The 3D printed version could, however, be used to create a mold to cast a more robust replica.
Here’s one way to make a mold.
Lead and cadmium? Jeez
Most locks don’t really keep people out. They just keep honest people honest. At best, they slow an attacker down and/or make it more obvious.
You could already do that by just taking a photo of the key, or using a pen and paper, or press it in a piece of cheese. Basically, half of the stuff one already has at hand could be used to achieve the same goal.
Also I am glad that my keys/locks have security features from the current millenium. Makes it a pain to pick or duplicate (yes even non maliciously, the local locksmith needed to order specially stuff just for me when I needed an extra key)
Do you care to share what special type of lock you use?
You could look at Bowley. They have a fairly pick resistant/proof lock
I wasn’t able to find it online. It came with the house.
It is a flat key that has grooves, normal teeth on the edges, two parallel rows of sparse dimples on the top and two balls that can sink and rise, one large one small.
If anybody knows where to buy more of these, let me know. I only found ones that have some of those features, but not all at once.
I can’t share a photo nor company name since I am out of town for a while and I stored it away. It was some european b2b manufacturer iirc.
No worries, thanks for trying to explain it
the key is laid flat against the Flipper Zero’s display and the depth of each cut on the screen moved to match its physical equivalent. This provides a series of “bitting” numbers, which can be used to cut a working copy of the key.
Neat!
This certainly doesn’t make me want a flipper any less than I already do. Seems so fun to mess with
After pen testing a home network it becomes a novelty item.
Turning off TVs and opening Tesla charging ports is fun for a bit.
The best, though, is setting off the department alerts at Walgreens, there’s a lot that exist that the employees have never heard. When you trigger “help needed in the baby department” then watch the employee reactions it’s a fun time.
Beyond that, it’s a paperweight most days.
Ngl, I use mine almost every day.
My car is old enough that I can replay with no desync, I use it to keep my car running and locked when it’s cold and I pop in for some food on break at work, or if my remote dies; it has every remote in my house in it, xbox one, my living room tv, my bedroom tv, my workshop CRT with the lost remote, my ceiling fan, and can be used on all other IR or (almost all) subghz devices I encounter; my local bar was real loose with the touchtunes remote one tuesday afternoon when I totally wasn’t in to copy specifically that (I gave the bartender rides home when she had a DUI, they’re cool with me) and I was able to copy it, now I can control the volume outside (among other things but I’m responsible with my powers, I only skip Rick Springfield and Don McClean); a couple of my friends no longer need to worry about giving me keys when I feed their cat because RFID, and I “have” a gym membership now (the gym allows sharing, probably not specifically cloning but they’ll never know); I can send myself Pokemon Silver mystery gifts on the GBC, and I have a GPIO board with a link cable to trade pokemon in too; marauder/evil portal is a little too malicious for me but it’s neat, and flipperHTTP is cool too; some of the GoodUSB stuff is cool; I have a 2gb flashdrive image on it I can use in a pinch; and tbh I’m sure there’s more I left out.
Though yeah “we don’t even have a baby dept in this location” and “since when are our CVS announcements in spanish?!” are priceless lmao.
I have a buddy that uses his to spoof people’s apartment swimming pool access cards.
Hunh. I know next to nothing of the tech itself, but I presume that means it can spoof RFIDs? I wonder how, for instance, “membership” stores’ entry scanners might be affected. Intriguing.
Costco has started scanning barcodes and the picture associated with the account appears on a screen employees watch as you walk in now
Same ol’ arms race. 🤷🏽♂️
it can spoof RFIDs?
