I probably would not write this article if I hadn’t come across another article on hackers . What caught me: this is a very one-sided and clearly incorrect use of the word hacker, which is typical in general for modern statements in the media, blogs and articles.
Historically, the words hacker and hack have a much broader interpretation. On the one hand, these are ingenious decisions in the program code, on the other, it is a “hacking” of systems in a broader sense: not only information systems, but also other systems of reality surrounding us (in other words, the real world - RL).
But even if we talk about "hackers of information systems", then we can not but mention such concepts as black hat and white hat.
Well, now, trying to restore the terminological injustice regarding hackers, I want to talk about one purely hardware hack of one of the RL systems.
Background
It just so happened that in recent years I almost stopped using cash. Living in a modern city, I had less and less places where I could not pay with a card. About a year and a half ago, I got a card with NFC. But carrying it in your pocket is still dumb (I know a bit about how everything happens with these NFC payments).
The next time I changed the phone (more precisely, a smartphone), I chose a model with NFC and quickly got there “Blah Blah” Pay or simply * Pay (let's call it in order to avoid unnecessary advertising). Very soon, I became convinced that there were practically no terminals left that could not do NFC with * Pay in my everyday environment. Again, knowing how it all works at work (* Pay is a much safer system than a card with NFC in your pocket), I quickly began to leave a bank card at home.
And here it is, a bright modern technological future, when for everyday life in your pocket you only need a phone! ... well, and the keys to the apartment.
How brutally I was “landed” in “ancient modernity” when I once again visited a rather modern and technologically advanced store and found that I couldn’t take a grocery cart without 5 or 10 ruble coins. Some wise men decided to cut costs on those southerners who collect carts in the surrounding parking lots and such as our thrifty man for his hard-earned 5 or 10 rubles will take her to the general parking lot of carts at the entrance to the store.
I’m such a whole modern one, living in a bright modern world, when I have both a discount card and * Pay on my phone, and I directly take a scanner from this discount card in the room, and I scan my products myself, and then I pay with the phone without a cashier, but take the cart - take it and find somewhere the damn coin !!!
I must say right away: I was in a stupor. My first reaction was to start swearing very loudly. Then I tried to “shoot a piglet” at other visitors to the store: yeah, well, we have a coin of 5 rubles - a money sign that you can’t buy anything really, no one will give you that. Then I thought - maybe someone threw the trolley in the parking lot - but still not - our fellow citizens want to get their hard-earned 5/10 rubles back even if they are far away to carry heavy bags to their car. Then I realized that I could still take a net (such that I could carry it in my hands) without cash in my pocket. But then I need about 3 grids, but only two hands ... Actually that first time I just reduced my shopping list to "only super-necessary" and managed the same grid.
And yes, next to that they hung this type of apparatus:
A separate question for me is the proposal to exchange 10 rubles with a coin for 10 rubles with a coin ... but, most importantly, I still do not quite understand: where do I put my smartphone with * Pay into this device?
Hussars, keep quiet!
There is no need to offer a word in the letter in response to “where to put it” - in this way you still won’t get 10 rubles from the machine.
Well - they pissed me off.
And this is not worth doing ...
The evening passed in thought. Their path was something like this:
- Carrying for a store 5/10 rubles in my pocket - when I find myself in a store, these coins will be, as luck would have it, in the pocket of other clothes. Not an option.
- Drill a hole in a coin and attach it like a keychain to the keys (well, this is actually the second permanent artifact in my pockets) - but then I will go around the store with the keys hanging on the cart. Rave! Of course, you can hang it on a carabiner, but anyway - it is inconvenient to unfasten and fasten each time.
- Make a badge (like those of Finns) - a coin substitute - go back to options 1 and 2.
- It is necessary to make sure that I can unlock and then leave nothing in the blocker. Those. need a "master key" for the coin-receiver of the lock. Here its keychain can be hung and removed every time unnecessarily.
That's the idea 4 and I stopped. The first step was to figure out exactly how the coin is blocked and whether it can be stupidly pulled out of there ... but no, the first thing I looked at was the rules for the buyer of a couple of stores where such locks are on trolleys, and I did not find any items there that would forbid to insert into coin-receiver of the cart is something other than coins in denominations of 5 or 10 rubles. Maybe of course I was looking very badly ...
And now, making sure that formally I did not break any rules, I set about collecting information and experiments.
Do you want to achieve a result - formulate a goal
So, choosing a direction, I decided to formulate requirements for the "final product":
- "Product" should be made in the form of a keychain to a bunch of keys and not require removing it from the bunch
- "Product" must successfully unlock the cart
- The “product” must be removed without any effort from the lock after unlocking the trolley
- (additional requirement) the trolley should normally fasten to other trolleys in the "parking" of the trolleys (with the extracted "product" or with the inserted one).
You see the goal - move!
