sony z3 d6603 PIN C...
 
Notifications
Clear all

sony z3 d6603 PIN Code bypass ?

14 Posts
4 Users
0 Likes
2,413 Views
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

hello all …
i try to bypass sony z3 pin code without success i fallow this steps
https://www.youtube.com/watch?v=PP3JLKUgTJY&t=55s

i read that xpin clip support bypass sony pin when i visted the offical website for the tool i didnt found details i found this

any help i need some one to confirm that xpin clip can bypass d6603 model
and what about other solutions i there any way to jtag thet model any box support jtag for that model or anyway to bypass pin

if there is no solutions what about last one ( chip-off )

 
Posted : 19/03/2017 10:06 pm
(@arcaine2)
Posts: 235
Estimable Member
 

It's not really a bypass, but rather a bruteforce via OTG and this should work. JTAG is most likely not present at all, but there's pinout for ISP so no chip-off might be required. Keep in mind that it phones has Android 6 then it's using gatekeeper so it may not be possible to crack the PIN code anyway.

 
Posted : 20/03/2017 1:43 am
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

It's not really a bypass, but rather a bruteforce via OTG and this should work. JTAG is most likely not present at all, but there's pinout for ISP so no chip-off might be required. Keep in mind that it phones has Android 6 then it's using gatekeeper so it may not be possible to crack the PIN code anyway.

what is OTG ??? i got this replay from xpin clip support

Hello,
If phone got OTG and counter don't rise after entering codes (you can check this by entering some codes by hand) then it's supported.

the phone counter is rising after 4 or 5 attemps
and about ISP pinout what to use to connect them i mean what is the box name

 
Posted : 20/03/2017 11:59 am
passcodeunlock
(@passcodeunlock)
Posts: 792
Prominent Member
 

VR-Table 10 pins + z3x box or similar for reading ISP.

 
Posted : 20/03/2017 12:47 pm
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

VR-Table 10 pins + z3x box or similar for reading ISP.

okay but what about gatekeeper ?? i didnt know anythink about it I have not heard of it before ? i read this …
https://nelenkov.blogspot.com/2015/06/password-storage-in-android-m.html

 
Posted : 20/03/2017 12:51 pm
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

It's not really a bypass, but rather a bruteforce via OTG and this should work. JTAG is most likely not present at all, but there's pinout for ISP so no chip-off might be required. Keep in mind that it phones has Android 6 then it's using gatekeeper so it may not be possible to crack the PIN code anyway.

i didn't understand the first picture u said no need for chip-off but at the first picture u remove the chip

can u explain well ?

 
Posted : 20/03/2017 10:04 pm
(@arcaine2)
Posts: 235
Estimable Member
 

i didn't understand the first picture u said no need for chip-off but at the first picture u remove the chip

can u explain well ?

Both images are the same thing. First one is just made by someone who removed the chip to find pinout easier. Essentially, you solder 6 wires to elements/pads that are around the chip, marked properly. Second image makes a bit clearer

Also, OTG is also known as USB-HOST. Z3 supports it and allows you to connect external device like mouse, keyboard, pendrive to microUSB port. XPin emulates mouse and keyboard and simply tries every single code matching the pattern you set until it hits the correct one and unlocks the phone. By counter, they rather meant that some phones are set to wipe after some incorrect codes. Most of the Android phones allows you to enter 5 codes incorrectly, then wait 30 seconds, then try another 5 and so on, but you either need to know how yours is set or take a risk.

For ISP you can use medusa, z3x, emmc pro, riff2 etc. If phone is running Android 5.x or lower you can read (some boxes have a built-in file browser do you don't have to make a full dump) locksettings.db and password.key/pattern.key, crack it and unlock the phone with cracked code. Since Android 6, those devices are using gatekeeper so it may not be possible to crack PIN, password or pattern. I haven't seen any software cracking this but maybe it's possible. Company behind xpin clip claims they can crack this tho.

It might depend on what exacly you need to do. For forensic analysis it should be enough to read full dump via ISP/chip-off and at this point you won't have to bother if it has a password or not. If you need to unlock the device and use it, then you'd have to dump userdata partition via ISP/chip-off, remove the *.key files (and preferably make some changes in locksettings.db) from dumped image and restore such modified image back to the phone.

 
Posted : 20/03/2017 11:25 pm
(@qassam22222)
Posts: 155
Estimable Member
Topic starter
 

i didn't understand the first picture u said no need for chip-off but at the first picture u remove the chip

can u explain well ?

Both images are the same thing. First one is just made by someone who removed the chip to find pinout easier. Essentially, you solder 6 wires to elements/pads that are around the chip, marked properly. Second image makes a bit clearer

Also, OTG is also known as USB-HOST. Z3 supports it and allows you to connect external device like mouse, keyboard, pendrive to microUSB port. XPin emulates mouse and keyboard and simply tries every single code matching the pattern you set until it hits the correct one and unlocks the phone. By counter, they rather meant that some phones are set to wipe after some incorrect codes. Most of the Android phones allows you to enter 5 codes incorrectly, then wait 30 seconds, then try another 5 and so on, but you either need to know how yours is set or take a risk.

For ISP you can use medusa, z3x, emmc pro, riff2 etc. If phone is running Android 5.x or lower you can read locksettings.db and password.key/pattern.key, crack it and unlock the phone with cracked code. Since Android 6, those devices are using gatekeeper so it may not be possible to crack PIN, password or pattern. I haven't seen any software cracking this but maybe it's possible. Company behind xpin clip claims they can crack this tho.

It might depend on what exacly you need to do. For forensic analysis it should be enough to read full dump via ISP/chip-off and at this point you won't have to bother if it has a password or not. If you need to unlock the device and use it, then you'd have to dump userdata partition via ISP/chip-off, remove the *.key files (and preferably make some changes in locksettings.db) from dumped image and restore such modified image back to the phone.

Thank you very much for this clarification as i understand i should fallow the second image that's tell me i should solder 5 pins ? right ?

 
Posted : 20/03/2017 11:37 pm
(@arcaine2)
Posts: 235
Estimable Member
 

Thank you very much for this clarification as i understand i should fallow the second image that's tell me i should solder 5 pins ? right ?

6 pins in fact. There's also GND which is not marked here but have to be soldered somewhere to the ground on Z3 PCB.

 
Posted : 20/03/2017 11:40 pm
Bolo
 Bolo
(@bolo)
Posts: 97
Trusted Member
 

In phones with uses CRYPT (Gatekeeper mechanism) you cannot delete *.key files - this will not give you access to phone as in previous versions. Regarding read password - due its CRYPT we can crack only PIN and Pattern - alphanumeric passwords are not "effective" way in meaning of time for those since only CPU power can be used

 
Posted : 21/03/2017 2:04 am
Page 1 / 2
Share: