Please ensure that JavaScript is enabled in your browser to view this page.

Most of the hacking you see in movies and TV is complete and utter nonsense. Typing gibberish into a Vim document doesn’t help you “find a backdoor in their firewall,” no matter how hard and fast you smash the keys. But some hacking tropes do have roots in reality; such identifying a passcode after an authorized user enters it on a keypad. Even National Treasure featured this trope with invisible ink transferring from the user’s fingers to the keys. Redditor MrBlack-Magic used a Raspberry Pi to build a thermal camera that makes this kind of hacking far more practical.

Getting invisible ink onto a rube’s fingertips is a difficult thing to do if you don’t have the benefit of a movie plot assisting the process. The ink on the keypad also doesn’t tell you the order in which the keys were pressed, which is a real problem if the passcode isn’t as easy to guess as “Valley Forge.” This DIY device solves both problems with a simple thermal camera. When the mark enters their passcode, their fingers heat up the keys a little bit. If you point a thermal camera at the keypad soon enough, you can see which keys they touched. If your thermal camera is sensitive, you can even see the order in which they pressed the keys by checking the exact temperatures — hottest is the last digit, coldest is the first digit.

That’s possible thanks to the TinkerForge Thermal Imaging Bricklet, which is a module equipped with a FLIR (Forward Looking InfraRed) camera. Like most consumer thermal cameras, that has a low resolution (80x60 pixels). But it is very sensitive, with precision down to 0.01°C. That is enough for to determine the difference between a key pressed 10 seconds ago and a key pressed 11 seconds ago. That Imaging Bricklet connects to a Raspberry Pi Zero 2 through a TinkerForge Master Brick 3.1, which acts as a host for TinkerForge’s range of Bricklet modules. Power comes from a Waveshare UPS HAT and the device displays its thermal analysis on a 3.5” Waveshare LCD screen.

MrBlack-Magic wrote his own software to analyze the heat signatures and infer their age based on current temperature. For this to work, the keypad probably needs to be a material (like metal) with a high enough specific heat capacity to absorb fingertip heat during a quick press. But that also means that the heat will dissipate soon after, so the hacker must analyze the keypad as quickly possible.

Of course, we don’t condone black hat hacking here anyway and so “real world” practicality is irrelevant. Still, this is a fun project that demonstrates what a clever hacker can do with some off-the-shelf hardware.