±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35264
New Yesterday: 0 Visitors: 142

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

PoC Exploit Samsung Android Phones

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3  Next 
  

mcman
Senior Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: May 18, 18 13:38

- passcodeunlock


I already posted that the security patch level of the SM-N950F device I got is newer and this exploit won't work Sad

Any ideas are welcome, if we could dump the phone (even encrypted) we could move forward...


Yeah sorry that part was meant as a general information for anyone else looking at that exploit, I knew neither option would work for you based on the patch level.

My next guess would be engboot? I haven't tried one for a Note 8 yet but I've seen a few files out there for them. Worth a shot anyway.

Jamie  
 
  

shaunnash
Newbie
 

Re: PoC Exploit Samsung Android Phones

Post Posted: May 25, 18 20:48

This is an interesting topic, and will be of value to those with backlogs and otherwise SOL. I'm curious if anyone has taken the time to go through and adapt this POC to function for extraction (beyond the integrated tool of Magnet's)? As others have stated, MTP is better than nothing, but this code woudn't work for most purposes as it writes files to the target device in the process of poc-ing. We're not coders here but might take a stab at adapting this to a sounder approach. If anyone has already begun or has their own, we'd welcome the input. Thanks for the discussion.  
 
  

passcodeunlock
Senior Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: Jun 02, 18 14:22

The MTP read and write functions are public, anybody can use them!

Besides the PoC of MTPawn, there is a sample for pushing a file on the root (/) of the MTP filesystem. Comment those lines from the original PoC and feel free to fork the project and add a "recursive read all" on github.

I think this is what everybody is wanting, too bad that I won't do it Smile
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

shahartal
Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: Jun 11, 18 08:13

Yes, the MTP exploit is pretty decent, we had it in UFED since almost two years ago (August 2016) after we discovered it privately - that's what powered the "Partial File System" Samsung method.
Several other vendors have added implementations a few months after it was publicly released in November 2017.

Regarding the J320F/N950F with (or without) Secure Startup - we can provide lock-bypassing physicals with access to KNOX Secure Folder for these models and many others at CAS.

Shahar  
 
  

passcodeunlock
Senior Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: Jun 11, 18 14:59

Hmm, I'm in doubt a bit about the N950F Smile
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

shahartal
Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: Jun 12, 18 02:23

Well, many people doubted when we (Cellebrite) said we could unlock iPhones with iOS 9, and then 10, and then 11... Wink
The Galaxy Note 8 was easier.

Shahar  
 
  

Thomass30
Senior Member
 

Re: PoC Exploit Samsung Android Phones

Post Posted: Jun 12, 18 03:22

This exploit only works on Samsung devices Yes ?  
 

Page 2 of 3
Page Previous  1, 2, 3  Next