Script Cracks Vault PIN with Brute Force

A PIN with three binary digits has 8 possible combinations: 000, 001, 010, 011, 100, 101, 110, and 111.  With that number, it’s not too time-consuming to brute force attack manually.  Just hand-enter all the combinations and within a minute, you’ve got access.  

With more possible digits, a PIN could end up taking hours, days, or even years to crack with brute force by hand.  So, brute force attacks are often mounted by scripts—the attacker doesn’t have to spend all that time manually typing in different PIN values.  The computer (or in our case, the micro:bit module) does the work, and the attacker can check back periodically to find out if the PIN has been cracked.

Transmitter script: bank_vault_crack

The Bank Vault Receiver micro:bit should still be on and running the bank_vault_receiver script.

  • Enter, save, and flash bank_vault_crack into the PIN Pad Transmitter micro:bit.
# bank_vault_crack.py

from microbit import *
import radio

radio.on()
radio.config(channel=7)

sleep(1000)

digits = ['0','1']

display.show(Image.ARROW_W)

while True:
    if button_a.was_pressed():
        
        display.clear()

        for a in digits:
            for b in digits:
                for c in digits:
                    pin = ''.join([a, b, c])
                    
                    print("pin =", pin)

                    for x in range(0, len(pin)):
                        bit = int(pin[x])
                        brightness = bit * 9
                        display.set_pixel(x,4,9)
                        for y in range(0, 4):
                            display.set_pixel(x, y, brightness)

                    response = None
                    while response is None:
                        radio.send(pin)
                        sleep(100)
                        response = radio.receive()
                            
                    print(response)
                    if response == "Access granted.":
                        while True:
                            display.scroll(pin)

                    sleep(4000)
                    display.clear()

 

  • Press the PIN Pad Transmitter micro:bit’s A button to start the brute force attack.

  • Watch the PIN Pad Transmitter micro:bit’s display as it cycles through all eight combinations of the brute force attack.
  • Verify that the script figures out the correct 011 PIN for gaining access and shows it with display.scroll().
  • Click Open Serial in the python.microbit.org editor that’s connected to the PIN Pad Transmitter micro:bit.
  • Press/release the PIN Pad Transmitter micro:bit’s reset button and monitor the terminal activity. 

See how it keeps trying combinations until it reaches the correct 011 PIN?