bypass android password

What do I need to know? android

  • Santoku Linux:

bypass andrpid pin

First, let’s get into much more details about Santuko Linux. It is an open source platform which is utilized for the purpose of mobile forensics. Santuko Linux could also be harnessed for analyzing and securing such devices thereafter.

It depends mainly on a Linux environment –which is bootable– where it is easy and also simple to play around with various tools. Software development kits (SDKs) are configured in such environment. Drivers and utilities are also pre-installed inside the operating system. In addition, Graphical User Interfaces (GUIs) are supported by the operating system in order to enable a user-friendly experience for the user. Any newly connected mobile devices are automatically recognized and setup.

Data could be perfectly collected and analyzed through several methods. Multiple manufacturers have their firmware flashing tools inside the Santoku Linux. Forensics tools for some commercials are offered as free ones as well. A plenty of valuable scripts and utilities are also designed for mobile forensics and used for this purpose.

Mobile malware is able to be examined through mobile device emulators. Moreover, the dynamic analysis could be achieved by simulating network services, depending on several utilities in this regard. Databases of such malware could be accessed through Santoku’s different utilities.

Mobile applications could be tested for their security and also be assessed via tools which are able to make any disassembly or decompilation. Common issues in a mobile application could be easily discovered by certain scripts. Different scripts have the capability to get the binaries decrypted, the apps deployed, and also the app details enumerated.

  • Types of screen locks:

In fact, there are a plenty of screen lock types which are available to use on an Android device. Five main categories exist in this regard:

  1. None: this means for sure that there are not any screen locks on this device
  2. Slide: this means that a device could be simply unlocked by moving the slider
  3. Pattern: this means that a device could be unlocked by getting the dots connected to form the right pattern.
  4. PIN: this means that a device could be unlocked by getting the correct number inputted
  5. Password: this means that a device could be unlocked by getting the correct characters forming the password inputted.
    bypass andrpid pin

How to setup a PIN/Password lock?

The following are the steps for setting a Pin up for an Android emulator. For password, the steps are pretty similar.

  1. On the created Android emulator, “Settings” should be visited first of all. From there get into “Security” where the option of “screen lock” has to be chosen.
  2. A PIN could also be created by simply having chosen “PIN” instead of “Pattern”
  3. Choose the new Pin and type it now.
  4. This PIN has to be confirmed with the same PIN inputted again for the sake of making sure of such number.
  5. “OK” should be pressed at the moment and get out of the wizard through the back button on the emulator.
  6. The power key of the emulator has to be pressed in order to get the device locked right now.

bypass andrpid pin

How to get a password/PINlock bypassed using adb?

  1. Get logged in into the emulator as a root.
  2. Make sure that the real device enables USB debugging before getting to start the process.
  3. We need to get two files named “password.key” and “locksettings.db” and manipulate them in order to crack the password or the PIN code.
  4. First of all, the location of the hashed password is inside “/data/system” and the file inside which the hash exists is called “password.key”
  5. In the same location of “/data/system” exists another file named “locksettings.db” where a generated random salt gets stored. Both files of the hash and salt have to be utilized when attempting the brute force cracking method against the PIN code.
  6. First of all, we need to pull the two folders into the local machine, for this purpose we should go through three main steps:
    1. Change the working directory to become /data/system on the emulator:
       /data/system/password.key
      
       /data/system/locksettings.key
    2. Get the two files copied onto the SDcard using the following commands:
       # cp /data/system/password.key /mnt/sdcard/
      
       # cp /data/system/locksettings.db /mnt/sdcard/
    3. Get the files right then pulled from the SDcard to get mounted onto the local machine using the following commands:
       $ adb pull /mnt/sdcard/password.key
      
       $ adb pull /mnt/sdcard/locksettings.db
  1. Let’s have a look on the hash stored the file of “password.key”. This could be basically accomplished through the following command:
“cat password.key” 
  1. The file of “locksettings.db” could be as well opened yet with another command this time since it follows an SQLite database format. The command specified for this is as follows:
“sqlite3locksettings.db”.

The salt is got this way.

  1. It is apparent that “locksettings” is the table where the salt is contained. The following image shows how to query this specific table from the database using the following command of
    “select * from locksettings”
  2. Inside such table, the entry named “lockscreen.password_salt” is actually the one which has the salt.

12|lockscreen.password_salt|0|6305598215633793568

  1. After we have got the hash and salt, a Santoku’s tool has to get benefited from now. It is called
     “recover-android-pin.zip”.
  2. Such compressed folder could be found in the following location
    “~/Desktop/files/screenlock bypass/Password&Pin/”
  3. Now, we have to change the current directory to such directory and get the folder uncompressed with relying heavily on the “unzip” utility recognized inside Santoku.
    Ls –l recover-android-pin.zip
  4. Inside it, there exists a python code which is to crack the password using brute force method. The following command will actually take care of this aspect.
“Python BruteForceAndroidPin.py”

after which our hash should be typed then our salt which we extracted and finally we shall type the maximum length of a user PIN.

  1. We should at the moment get the PIN displayed on the screen.
  2. One last note is that this process may take some time depending on how complex the used PIN actually is.

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

References

http://resources.infosecinstitute.com/android-forensics-labs/

[ihc-select-level]

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.