Tweet
This talk has been canceled:
The Safe-Cracking Robot, or Zero and Back Again, and Again, and Again.
Clayton “Khyron “ Lowell, Principal Security Consultant - NCC Group, He/Him
Demo
45
Can you really build a real safe cracking robot using spare parts and some stuff you read on the internet? I guess that all depends on what spare parts you have on hand and what you’ve been reading on the internet. In this case, a “real safe” is an Underwriters Laboratories - Group 2 mechanical combination safe lock, used in residential and commercial applications which has a “moderate degree of resistance” to unauthorized opening.
Forget waiting hours for an Auto Dialer to churn through all possible combinations.
Using a few simple household electronics, like an Arduino and a stepper motor, we can automate a time-honored technique previously only known to locksmiths, safecrackers, and a handful of DEF CON attendees to open a safe in under 30 minutes! So, come join me to learn how I did it and watch a live demo.
Clayton “Khyron” Lowell is a Professional Security Consultant with NCC Group where he also serves as the Deputy Practice Lead for FSAS NA’s Gateway Services (Attack Mapping, OSINT, and Social Engineering). In his day-to-day job, Khyron leverages his experience in corporate security (blue team), DevOps, systems administration, network engineering, and IT to deliver a wide variety of engagements. Khyron also has ADHD, which results in him taking on a LOT of weird projects. He also has a soft spot for recreating existing tools, often on a shoe-string budget, for the lols.
Khyron’s first DEF CON was DC13, where he participated in the lockpicking contest – he did not do well - but he had a lot of fun and that’s what it’s all about!
@crlowell
https://defcon.social/@khyron
REFERENCES:
Matt Blaze – Safecracking for the computer scientist*
https://www.mattblaze.org/papers/safelocks.pdf
https://www.mattblaze.org/blog/nsa_safecracking/
DEF CON 13 – Leonard Gallion – A Safecracking Double Feature: Dial ‘B’ for BackDailing and Spike the Wonder Safe
DEF CON 14 - Eric Schmiedl - Safecracking Without a Trace
https://www.youtube.com/watch?v=4_lkYQ88kv0
DEF CON 25 - Nathan Seidle - Open Source Safe Cracking Robots
https://www.youtube.com/watch?v=v9vIcfLrmiA
https://media.defcon.org/DEF%20CON%2...ts-UPDATED.pdf
Sparrows Challenge Vault Manual
https://www.sparrowslockpicks.com/pages/vault-manual
Curious Scientist - https://www.youtube.com/c/CuriousScientist
https://curiousscientist.tech/blog/a...-stepper-motor
AccelStepper - Mike McCauley
https://www.airspayce.com/mikem/arduino/AccelStepper/
ElectroBOOM - https://www.youtube.com/channel/UCJ0...0wOKEqT2Z1HEtA
https://www.youtube.com/watch?v=j4u8fl31sgQ
The Safe-Cracking Robot, or Zero and Back Again, and Again, and Again.
Clayton “Khyron “ Lowell, Principal Security Consultant - NCC Group, He/Him
Demo
45
Can you really build a real safe cracking robot using spare parts and some stuff you read on the internet? I guess that all depends on what spare parts you have on hand and what you’ve been reading on the internet. In this case, a “real safe” is an Underwriters Laboratories - Group 2 mechanical combination safe lock, used in residential and commercial applications which has a “moderate degree of resistance” to unauthorized opening.
Forget waiting hours for an Auto Dialer to churn through all possible combinations.
Using a few simple household electronics, like an Arduino and a stepper motor, we can automate a time-honored technique previously only known to locksmiths, safecrackers, and a handful of DEF CON attendees to open a safe in under 30 minutes! So, come join me to learn how I did it and watch a live demo.
Clayton “Khyron” Lowell is a Professional Security Consultant with NCC Group where he also serves as the Deputy Practice Lead for FSAS NA’s Gateway Services (Attack Mapping, OSINT, and Social Engineering). In his day-to-day job, Khyron leverages his experience in corporate security (blue team), DevOps, systems administration, network engineering, and IT to deliver a wide variety of engagements. Khyron also has ADHD, which results in him taking on a LOT of weird projects. He also has a soft spot for recreating existing tools, often on a shoe-string budget, for the lols.
Khyron’s first DEF CON was DC13, where he participated in the lockpicking contest – he did not do well - but he had a lot of fun and that’s what it’s all about!
@crlowell
https://defcon.social/@khyron
REFERENCES:
Matt Blaze – Safecracking for the computer scientist*
https://www.mattblaze.org/papers/safelocks.pdf
https://www.mattblaze.org/blog/nsa_safecracking/
DEF CON 13 – Leonard Gallion – A Safecracking Double Feature: Dial ‘B’ for BackDailing and Spike the Wonder Safe
DEF CON 14 - Eric Schmiedl - Safecracking Without a Trace
https://www.youtube.com/watch?v=4_lkYQ88kv0
DEF CON 25 - Nathan Seidle - Open Source Safe Cracking Robots
https://www.youtube.com/watch?v=v9vIcfLrmiA
https://media.defcon.org/DEF%20CON%2...ts-UPDATED.pdf
Sparrows Challenge Vault Manual
https://www.sparrowslockpicks.com/pages/vault-manual
Curious Scientist - https://www.youtube.com/c/CuriousScientist
https://curiousscientist.tech/blog/a...-stepper-motor
AccelStepper - Mike McCauley
https://www.airspayce.com/mikem/arduino/AccelStepper/
ElectroBOOM - https://www.youtube.com/channel/UCJ0...0wOKEqT2Z1HEtA
https://www.youtube.com/watch?v=j4u8fl31sgQ
Comment