This is a bit of a departure from our technical blogs, but today we’re going to show you how to build your own door opening tool out of hardware store materials. For those who are not familiar with a “lever opener tool”, it’s a tool used by locksmiths (and others) to open doors from the outside. They’re long hooks with a string attached. When the hook and string are looped over a door handle (think the L-shaped bar handles), tension is applied to the string and the hook pushes the door handle down.
It’s my understanding that you have to be a locksmith or an officer of the law in order to purchase/own one of these (Also might depend on your state). But who knows, Amazon is selling them. So as with any of our “how to” blogs, be careful with what you’re doing, as it may not be totally legal in your area. TOOOL is a great place to look at for local lock pick laws.
Here’s a basic MS Paint diagram of how the tool works.
Hook the handle with the top of the tool and pull on the string. This should push the door handle down and you should be able to apply pressure to open the door. These are really simple to operate and can be really handy for entering locked doors. There are a couple of catches though. This will (potentially) not work if the door has a deadbolt. There are doors (see hotel rooms) that typically have linked deadbolts that will unlock when the handle is opened, but not every door is like that.
How to Make Your Own
We started with a couple of requirements on our end for making this:
Parts have to be readily available for purchase
The tool has to be non-damaging to the door
Tool should cost less than $50
The current cost of a Keedex K-22 on Amazon
Here’s the parts list of everything that we bought.
Zinc Threaded Rod ¼”
6 Feet – $3.97
Vinyl Coated Steel Rope
6 Feet – $1.86
Rod Coupling Nut (optional)
3 pack – $1.24
Key Rings (optional)
2 pack – $0.97
Heat Shrink Tubing ¼” (optional)
8 Feet – $4.97
Assembly is pretty simple. If you do not use the heat shrink tubing, the threads may grip into your hands (and the door), so gloves are advised. On that note, it’s best to use the tubing, as it will protect the door you are trying to enter from the threads on the rod.
If you’re using the shrink tubing, slide the tubing over the threaded rod. The stuff we used was a pretty close fit, so we only heated up the two ends to seal it to our opener.
Make your first bend about 4-5 inches from one of the ends. This bend should be an 85-90 degree angle, and will serve as the lever for pushing down the handle.
Make your second bend at the base, opposite of your first bend. This will be a curved bend, versus a right angle. This will allow for easier rocking of the opener to bring the lever up to the handle.
Add an additional bend to the base to act as a handle. This will give additional leverage over the opener. You may want to trim this part, you might not. It’s up to you.
Add the vinyl coated rope to the lever. This can be attached with electrical tape. We added the coupling nut at the connection point to make it easier to tape the rope down.
At this point, your opener should be ready to use. Make sure that there are no sharp or hard points on the opener, to help protect the door you’re trying to open. We also added a handle from a foam sword we had laying around. That is also optional.
Here’s the build process beautifully detailed in MS Paint.
Here’s our finished opener in action.
How to prevent the issue
Preventing this issue is not really a simple solution. However, one simple fix is to add draft guards to the bottom of the door to prevent the tool from being placed under the door. Additionally, handles should not be visible through glass doors. Being able to see the door handle makes it a lot easier to open. Door alarms and motion detectors should also be put in place to detect and alert on unauthorized entries.
PTaaS is NetSPI’s delivery model for penetration testing. It enables customers to simplify the scoping of new engagements, view their testing results in real time, orchestrate faster remediation, perform always-on continuous testing, and more - all through the Resolve™ vulnerability management and orchestration platform.
We help organizations defend against adversaries by being the best at simulating real-world, sophisticated adversaries with the products, services, and training we provide. We know how attackers think and operate, allowing us to help our customers better defend against the threats they face daily.
At NetSPI, we believe that there is simply no replacement for human-led manual deep dive testing. Our Resolve platform delivers automation to ensure our people spend time looking for the critical vulnerabilities that tools miss. We provide automated and manual testing of all aspects of an organization’s entire attack surface, including external and internal network, application, cloud, and physical security.
Our proven methodology ensures that the client experience and our findings aren’t only as good as the latest tester assigned to your project. That consistency gives our customers assurance that if vulnerabilities exist, we will find them.