ไม่สามารถเล่นวิดีโอนี้
ขออภัยในความไม่สะดวก
I THOUGHT I could hack any Ikea lock...
ฝัง
- เผยแพร่เมื่อ 5 ส.ค. 2024
- Update: I was mistaken - this likely isn't a security issue! Please see the first pinned comment. TL;DR - After the first time I touched a master key, I was then able to enroll a second master key within a certain period of time. Due to testing all keys back-to-back, I likely enrolled master key after master key!
Thanks for watching! As always, feel free to reach out if you have any feedback, further commentary, or ideas - you can comment below, or my email can be found on my TH-cam channel "About" section.
Check out the Blog: / every-medium
This lock is programed so that any nfc card can lock it. But for unlocking it you need to use the same card again or the MasterKeyCard. Any other card will not work. It's the same Principle as in locker with nfc.
Uh oh, you're very correct! I looked into it, and yeah - I think my issue here was that I tested each one of my cards back-to-back on the bench, so I was basically just writing new master key after new master key... I will 100% be noting that in my follow-up video 😰
@@every-medium Yo sticky this. It's an interesting addition that provides clarity and doesn't necessarily negate the video. In fact, I can't wait to see how that's coded and confirmed, if you're able to get that as well :)
@@orchishgrunt7888 Yeah. I'm very interested to see it too!
That's actually making me consider getting one after all, thanks!
Can't wait for the follow-up
So basically like the hotel credit card locks?
If i remember correctly. When the lock is open you can pair another device like a phone. Should be in the online manual. Think it only supports one. This would explain why you can close and reopen the lock.
I'd love to see what happens if you lock it with one NFC device, then try to unlock it with another.
Yeah, I'm wondering if it's not looking for a specific tag, but programs itself with whatever tag you locked it with.
That makes a lot of sense. The lock comes in the open position, so they could chuck in any pair of NFC cards during manufacture without individually programming individual locks. Once you've locked it with your individual card, only that card will open it.
Thoroughly enjoyed, and looking forward to the next one.
Oh, I'm very excited about the next video! I suspect something quite trivial, like Ikea finding it too bothersome to write the cards to match the lock or integrate any learning features for new cards....
Great video, looking forward to part 2!
Along with the “reprogramming” issue already mentioned in lots of other comments, the “leaving people with permanently locked furniture” statement is also false. The lock auto-unlocks when the batteries are too low specifically to prevent that kind of lockout.
To be fair, it *may* still be possible that it is very bad at detecting the battery level and getting so low that it can no longer unlock, but that would be a different issue.
Oh well.. so not totally blocked but.... how many months blocked until battery dies? hehe
I mean, in the “locked” state it’s using less than 1mA of power, as the NFC chip (ST25R3911 for those interested, the datasheet is available on the web) supports capacitive card detection which uses next to no power
I have 3 of those (1 in my furniture and 2 for DIY projects overriding the internal controller and controlling the lock via MQTT), and the un-modded one in my cabinet has been going for 2 years now without requiring a battery replacement yet
But yeah, they’re actually engineered pretty well, aside from using the UID detection for non-master cards, which can be easily spoofed with a flipper zero or a chameleon. But I guess that’s the only way they could ensure that they support any NFC-A card regardless of the actual card’s capabilities
I appreciate the additional context - it makes sense they would program in a fail-safe like that. I definitely dropped the ball in a few different spots in this video, and more research was 100% needed before jumping to conclusions. Sorry about that!
just a thought from me...a way i would make a product or project that could use any nfc card is see if it has a writeable area, set a bit or a few bytes, lock and only look for the set bits before unlocking. so just as a sanity check. lock it with one card and see if any of the other cards will unlock after it is locked. also could be the other way around that the micro just stores the ID or something about that card before unlocking. all of this is mute if you can lock it with one card and unlock it with a different unique card with a different uid or data.
FYI you can use your nucleo devkit as an ST-Link Debugger for external MCUs
Very interesting... Im in a community where folks pretty regularly build card readers for emulating some games that typically would load profiles via cards... If you find a way to reliably edit the firmware on these babies, i wonder if they could be recommended in lieu of a fully custom solution? Very cool stuff!
What is that debug pin setup contraption you use? I do a lot of work requiring me to make temporary connections for programming. For things I work with all the time, I'll make 3D printed programming adapters using pogo pins, but for things I only work with once, or rarely, I can't justify the time and effort. In those instances, I usually end up soldering 30GA Kynar and using those clip things. That contraption you have looks like it would be quite useful for me.
