First post! I was recently handed a case with multiple phones where two of them belonged to the victim. The phones are a SGS 4 with android 5.0.1 and a HTC One M9 with unknown version.
I succeeded in performing a physical extraction on the SGS4 and was hoping to find the password.key and from there extract the pin code. The password.key was missing, the only thing similar was fmmpassword.key, with nothing in it.
Anyone know why it is missing? Is it a change in AOSP?
Does anyone know of a way to restore the pincode or password.key?
What I've tried up till now
Physical Analyzer 4.4.0.81 cannot find a lock screen password, neither automatically or by carving/searching for it.
Opened the physical dump in XRY but no luck there either.
I tried to take the HEX string from gesture.key and combining it with the lockscreen.password_salt from locksettings.db and then running it with hashcat, but without any luck.
I ended up flashing a new recovery and then removing gesture.key and then being able to access the phone. I'm however now without a possible pin for the HTC and flashing a new bootloader to flash a new recovery doesn't work as smooth when it comes to HTC afaik..
I looked into this a while ago and I think I read that Samsung have moved the key file off the memory chip and into the secure area of the processor. Unfortunately I can't remember (or find) where I read this so take it as unsourced info. If I can find where I read it then I'll post a link.
I looked into this a while ago and I think I read that Samsung have moved the key file off the memory chip and into the secure area of the processor. Unfortunately I can't remember (or find) where I read this so take it as unsourced info. If I can find where I read it then I'll post a link.
Thanks. Right, probably Knox then. In that case, I guess there's no way to access it. I'm going to try a second run (third actually..) on getting a physical now that the recovery has been replaced.
Even if you did unlock the bootloader on the HTC, you would have to return the HTC to factory settings during the process.
Even if you did unlock the bootloader on the HTC, you would have to return the HTC to factory settings during the process.
In this case I've been allowed to perform destructive examination of the phone, so that wouldn't be necessary. But I'm not going to (yet), if there's a chance to extract the code from the other phone.