±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 32365
New Yesterday: 8 Visitors: 163

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

sony z3 d6603 PIN Code bypass ?

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Mon Mar 20, 2017 1:37 pm

[quote="arcaine2"]
- qassam22222
- arcaine2

i didn't understand the first picture u said no need for chip-off but at the first picture u remove the chip :

can u explain well ?


Both images are the same thing. First one is just made by someone who removed the chip to find pinout easier. Essentially, you solder 6 wires to elements/pads that are around the chip, marked properly. Second image makes a bit clearer:



Also, OTG is also known as USB-HOST. Z3 supports it and allows you to connect external device like mouse, keyboard, pendrive to microUSB port. XPin emulates mouse and keyboard and simply tries every single code matching the pattern you set until it hits the correct one and unlocks the phone. By counter, they rather meant that some phones are set to wipe after some incorrect codes. Most of the Android phones allows you to enter 5 codes incorrectly, then wait 30 seconds, then try another 5 and so on, but you either need to know how yours is set or take a risk.

For ISP you can use medusa, z3x, emmc pro, riff2 etc. If phone is running Android 5.x or lower you can read locksettings.db and password.key/pattern.key, crack it and unlock the phone with cracked code. Since Android 6, those devices are using gatekeeper so it may not be possible to crack PIN, password or pattern. I haven't seen any software cracking this but maybe it's possible. Company behind xpin clip claims they can crack this tho.

It might depend on what exacly you need to do. For forensic analysis it should be enough to read full dump via ISP/chip-off and at this point you won't have to bother if it has a password or not. If you need to unlock the device and use it, then you'd have to dump userdata partition via ISP/chip-off, remove the *.key files (and preferably make some changes in locksettings.db) from dumped image and restore such modified image back to the phone.

Thank you very much for this clarification as i understand i should fallow the second image that's tell me i should solder 5 pins ? right ?  

qassam22222
Senior Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Mon Mar 20, 2017 1:40 pm

- qassam22222

Thank you very much for this clarification as i understand i should fallow the second image that's tell me i should solder 5 pins ? right ?


6 pins in fact. There's also GND which is not marked here but have to be soldered somewhere to the ground on Z3 PCB.  

arcaine2
Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Mon Mar 20, 2017 4:04 pm

In phones with uses CRYPT (Gatekeeper mechanism) you cannot delete *.key files - this will not give you access to phone as in previous versions. Regarding read password - due its CRYPT we can crack only PIN and Pattern - alphanumeric passwords are not "effective" way in meaning of time for those since only CPU power can be used
_________________
Multi-COM - Bogusław Rzepka
multi-com.eu 

Bolo
Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Tue Mar 21, 2017 12:54 pm

- Bolo
In phones with uses CRYPT (Gatekeeper mechanism) you cannot delete *.key files - this will not give you access to phone as in previous versions.


Deleting those itself might not but also removing, or preferably modyfying locksetting database should work from what i remember. It may depend on the phone itself as the implemention varies, even on older Android versions but it can still be done.


Regarding read password - due its CRYPT we can crack only PIN and Pattern - alphanumeric passwords are not "effective" way in meaning of time for those since only CPU power can be used


Have you actually tested it on more phones, since this implemention may also be different between vendors and even individual phones, plus can also be hardware dependant.  

Last edited by arcaine2 on Tue Mar 21, 2017 3:01 pm; edited 1 time in total

arcaine2
Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Tue Mar 21, 2017 1:20 pm

Listen to Bolo, he knows what he is talking about!

I can also confirm that only PIN/pattern cracking can be done well if Gatekeeper is on. Cracking passwords could be also possible with dictionary attacks, but for those tries to be effective, you need good dictionaries and processing power from weeks/months up to a few years... And pure luck, who knows Smile
_________________
Passcodeunlock - mobile/tablet screen unlocking
passcodeunlock.com 

passcodeunlock
Senior Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Tue Mar 21, 2017 3:06 pm

I'm not saying he's wrong. His company sells such service so i assume it works. I'm just curious if he encountered phone where it failed to crack.
I tried cracking my personal phone's pattern running 7.1.1 and with currently known implementafion i failed to do so. On the other hand i'm running custom AOSP based firmware so it might differ, it's there's something wrong with my script. In general, there's very little public info related with cracking gatekeeper SCRYPT hashes.  

arcaine2
Member
 
 
  

Re: sony z3 d6603 PIN Code bypass ?

Post Posted: Tue Mar 21, 2017 3:16 pm

Public informations which Nikolay gives is... let's say "incomplete" and thats why most of people failed to reconstruct PY script but if you will write your own from scratch you will for sure success ... we not tried yet on 7.x. Send your gatekeeper.password.key as well as password, phone model and vendor so I will check if it works on 7.1.1
_________________
Multi-COM - Bogusław Rzepka
multi-com.eu 

Bolo
Member
 
 

Reply to topicReply to topic

Share and Like this forum topic to get more replies




Page 2 of 2
Go to page Previous  1, 2