Archive for the ‘Keys’ Category

Key duplication from a photo CTF

Sunday, September 22nd, 2019

Jos has a talk about key duplication from pictures. If you have not seen it: https://youtu.be/muINcnhj1EQ
For a conference there was the question: What does it take to make it into a workshop? There was little budget so we have turned it into a CTF instead of a training/workshop.
This CTF has no prices and might teach you something new.

If you ever wished you could try it without being sneaky, this is your chance. The CTF is a controlled and safe environment. You are encouraged to copy these keys!

The problem:
Publishing pictures of your keys is not a good security practice. Keys can be duplicated from a photo rather easily. Twitter and other social media are full of threads filled with pictures of keys. I got shared one but they’ve removed it on our advice.
(Note to self: Take more screenshots.)

Example: https://twitter.com/hashtag/zeigteureschluesselanhaenger
The hashtag is about the keychain but there are some perfectly decodable keys in there.

The CTF:
1) Get to the keys
2) Take a photo or make an imprint of it
3) Make a key
4) Test the key

Measuring tools and files will be available at the lockpicking village.
We are going to help as little as possible to not spoil the fun.

There are three keys at the moment:
CTF 1) Key will be published here
CTF 2) Key will be placed on the table at lockpicking villages (do not borrow/steal the key please.)
CTF 3) Key will be on the belt/lanyard of the Orga or instructors at the lockpicking Village

Please don’t publish pictures of the CTF 2 and CTF 3 key. You are allowed to do a writeup about CTF 1.

CTF Key 1:
Key measurements:

As there was still some ambiguity, this picture should prove be useful. Each square is 5mm by 5mm.

All locks are standard unmodified 5pin Abus/Buffo. The blanks that work are Y1, 1A (SKS/JMA), CS206 (Silca) and many others. You’ll get points for sourcing your own keys. Really, give it a try!

This CTF will run for the next months to years. Come see Toool at a conference near you.
Next up: Hardwear.io, HITB, LockCon and Hackerhotel 2020.

If you want to play but can’t make it to a conference. Please send me a digital bird at Jan-Willem at Toool dt nl. You’ll be send three pictures and a post address. You can mail me the physical keys you’ve made.

I’ve tested the CTF myself. It took me about 30 minutes to make three keys from a photo.
Please, don’t publish pictures of your keys, stay safe.

Published by Jan-Willem.

Key duplication revisited

Sunday, August 18th, 2019

A few weeks ago, we tested the Quick Key Easy Pro kit from Multipick, which turned out to work very well for duplicating a BKS Janus key and even a DOM Diamant key.

This time, we wanted to see if you really need such as expensive kit. First, we focus on the metal. Can we use cheap rose metal we obtained from the internet? We use the moulds we created earlier. The answer: yes, this works fine, for both keys. Our first attempt failed as the two halfs of the mould were not properly aligned, but that is “operator error”.

Next, we try to see if there are alternatives to the moulding material. We use cuttlebone, that is also used by silver smiths. We use a standard key to start with. The duplicate looks promising, but does not work. Again, we blame the alignment of the two parts of the mould. Some further testing is necessary. The cuttlebone is too brittle to be used in combination with the holder from the Multipick kit.

Key duplication

Tuesday, July 16th, 2019

Although at Toool, we normally pick locks without having a key, it is also interesting to occasionally look at other ways of opening a lock. I got my hands on a Quick Key Easy Pro kit from Multipick (not affiliated) and decided to test it out. I took it to the Toool meeting with three locks to test it out on.

First up was a BKS Janus lock. I combines the two substances to make the mould, but spent too much time kneading it, it was already partially hardened when I wanted to press the key in. The second try, I hurried up a bit more and it worked nicely. I heated up a pellet of metal and poured it in the mould.

After a short wait, out came the key.

This key is quite sturdy and is thus easy to create using this technique. But the tolerances are quite small. Does the key work?

Yes, it does! And that for the first key I am making with this kit. I’m impressed. Because this key was a success, I decided to take on an even bigger challenge and duplicate a DOM Diamant key. This key is very hard to duplicate, as it has very thin pieces of metal going down the key. The first attempt yielded a key that was incomplete. The metal had not gone all the way in. I melted that key again, made it slightly warmer and tried again. The second time, the key that came out had a hole in the middle, but it had metal in all the important places. And what do you know: this key worked first time around!

Jos made a video of me duplicating the key. I hope you enjoy watching as much as I enjoyed copying the key. Sorry for talking Dutch in the video 🙂

Walter.

Euro-Locks

Saturday, April 25th, 2015

April 24th, a delegation of Toool visited the Euro-Locks factory in Bastogne, Belgium.

Sales manager Jean-Louis Vincart welcomed us and talked us through the history of Euro-Locks, the factories and products. After that, we visited the actual production facility. The Bastogne factory is huge and almost all of their products are completely build here. We spoke with the R&D people creating new molds, saw molten zamac, steel presses, chrome baths, assembly lines and packaging, so everything from the raw metal to the finished product. It’s interesting to see so many products (both in range of products and the actual number of produced locks) being made here, and having no stock of the finished product.

Thanks to Eric and Martin for making the visit possible.

Printing your own nylon bumpkeys

Saturday, August 2nd, 2014

This is amazing. Our German friend ‘Decoder’ just came out with a video showing the first 3D printed bumpkey (made of nylon).

Here is the youtube video:

3D printing of keys

Saturday, July 26th, 2014

Companies have been offering 3D-printing services for keys for a while now. Apparently, not everybody is aware of this, so when Jos talked about this at HOPE, it caused a bit of a stir. Wired wrote an article about it that you can read at http://www.wired.com/2014/07/keyme-let-me-break-in/.

The article describes professional key duplication services. A few weeks ago, TOOOL member Tom decided to spend an afternoon to see if he could make a model of a standard key to be printed on a cheap consumer grade 3D printer. Here is the first result:

3D key

And here’s a picture of two printed keys with an original. The cuts were measured and printed.

3D keys

Here you see the key is working, although you can feel you have to be careful not to apply too much force.

3D key working

The thing the consumer grade printer has most problems with, it first printing separate blobs of plastic that only connect to the rest of the key as the profile is being printed. This means the key had to be lightly filed after printing, to make it operate the lock.