Tuesday, June 20, 2017

A very brief guide to making a challenge lockbox

I had a couple requests to document the build process I use for making lockboxes. This year I made new challenge boxes for dcdarknet at defcon 25.
The Neapolitan Trio

Here's the previous version:

"Lockbox 1"

Here's the very first one I ever made:
"The Rook"

It's been a long process of create, test, (fail), revise. The original challenge I built, The Rook, was very visually pleasing, but the mounting equipment I cobbled together was not sufficient to handle several hundred people wrenching on it all day for the entirety of defcon 21 (?), several of the locks became loose and all you needed to do was grab the housing and twist to activate the scoring mechanism. There was no way to open it without destroying it to service the locks, or the other internals, all in all it was a good learning experience but completely illogical for long term use.

The second edition, Lockbox 1, had several good revisions. You could open it to service it, the locks were removable, it could be much more easily transported. Still had the issue of locks spinning after hundreds of people applying tension to the locks though. No matter how hard we tightened the nuts down on the locks they would eventually work loose. The scoring mechanism was very simple, the positive wire was secured to the lock on the cam screw, the negative wire was attached to a screw that the cam would contact when the lock was picked. That idea didn't hold up very well either, the wires came loose often and caused problems, not to mention just failing from repeated wear and tear of flexing multiple times. The display had exposed connections that would get shorted out of anything conductive was ran across them, such as the keys, of someones lockpicks. The battery was accessible, but you had to open the box for maintenance and it was a hassle.

The newest version is the culmination of all the lessons I've learned on how not to do things.

So that's a short(ish) history on the lockboxes, here's a brief rundown on some of the techniques and mounting hardware I use. I can't go into too much depth as these are the new versions that will be in use this year, and hopefully about the next 3 years.

First things first, plan out your entire layout and make sure everything will fit in the area you have available. Do I do that? No, Does it bite me in the ass every single build? Oh yeah, multiple times. The pictures below are from a testing board I used while building this years boxes, so ignore all the extra holes, half and half stain job, etc etc....

I usually use pin tumbler mortise cylinders and then some wafer locks and padlocks as these are the three most common locks people run into on a regular basis.


A 1 3/16th inch hole saw is perfect for cutting holes for cylinder locks. The 3/4 inch hole saw works well for most cabinet style wafer and tubular locks. When planning the locations, make one pilot hole directly in the center of where the lock is supposed to go, this ensures you're centered no matter which side of the board you're working on.

Next I drill a relief on the back side for all the cylinder locks. Why do I do that, well remember the issues with locks spinning loose? We made a solution for that.

Say hello to my little friend, the StopSpin (trademark, patent pending, etc). I worked with my friend and fellow dcdarknet contest agent Bunni to develop these lovely little helpers.




The tabs on the StopSpin interact with the grooves on the lock to stop them from spinning once it's screwed down onto the board.


This allows us to swap out locks by just removing the nut and popping the lock out. No need to apply the strength of the gods to tighten the nut down, the lock can't spin loose so all it needs to do is stop the lock from falling out of the mounting hole.

It's the most efficient mounting method I've found. I've seen, and tried myself, most of the mounting methods documented on lockpicking101 and various other sites. Nothing else I've tried is as easy to mount and swap out locks on a board.


The other locks I just use the included anti-spin holders that interact with the flat sides of the lock body.


Make sure to align your movement restriction washers properly so the locks turn the correct way. This also creates an added difficulty because the people trying to pick them don't know which way to tension the lock.


This gives you a nice flush mounting on the face of your board, stops the locks from spinning, and makes swapping out locks quick and easy,



I routered the bottom edge of the boards so that they sit low enough in the ammo boxes so that the lid doesn't come into contact with them when closed. The ammo boxes are just regular bunker hill boxes from harbor freight, you can pick them up for ~$4 if you get them on sale with a coupon, which they pretty much always are.
The rest of the build is all confidential info, but this should give you enough information to plan and make you own practice stands/holders/challenge boxes.

All the software and circuit boards are handled by Bunni, he's the real brains behind these as far as making them do what they do. I'm just a monkey with a wood shop.

So if you happen to be at Defcon this year come on down and join the dcdarknet contest (shameless plug) and give these lockboxes a spin, let me know what you like about them, how you think they could be better, what kind of different locks you'd like to see, etc, I keep a bucket nearby to catch the tears of those who are defeated by the locks.

No comments:

Post a Comment

All comments moderated.
Comments like "sweet dude" or "this is awesome" or "thanks" will be denied,
if you've got something genuinely interesting to say, say it. Other than that just sit back and bask in the glory.