±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 2 Overall: 36290
New Yesterday: 4 Visitors: 181

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

S7 Edge secure startup

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

passcodeunlock
Senior Member
 

Re: S7 Edge secure startup

Post Posted: Jun 18, 18 11:11

Well, you should look for a signed eng. boot which disables the PIN for your device and flash it.

If CAS failed opening it, that is the next thing I'd do Smile
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

shahartal
Member
 

Re: S7 Edge secure startup

Post Posted: Jun 21, 18 05:03

No, this will never work on a Secure Startup phone (given it was properly identified as one).
Secure Startup means it is actually encrypted with the user passcode, therefore there is no way around discovering the passcode, and engboot will give you root but a fully encrypted user data partition.
If you have a valid brute force method, that’s the only way in.  
 
  

nightworker
Senior Member
 

Re: S7 Edge secure startup

Post Posted: Jun 21, 18 08:08

Dont trust cellebrite advanced support because i want to send them a telephone and they sait we can do everything but when my customer said them we will go to telaviv and we can gave you money whatever you want they didnt answer us.  
 
  

pcook8198
Member
 

Re: S7 Edge secure startup

Post Posted: Jun 21, 18 10:06

Thank you for all your input and suggestions

Im currently finishing the 8 digit pin dictionary as i type.

Moving on to 9 digit dictionary soon.

Oh the joys

I'll keep you informed of my progress.

OR

The sun will burn out before i finish and it will not matter Smile  
 
  

passcodeunlock
Senior Member
 

Re: S7 Edge secure startup

Post Posted: Jun 21, 18 11:59

- shahartal
No, this will never work on a Secure Startup phone (given it was properly identified as one).
Secure Startup means it is actually encrypted with the user passcode, therefore there is no way around discovering the passcode, and engboot will give you root but a fully encrypted user data partition.
If you have a valid brute force method, that’s the only way in.


That is the only way in known by you maybe Smile

If there is an encrypted binary dump, we can decrypt in many cases the encryped user data partition, no matter of the Android version.

We also fail sometimes, that's part of the game, but at least we don't pretend knowing everything!
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

shahartal
Member
 

Re: S7 Edge secure startup

Post Posted: Jun 22, 18 07:42

You are free to take my words or not Smile
Yes, some cases can be decrypted offline, but *not* on phones where the encryption key is derived from a hardware key and the user passcode (= Secure Startup).
People usually confuse Secure Boot with Secure Startup, they are not the same thing.  
 
  

passcodeunlock
Senior Member
 

Re: S7 Edge secure startup

Post Posted: Jun 23, 18 09:17

shahar: I know pretty well the difference between Secure Boot and Secure Startup Smile

Sometimes you don't need to deal with the Trusted Zone, the encryption key derived from the hardware key and the user lock can be found inside of a physical dump.

Whoever is reading this, please don't get me wrong, I don't say that this is always possible, that is why I wrote "Sometimes".
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 

Page 2 of 2
Page Previous  1, 2