In the manual it says that you can add an aditional card. Did you make sure that you did not use this feature? In any case RTFM
Cool video ! Shame the lock is terrible, am subscribing to keep up with your work on this. Love the presentation style. 🎉
The lock autoprograms itself with the card used to lock it so you can use any nfc device you want as a key and not just the one provided
😬 If its not user error on the setup then oh lordy is that broken. Nice vod and looking forward to more of your content.
tom nook is the cutest 💙
For the Flipper stuff: It seems they had some problems with storing nfc cards and emulating them back to back. check if you updated your flipper zero. this could be reason, why it wasn't able to emulate it :)
And i see and interesting header on the pcb, which is connected to the stm32 variant. don't have the datasheet on hand, but it could be a debugging port of this chip. There is a neat little trick in putting the test clip through the hole and hook onto some wire or so, the test clip doesn't can go back through the whole. the tension will pull the test clip against the contact. i think the holes are the debugging interface.
I had a feeling he was going to pull the flipper 0 out
Hi,
What brand of testpin bench do you have? Im looking for one and this one looks like it has what i need
During the entire video I couldn't stop thinking about the fact that if the battery dies, this thing locks itself inside a cabinet. What's the recourse? Does it at least warn you that it's running low on battery?
LPL would be proud of you
It can have one NFC card in addition to the two master keys.
I don’t feel that’s a problem. You need to reprogram it to accept a new card, you can’t just add 10 of your own NFC card.
Did you RTFM?
Dude I'm glad that the algorithm got me here, cool video but im too high to explain why it's a good video :D I'll be waiting for new videos, cheers!
How would you install it?
This is what my computer says use the anykey?
Why doesnt'work with flipper zero?
Well produced video from a small creator with good production quality and decent information - except that the core issue regarding the smart lock is entirely wrong and you just reprogrammed the custom key for it every time :p
Me and a friend did some research on this unit when it was new a while back. Never got to the point of dumping the firmware, but it seemed to be fairly resistant (more resistant than some industrial access control systems...), especially considering the price and usecase (keeping a piece of ikea-cardboard/furniture locked.)
yay if i dont get a closet open i`ll use an amibo
No way! I have that devkit! Small world.
Will it run Doom?
Tiny tiny mistake but the STM uC is cortex-M not cortex-A. Looking forward to the following video :)
I wonder should I click thumbs up, thumbs down or leave as is? :-)
It was entertaining anyway, thanks!
I'm so surprised that it can handle such a popular device Flipper Zero, but it can't handle simple NFC cards.
nah, the guy was just using it wrong. I can successfully clone most hotel cards with a flipper so if this is the same kind of card then it should be trivial. And considering it unlocks with any card you could probably create a fake card directly from the flipper menu with a random serial number without having to clone anything.
You ever heard of PCBite? They produce a way more convenient way to probe your PCBs.
Looks like you mislocated pin1 of the STM. Your probing instrumentation seems to be 90 degrees too far clockwise…
I was wondering if my presto card work work, then poof he busts out a preso card!
its not a lock its an unlock
well don't buy this ikea sh*ttzle
You should 100% change the thumbnail and title, leaving it as is is extremely misleading...
4:16 Why would you pronounce Mifare like that ew
I think you might need a lesson or two on how to properly use the flipper. This kind of card is quite easy to clone, you shouldn't need a proxmark for this.
the flipper had a firmware bug in emulating cards a while back. i had this problem out in the field as well and luckily had my pm3 with me...switching to another firmware solved this issue on the flipper for me. so...might be that.
@@nv1t People actually run stock firmware on the flipper? Damn... That's like buying a Lambo and never going above the speed limit.
Why do you call yourself the LockPickingLawyer when you are clearly not?
The LockPickingLawyer is a very good & popular TH-cam channel that is on YT since 8 years. Why do you pretend to be him?
It is very obvious to me that you are not him; because your voice is totally different and your hands in this video are also different. I just don't like it when people pretend to be somebody else.
As for the content in this video ; I thought the content in this video is good & interesting. Showing the potential security flaws in locks, electronics is very good en informative for the general public.
Just for the content I would considering to subscribe to your channel.
But please drop the act of pretending to be the LockPickingLawyer. Because the LockPickingLawyer channel is one of my favorites on YT!
Can't you handle a joke lol ?
Misleading title. Disappointing video.