S7 Edge secure star...
 
Notifications
Clear all

S7 Edge secure startup

14 Posts
6 Users
0 Likes
2,107 Views
(@pcook8198)
Posts: 20
Eminent Member
Topic starter
 

Samsung S7 Edge Android 7.0
G935FXXS2DRC3

Handset requires PIN on Boot

Any suggestions much appreciated.

Ive tried
1 to 6 Digit pin
4,5,6 and 7 digit pins

Was partially through 8 digits

Very time consuming

Thoughts / ideas much appreciated

 
Posted : 14/06/2018 2:18 pm
(@shahartal)
Posts: 27
Eminent Member
 

Cellebrite CAS can support this case.

 
Posted : 15/06/2018 3:52 pm
(@the_grinch)
Posts: 136
Estimable Member
 

HD-Box could brute force that for you

 
Posted : 15/06/2018 5:52 pm
passcodeunlock
(@passcodeunlock)
Posts: 792
Prominent Member
 

What did you use to brute force ?!

7+ PINs are rare, since they are hard to type - while driving for example )

Are you sure it is not asking for password instead of PIN ?!

 
Posted : 15/06/2018 7:45 pm
(@pcook8198)
Posts: 20
Eminent Member
Topic starter
 

CAIS has been used.

I was wondering if anyone had heard of anything else.

 
Posted : 18/06/2018 6:34 am
(@pcook8198)
Posts: 20
Eminent Member
Topic starter
 

Re the PIN

I totally agree, 7+ digits seems a little to long as studies show 11 digits is roughly the max the human mind is capable of.

Its certainly a PIN as the keyboard is only set to allow Digits , I can not input an Alpha Numeric / Symbol password.

 
Posted : 18/06/2018 6:37 am
(@athulin)
Posts: 1156
Noble Member
 

I totally agree, 7+ digits seems a little to long as studies show 11 digits is roughly the max the human mind is capable of.

I'm not sure what studies you're referring to, but I would expect them to say '11 *random* digits' as well as specify clearly what sample population the observations are valid for. Most are valid only for students at a particular university…

In a file with cracked passwords that I have collected (thus very probably PINs that someone has remembered), I find the majority of PIN entries (i.e. digits only) to be 11 or less, as you state, but I have more than 6000 16-digits PINS, and around 100 24-digit pins. The longest are 255 digit PINs, but as some are all the same digit ('00000…', '1111…' and '5555…') – I suspect an effect of a max-length of 255 characters in PIN together with auto-repeat keyboard press key until it beeps (or for x seconds, leading to string truncation), or something like that, but no exceptional memory.

Very many long PINs have an initial sequence of '0000…', followed by a 7-digit (or longer) more random sequence. ('1111…' are also present, but less common.)

So throwing all remaining long PINs found in any of the 'standard' password leaks (such as the rockyou leak files, for example) might be an idea.

Or … start with 'numbers' from personal relation social security numbers, say, or phone numbers or dates … or just possibly credit card numbers. (I would do all 8-digit dates before I did any more random 8-digit sequences, for example, and I might start by looking at 'nearby' years first). And possibly extend with '0000…' .

 
Posted : 18/06/2018 7:47 am
passcodeunlock
(@passcodeunlock)
Posts: 792
Prominent Member
 

Well, you should look for a signed eng. boot which disables the PIN for your device and flash it.

If CAS failed opening it, that is the next thing I'd do )

 
Posted : 18/06/2018 11:11 am
(@shahartal)
Posts: 27
Eminent Member
 

No, this will never work on a Secure Startup phone (given it was properly identified as one).
Secure Startup means it is actually encrypted with the user passcode, therefore there is no way around discovering the passcode, and engboot will give you root but a fully encrypted user data partition.
If you have a valid brute force method, that’s the only way in.

 
Posted : 21/06/2018 5:03 am
nightworker
(@nightworker)
Posts: 134
Estimable Member
 

Dont trust cellebrite advanced support because i want to send them a telephone and they sait we can do everything but when my customer said them we will go to telaviv and we can gave you money whatever you want they didnt answer us.

 
Posted : 21/06/2018 8:08 am
Page 1 / 2
Share: