I got a physically damaged Samsung Galaxy Ace S5830i phone with unknown password screen lock. Previously the LE tried to make a physical image of it with UFED, but the process initialization failed for some reason. The failure could be related maybe to the physical damage of the phone ?!
The phone screen is cracked, but it is responsive. I tried a dictionary attack on it, containing names and numbers, but I had no luck with it. After each 5 bad tries 30 seconds delay is implemented. I could bruteforce with all combinations of characters and numbers, but all combinations would take too much time.
Does anybody have any idea how to unlock the screen password or bypass the screen lock somehow for this phone model ?
I am not sure, what bruteforce is good idea. I know about several cases when an investigator tried to use bruteforce, all data were erased from mobile devices.
I recommend to use chip off. And I can do it for you.
I got a physically damaged Samsung Galaxy Ace S5830i phone with unknown password screen lock. Previously the LE tried to make a physical image of it with UFED, but the process initialization failed for some reason. The failure could be related maybe to the physical damage of the phone ?!
The phone screen is cracked, but it is responsive
I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.
I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.
Owner of the phone can lock bootloader.
I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.
Thanks! I was told that the phone is supported by UFED for physical dump, just the physical dumping process fails at initialization. Also, UFED is not supporting screen unlocking for this model. Let me know if you find tomorrow anything useful.
I am not sure, what bruteforce is good idea. I know about several cases when an investigator tried to use bruteforce, all data were erased from mobile devices.
I recommend to use chip off. And I can do it for you.
Ok, I PM you, I don't want to flood the forum with details.
Flashing custom recovery via ODIN should be enough. That model doesn't come with locked bootloader.
In fact, i think that S5830i is able to switch from stock recovery to custom recovery via .zip file on microSD card so not even flashing required.
Once you'll have that, adb as root should be working and cracking the code or removing it at this point is easy. If, for some reason adb wouldn't work, you should be able to create a CWM compatible backup and extract the files required to cracking the code from that.
http//
Updating from microSD is not working, I enter the recovery mode, I can move up and down with the Vol +/-, but the power button for selecting "Update from SD card" is not working. After this process, the phone remains in recovery loop mode, luckly I can flash with Odin the CSC, so it works normally again.
What would be the way to flash the recovery with Odin ? Do you got any link with sample for this older phone model ? Also, I have to be sure that flashing custom recovery would not kill the data of the device.
If it is stuck in a boot loop reinstall the original stock recovery ROM
If I remember rightly I think this phone is susceptible to an AT attack.
http//
With debugging on you could then do what you please but having the default on is only useful if auth isn't required when you try to connect.
Please consider using a test phone first next time S
SOLVED!!!
All the problems were caused by the physical damage of the phone. The USB connector was replaced and then the LE was able to create a physical dump of the device.
While none of the software approaches worked because of the bad USB connector, I still learned some things, thanks for all the answers!