Full Disclosure mailing list archives
Re: Master Lock random key code generation/distribution Fails
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 26 Mar 2014 17:17:01 -0500
On 03/26/2014 05:03 PM, Jon Hart wrote:
This is definitely an interesting finding. I'll admit that I don't know what the key code actually does or how it is used, but at the risk of stating the obvious this is physical world equivalent of problems we face daily in the infosec field -- randomization is hard, small key spaces are bad, and vendors will continue to make this mistake (hopefully) until it is disclosed. -jon
Jon,The key code is used to identify locks that share the same key. For a pin tumbler lock, it usually corresponds exactly to the height of each of the pins in order. So the key code 2685 in the image probably looks something like this:
|^\ |..| |..\___ |......| |......\_ |........| |......_/ |.....| ******* Dan _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Master Lock random key code generation/distribution Fails Jimb0 Hon1nbo (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Daniel Miller (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Jon Hart (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Daniel Miller (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Richard Chycoski (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Jeff Kell (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Deviant Ollam (Mar 27)
- Re: Master Lock random key code generation/distribution Fails Jon Hart (Mar 26)
- Re: Master Lock random key code generation/distribution Fails Steve Pordon (Mar 27)
- Re: Master Lock random key code generation/distribution Fails Daniel Miller (Mar 26)