To begin with (looking a little ahead) I will list those blockers that I came across and on which I tested my solutions:
1. The blocker conditionally called by me "Plastic" - it really is all so plastic and rather flimsy. It was set the very first experience in this story.
2. The lock under the code name "Kondovy" - it is quite old (I have seen such a long time and many times). It is made quite soundly. It was he who became the object on which I decided to definitely test all my decisions.
3. “Zhlobsky” blocker - it was discovered by chance already during the testing of solutions, it got its name because it is only unlocked with 10 ruble coins.
Well, the direction is set, the primary data is collected, we begin the movement
First of all, I took some old plastic card and cut out a “coin with a pen” from it. A coin of 5 rubles was taken for the specimen. To add thickness, we glued together two identical parts cut out by scissors from the map (+ a small finishing file). This is how “Skeleton Key v1.0” appeared (unfortunately there is no photo, but below there is a photo “Skeleton Key v.2.1” which, when folded, repeats “Skeleton Key v1.0”).
The first experience with the “Plastic” blocker showed that the “Lock Pick v1.0” is removed from the blocker with some effort. However, Kondovy showed his character - pulling my “product” out of it cost me a lot of effort, a broken master key (it was stratified and a notch appeared on the edge), and it was accidentally torn with the keys of a finger.
Only wimps give up after the first failure
Important. In both experiments with the “Lock Pick v1.0”, I was able to successfully unlock the trolley, as well as dock the trolley to the others in the “parking lot” without inserting the “master key” into the lock. So, at least goals No. 1, 2 and 4 have been achieved - and this is already some achievement.
Well, failure with goal number 3 is just a reason to rethink. Exactly so, on the evening of the same day when I failed with the “Lock Pick v1.0”, I sat down and cut out two more options from the old plastic cards: “Lock Pick v.2.0” and “Lock Pick v.2.1”
The first was a “Skeleton Key v1.0” again glued from two halves, in which a cut was made on the side (where the bully was). Thus, the disk simulating a coin received a notch.
As my unsuccessful experience showed, the coin in the lock is fixed on both sides, so that the stops on the coin are located at an angle of about 200 degrees.
The idea of ​​the cut-out is that the cut-out can be positioned opposite the coin latch on one side, and then on the other hand the disc simulating a coin can pass by the latch.
The photo of the primary “Lock Pick v.2.0” has not been preserved, but a little later there will be a photo of a slightly modified “Lock Pick v.2.0.1”.
The second “Skeleton Key v.2.1” arose from the assumption that the coin latches might somehow work incorrectly when the cart was unlocked if they did not rest against the edge of the coin. This “master key” consists of two parts, each of which repeats the idea of ​​“Master Key v.2.0”, but the cuts are made deeper, and when folded together these two halves form the outline of “Master Key v1.0” - a “coin with a handle” which is for sure could unlock the cart (it would be foolish not to use even the partially successful results of the first tests).
Here is what “Lock Pick v.2.1” looked like when folded and unfolded:
Tests "Lock Picks v.2.0" and "Lock Picks v.2.1" began with the "Plastic" lock. Results:
“Skeleton Key v.2.0”: successfully unlocked the trolley, however, it turned out to be difficult to remove. After placing a slot opposite one of the coin latches, the master key rested against the lock body. Nevertheless, they managed to get the “Skeleton Key v.2.0”, but given the fact that the “Skeleton Key v.1.0” was removed from this blocker, but got stuck in the “Kondovo”, the test result had to be considered unsatisfactory.
The “master key v.2.1” also successfully unlocked the trolley, removing the parts did not require effort and was so simple that one part itself fell out of the trolley lock while I rolled it from the “parking” of trolleys to the trading floor.
A little bit about testing conditions
I had little doubt that I would be able to get rid of any claims of shop security workers by referring to the rules, but I did not want to contact them. And in some stores, one of the guards constantly monitors the “parking” area of ​​the carts. In order not to attract attention, I came up with a “master key” and a real coin (in case of a failure of the first phase of the master key test - unlocking the cart) I took the cart and went to the trading floor like all the customers. And already in the trading floor the second phase of testing was taking place - removing the “master key” from the blocker.
Only in the case of the Zhlobsky lock, nobody controlled the cart (neither the guards nor the cameras I saw) and there I experimented without taking the cart from the parking lot, which significantly accelerated the finalization of the latest version of the “product”.
Only in the case of the Zhlobsky lock, nobody controlled the cart (neither the guards nor the cameras I saw) and there I experimented without taking the cart from the parking lot, which significantly accelerated the finalization of the latest version of the “product”.
Thus, testing “Lock Picks v.2.1” can only be recognized as partially successful. In addition, the “Skeleton Key v.2.1” consists of two independent parts and it will be difficult to place them as a keychain on the keys without having to remove one or two halves from the key ring, which does not meet project requirement No. 1.
