±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 35765
New Yesterday: 3 Visitors: 133

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Android 7 - Passcode

Discussion of forensic issues related to all types of mobile phones and underlying technologies (GSM, GPRS, UMTS/3G, HSDPA, LTE, Bluetooth etc.)
Subforums: Mobile Telephone Case Law
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

the_Grinch
Senior Member
 

Android 7 - Passcode

Post Posted: Jan 25, 19 00:46

I know this question has been asked before, but hoping there might be a solution. I have three devices all belonging to the same person. I was able to get a physical extraction off of one of the devices and everything decoded without issue. The policies.xml stated the passcode is just 4 numerics. Is there any means by which I could brute force the passcode with the salt and gatekeeper.password.key?  
 
  

passcodeunlock
Senior Member
 

Re: Android 7 - Passcode

Post Posted: Jan 25, 19 12:08

AES256 + XTS is a hard enemy, starting with Android 7.x I don't think there is a solution for what you try to do.

On the other hand, finding the Android PIN is possible using a safe in-lab brute force solution, but that has it's price. The device must be fully operational because the TrustZone is needed Smile
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 
  

the_Grinch
Senior Member
 

Re: Android 7 - Passcode

Post Posted: Feb 03, 19 21:58

Is the hash the hex of the gatekeeper.password.key?  
 
  

passcodeunlock
Senior Member
 

Re: Android 7 - Passcode

Post Posted: Feb 03, 19 22:53

- the_Grinch
Is the hash the hex of the gatekeeper.password.key?


No, that file contains a value generated from the salt + encryption key + Android password.
_________________
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 
 

Page 1 of 1