Decrypt Android 6 gatekeeper.password.key
I have a physical extraction from a Samsung Galaxy A3 2016 and I try to get the plain password.
This report describes how the Android 6.0 (and above) lockscreen passcode storage works:
It seems that all the neccessary files are available from this particular extraction:
- "device_policies.xml" tells me that it's an numeric 4-digit passcode
- "0" file (from
/data/misc/gatekeeper) with a "scrypt"-encrypted string luckily replaces the hardware HMAC on this device
- "locksettings.db" contains the salt
- "gatekeeper.password.key" is the encrypted passcode
As far as I understand, I have to combine all possible passcode combinations (0000 - 9999) without the salt but with the content from the "0" file and compare the result with the hex string in "gatekeeper.password.key" to find/bruteforce the correct passcode:
the 'signature' stored in the password handle file is indeed the scrypt value of the blob's version, the 64-bit secure user ID, and the blob's
flagsfield, concatenated with the plaintext pattern value. The scrypt hash value is calculated using the stored 64-bit salt and the scrypt parameters N=16384, r=8, p=1. Password handles for PINs or passwords are calculated in the same way, using the PIN/password string value as input.
Is that correct? And if yes, how can I implement that?
It seems that the author successfully wrote a python script for that but unfortunately it's not attached.
Would be nice if somebody has an idea.
Thanks and have a nice weekend,
Those are only for non-hwbacked encryption devices. A3 2016 is hw-backed (check the last byte of gatekeeper file if it's 01), which means that you can't bruteforce it.