Meet R2B2, the Robotic Reconfigurable Button Basher. Its specialty is cracking multi-digit PIN codes on items like Android phones. R2B2 is the brainchild of security researchers Justin Engler and Paul Vines. They put it together out of three $10 servomotors, a webcam, an open-source Arduino microcontroller, a plastic stylus and a collection of 3D-printed parts they built on a MakerBot 3D printer.
R2B2 doesn't use any specialized password hacking software; it simply punches in every possible code until it hits the right one. This technique is known as "brute force" within the hacking community and it gets quite boring – which is why Engler and Vines decided to invent a robot to handle the dirty work.
"We used to joke that we'd have to hire an intern to press all these buttons," Engler said. "It turns out its much better to get the intern to help make the robot. Then he also has time to get coffee."
There are 10,000 possible combinations of numbers in a four digit PIN code and R2B2 can work through all of them in less than 24 hours. "When you see a robot working like this, you think, 'maybe I should have a longer PIN. If I'm a CEO, a four digit PIN is a problem, because it's worth 20 hours to break in and get my confidential emails,'" said Engler. "There's nothing to stop someone from guessing all the possible PINs. We often hear 'no one would ever do that.' We wanted to eliminate that argument. This was already easy; it had just never been done before."
Engler and Vines recorded a video of R2B2 doing its job:
DIYers will be pleased to know that will be releasing all their software and blueprints to the public. They also plan to continue working with R2B2 until it can press mechanical buttons like those used on combination locks and hotel safes.