Yep! I read an article recently about a pentester who was challenged to break into a hotel, and they happened to use RFID in their cards. He social engineered and piggybacked into somewhere and then used a flipper zero to get around inside the building when he hit a locked door
Oh yeah! I vaguely recall something similar, I think? At a hackathon, even? IIRC, a small team had figured out how to effectively “bump” RFID locks, and this method led to the greater community discovering a deeper vulnerability in an enormous number of security systems across the globe (single manufacturer/distributor?)… Ah, the many ways ADHD+THC are preternatural super-twins is often why they’re picked last for teams. 🤪
It was nothing more than a novelty after about a day and a half, even with the WiFi module.
Think of it like one of those 3-inch swiss army knives, but for IR tech and radio. If you mean to do work. Use the correct tool for the job, but there is no reason you cant acomplish what your trying to do. They are great for learning, if I was teaching a kids about cyber security, a flipper zero would be on the required tool kit.
Yes, you can do harm with them, per the previous analogy its still a knife. However, devices not hardened against simple replication attacks or brute force acomplished by something barely more powerful than a TI-84, those manufactures and customers needs to take the security of their products more seriously.
This jams the lock! :D
It would work a couple of times. It’s just not a long term solution.
Only if the lock isn’t worn or dirty on the inside. I wouldn’t trust this for any outdoor lock or older lock. Even cheap locks with poor fit and finish causing rough operation would not be a good idea. This is a fun gimmick that could easily cost you more money than it’s worth.
The only way I might use it is if I were to use the 3D printed key as a pattern to cast a metal one. And I ain’t got time for that.
I personally think it would hold up, so long as it wasn’t abused. 3D prints are weak and prone to breaking with in the inter layer structure. Intra layer, they are quite strong. Also when they fail, intra layer, they tend to deform, rather than snap.
Material matters however. PLA is relatively prone to breaking. PETG or nylon are far tougher.
It’s also worth noting the use case here. It’s either nefarious (breaking in) or one-off (unlocking a door where you no longer have the key available). Neither requires long term survivability.
I’ve had one of these 3d printed keys in my wallet as a backup in case I get locked out for 5 years now. I certainly don’t use it often but yeah it holds up fine.
The couple of times I have used it works fine but you certainly want to be a little extra careful with it. I’ve got locks that are only 5ish years old so they all turn rather easily, and I avoid my door with the deadbolt when I use it because that would probably be too much for it.
Mine is PETG but for how thin it is, it flexes a lot. I figured flexing is better than snapping off, but I think PLA or maybe a polycarbonate would function better. A nylon would probably be too flexible like the PETG.
PLA+ is too bendy, confirmed. It “works” but I needed to use a separate tool like a tension wrench to turn the lock.
Old locks can be brutal to keys, it’s what grinds the steel keys down & at some point even new keys don’t last as long.
I fully agree, but most locks aren’t in that state. 95% of the locks you might want to use this technique on would be in a reasonable condition.
Yes, I agree, it’s perfectly fine - jamming the door is more of a phobic anxiety.
Then again, 95% of such locks are prob vulnerable to simpler attacks.
Im interested in how a flipper can help? Is it some app that tells you how high the pins are?
Yes it has a key copy feature, it’s a key graph.
I saw the video too and I found it somehow stupid to 3d printing a key when you can go to locksmith
How many people know a locksmith versus how many people know a 3d printer?
You just need a picture of a key, a key blank, and a file.
It’s always been extremely easy to copy standard keys.
Yes, this automates some of it, but honestly if you’re smart enough to know how to use a flipper Zero and a 3d printer, you can cut a key by hand (assuming no disability prevents you from having fine motor skills)
If you’re copying keys like this, you probably don’t want a paper trail or additional witnesses.
if you have a 3D printer it
deniessaves you a trip to the hardware storeplus you could print fun… novelty keys. ( ͡° ͜ʖ ͡°)
you could even print them from dissolvable filament so that if your idiot guests lose them outside they’re likely to dissolve in the rain
or maybe there is such a thing as self destructing filament that doesn’t require water? like some kind of heat activated depolymerizer that takes a few days to break down after printing. that could be really useful for like an AirBnB
There’s a chocolate printer 🤷
