock will not work with one or more cuts deeper than a 7 and therefore this pin will always be overset and this you can detect.

Small sub section of factory cut Abus C83 keys, I’ve a modest collection of them.

As I was curious about the 80% claim, I’ve spent an evening measuring my Abus C83 keys. While these are not CISA, they are close, and I happen to have a modest collection of these keys. 92 out of 283 of the measured keys have no cuts deeper than 5.5mm, the size of the tool. This means the tool will only work on 30% of my Abus C83. This is consistent with a statistics sanity check. For this, we assume every lock has a uniform distribution of cuts, ignoring MACS. This came to be (7/9)^5 = 28.4%.

I’m considering this 30% an upper bound, as Abus C83 and CISA aren’t shipped with standard pins. The old locks are shipped with mostly spool pins, and the new ones have serrated, spool, and T-pin key pins and the same for the drivers.

Abus C83 old style vs new style pins.

Besides the theoretical usability and security pins, what other flaws would make this tool suboptimal? The picking tip snags while moving from pin to pin. Furthermore, picking in the counterclockwise direction binds the picking tip, and it makes it difficult to differentiate between a binding pin and a binding picking tip.

Randomly pinned lock with standard pins, decoded to 52452.

Let’s wrap it up, this tool is sold at €50 and promises quite a lot. However, theoretical, it will only open 30% of all the locks it was designed for. Furthermore, the limitations of security pins and rotation direction will limit the functionality even more. A practiced lockpicker might be-able to overcome some limitations, or detect the tool will not work. A tool that only opens a very small subset of locks is not a very useful tool, and I can’t recommend it to pick these locks. However, as new pickers always struggle to find the binders, and this tool enables them to actually ‘see’ what they are doing, it could be a game changer for teaching.

Pictures CCBY4.0 Jan-Willem Toool Blackbag

Posted in Lockpicking, Impressioning, Uncategorized, Decoding | 4 Comments »

Lock Picking Forensics

Wednesday, October 6th, 2021

I (Walter) have created a geocache that requires some RSA hacking and subsequently lockpicking. I bought an Abus Titalium 64TI/40 padlock to be picked. Several people were able to find it by teaming up together. The feedback I got was that people spent considerable time on the lock, sometimes several hours (in separate sessions).

Geocacher #15 was unable to lockpick the lock, even though he had practiced on an identical lock at home. I offered to go with him to give advice. He couldn’t open it. Also I couldn’t (quickly) open it. I took the original key and that would not open it. By not fully inserting the key and wiggling, I succeeded in opening. (I let the geocacher pick his own lock and allowed him to log the cache.)

Once home, I decided to take a look at the lock. Although only a very limited number of people had worked on it, it was completely shot. I took a video comparing showing a new padlock and then the one from the cache:

I’ve taken apart the lock to have a look at the pins. We always say that picking a lock will leave tiny traces on the pins (and other parts of the lock) that can be found during a forensic investigation. Well, in this case, the naked eye was enough to see the abuse.

Here’s the plug with the key inserted. Note how the pins have shortened. This causes the key to no longer work.

This also explains why taking out the key a bit and wiggling opened it.

Here’s a view of the pins:

There’s now a new padlock in place. You can’t really tell from the picture here, but the pins are made out of aluminium, which kind of explains the wear on them. I bought the lock as it is marketed as being weather proof. But resisting weather is different from resisting lockpicks.

Photos/video CCBY4.0 Walter Belgers

Posted in Lockpicking, Keys, Locks | 1 Comment »

Book review: Little Black Book of Lockpicking

Thursday, September 30th, 2021

Two weeks ago Alexandre “FrenchKey” Triffault published the book Little Black Book of Lockpicking on NDE techniques for Red teams and security professionals. The book has 171 pages with a broad variety of lock types and opening methods, from lockpicking to impressioning, and from making cutaways to decoding combination padlocks.

Whenever there is a new book about lockpicking I pick up a copy especially when it’s written by a friend. It sold for €35 Amazon that does the printing and distribution of this book. The book is a good read and is a continuation of the OFC guide to lockpicking (free pdf) that’s also written by Alex and translated by MrAnybody. The OFC guide is all about lockpicking while this book includes many more topics including bumping and impressioning, both topics I’ve paid extra attention to.

The first thing I noticed was the many high detailed graphics used. Alex modeled the locks, lockpicks and other tools and included 3D renderings in the book as virtual cutaways. The style works very well for this book. It does not just write about a concept but also shows how it is done.

The book is 27 chapters and on average six pages for each subject, this inevitably means there is not too much room for details or nuances. This is a pity as Alex has the ability to give insights I would never think of.

I want to mention that the advanced topics in the book like (self) impressioning will take a long time to get good at. For me, I’ve experienced it takes many failed attempts to do these attacks, even in a controlled environment. Attacks like self-impressioning took me a very long time to make work. I can only imagine how it would be to attack doors on an assignment.

This is one of the better books on the basics of NDE and I recommend getting a copy for yourself or to to share. When you share the book, do keep in mind the book is written for red teams on an assignment and not for hobbyists. It is never a bad thing to give a small lecture on the locksport ethics and our view on locks as a puzzle with the book.

Posted in Lockpicking, Keys, Impressioning | Comments Off on Book review: Little Black Book of Lockpicking

« Older Entries
Newer Entries »