Light is already visible at the end of the tunnel, and it may not even be an electric train ...
The insulting flaw of the quite acceptable version of “Skeleton Keys v.2.0” did not stop me, I found an ala-Swiss penknife with small scissors in my pocket, and they cut the handle and cutout of “Skeleton Keys v.2.0” which turned it into a “Skeleton Key v. 2.0.1 ".
Another call (I cut right in the store, right after the first series of tests of “master key v.2.x”) and voila: “Master key v.2.0.1” is successfully removed from the “Plastic” lock without any effort. Before the subsequent testing on the “Kondovy” lock, the “Skeleton Key v.2.0.1” was slightly doped to its final appearance with a file. The result of repeated tests is complete success!
“Ready product” - “Skeleton Key v.2.0.1”:
The goal is achieved, but is it worth stopping?
The first thing I decided to additionally check was whether the thickness of the “product” plays a role, whether it is possible to unlock a sandwich from the details without glue and without looking for a thicker material for the manufacture of the “product”.
And here the tests gave a very mixed result. That is literally ambiguous - one and the same type of lock is unlocked once, but not the other time (a reserve coin saved from unnecessary digging on the “parking” of trolleys).
There you go. What does it mean? On the one hand - well, if the sandwich works, then okay, but the question is - but there is no answer.
And here, by chance (I didn’t look for it on purpose), I came across a Zhlobsky blocker and the conditions for tests are ideal (no one controls the “parking” of trolleys). However, in the pocket there is only “Skeleton Key v.2.0.1” and two parts of “Skeleton Key v.2.1”, all this is done under 5 rubles, well, there’s a knife with scissors ... “Skeleton key v.2.1”, “turns with an easy movement of the hand, turns "In" Lock Pick v.3.0 "- ten rubles! But the chervonets is wider than the nickle, so that in thickness, folded in two halves, “Skeleton Keys v.3.0” do not reach the desired width.
Quietly testing (the testing conditions are ideal) “Lock Pick v.3.0” on “Zhlobsky” - not unambiguously - will unlock every other time. Sometimes it falls clearly deeper.
The application of the method of scientific poking (in this case, literally) gives roughly the following understanding: the very plate that the coin pushes when unlocking the cart clearly has a thickness less than the coin. And if you definitely don’t get into it with a narrow “master key”, then unlocking does not occur.
Actually, this is the answer to the question why a narrower “master key” unlocks the trolley once in a while. Conclusion: the thickness of the “master key” is still worth choosing according to the thickness of the coin. This will guarantee reliable unlocking of the cart on the first try.
How it all ended
Well, actually the answer to the question: what will be the final version of my “product”? It was decided precisely after the discovery of the Zhlobsky blocker. If there are locks that can be unlocked with both 5th and 10th rubles and those that can only be unlocked with 10th rubles, then there should be a ten-ruble “lock pick” in your pocket.
So, here is the final design: “Skeleton Key v3.1” - these are flowing forms combined with an elongated elegant handle. It is made of a triple sandwich made of plastic cards, modified by a
Tests on all three types of blockers were 100% successful. The pen turned out a little narrow, but beautiful.
PS "Why aren't the source code on GitHub-e?"
I won’t give exact drawings (I don’t have them - I did everything “by eye”): you can do such a “master key” yourself: circled a coin and painted a cutout and a pen, cut it out (with a small margin), trimmed and ready . If you glue from several layers, then I advise you to grind one blank to the desired size (you can grind it with a coin), and glue the other two blanks on different sides of the first and grind (after the glue has dried) all together, using the middle layer as the finishing point.
I wish you success in hacking and let it be within the law.
PPS about honor conscience and all that
If someone wants to call me to my conscience or other terms that are not quite clear to me, then I’ll clarify for you separately:
... and in general: don’t teach mehow to live, and I won’t tell you what type of trip you need to go to, but rather help financially (a joke).
- The goals to deprive the unfortunate collectors of trolleys in the parking lot did not stand in front of me - I generally try to take the trolley even without coin locks, even if not to the "parking" of the trolleys, but at least to the place where it is closer and more convenient to collect. Having switched to the "master key", I bring the trolley to the general "parking" of the trolleys.
- The resulting “product” cannot be used for illegal enrichment by stealing coins from blockers of other people's carts. It works only to unlock the cart.
- I’ve already noticed several times in stores the same level of confusion as I did, the first time I came across these stupid locks where they were not there before. So the problem does not concern me alone. During my tests, I handed a couple of such people carts without coins in the lock.
- I do not think that someone else will come to the solution published here. Moreover, I’m sure that I “invented the bicycle”: if you google it well, then you will surely find more than one such solution.
- If the rules of some stores clearly state that you cannot shove anything except 5 and 10-ruble coins into the cart locks, then you can voice these stores — I won’t go there with my master key.
... and in general: don’t teach me