Join Us!

Notifications
Clear all

Lenovo YT3-850M  

  RSS
tito
 tito
(@tito)
New Member

Hi colleagues. I have a tablet Lenovo YT3-850M. Access to data is protected graphical password.
Before you access the data I collected documentation which indicated that the bootloader unlock all user data in tablet erased.
Tell me please is there a way to bypass a password graphic tablet without losing data?
Thank you in advance for your answers.

Quote
Posted : 18/07/2016 11:24 pm
passcodeunlock
(@passcodeunlock)
Senior Member

If by graphical lock you mean a swipe or pattern lock, I'm pretty sure it is possible, but advertising in the forum would not be tolerated, so if you wish, PM me.

ReplyQuote
Posted : 20/07/2016 1:57 pm
mobileforensicswales
(@mobileforensicswales)
Active Member

I'm pretty sure this tablet is MTK based and can be bypassed by the majority of the better mobile forensic tools on the market? Its just having the initial knowledge of the devices chipset to pick the right extractor / profile.

Do you have access to such kit or need an open solution?

Passcodeunlock is quite right about the password as well, can you please give us more specifics about what type of lock you are seeing?

If by graphical lock you mean a swipe or pattern lock, I'm pretty sure it is possible, but advertising in the forum would not be tolerated, so if you wish, PM me.

Have the forum rules changed recently? I thought we have always tried to openly share methods if they are in the public realm and can be found with some knowledgeable googling. If this has changed please let me know.

ReplyQuote
Posted : 20/07/2016 2:07 pm
passcodeunlock
(@passcodeunlock)
Senior Member

Have the forum rules changed recently? I thought we have always tried to openly share methods if they are in the public realm and can be found with some knowledgeable googling. If this has changed please let me know.

@mobileforensicswales please don't get me wrong, of course we share the knowledge, but we got our own hardware + software solution for opening screen phone locks inlab (not in the public realm).

I'm pretty sure that the forum moderators would not like if I would advertise our detailed services here.

ReplyQuote
Posted : 20/07/2016 3:43 pm
tito
 tito
(@tito)
New Member

mobileforensicswales, unfortunately I do not have access to mobile forensic tools. Usually , the defense went about in " manual mode " fastboot> twrp> adb or jtag.

ReplyQuote
Posted : 20/07/2016 5:24 pm
tito
 tito
(@tito)
New Member

Here's a photo of protection established in the tablet https://www.dropbox.com/s/btzst5sd69fn0ie/IMG_4129.JPG?dl=0
Thank you again for your feedback.

ReplyQuote
Posted : 20/07/2016 5:37 pm
mobileforensicswales
(@mobileforensicswales)
Active Member

If you plug it in whilst its off do you get a device called MTK###_bootloader or MTK65###_flasher or similar come up as a new device when you plug it in? You may have to 'tap' the power button.

See this video here https://youtu.be/A3TmXtOA0IA?t=521

WARNING 'Download' in the tools seen in this video sends data too and over the phone deleting everything if you do it wrong.

If you test and know what you are doing looking up offsets etc. you can dump the nand flash with this. You could then get the swipe out of the nand dump using the CCL scripts here

http//www.cclgroupltd.com/a-rainbow-table-for-android-pattern-locks/

FYI This is known as a pattern lock.

IF YOU DO NOT KNOW WHAT YOU ARE DOING PLEASE PLEASE TRY THIS ON A TEST DEVICE FIRST. I cannot take responsibility for any wipes caused by 'I wonder what this button does' clicks I am sorry.

It can be done with flashers

ReplyQuote
Posted : 20/07/2016 7:58 pm
tito
 tito
(@tito)
New Member

If you plug it in whilst its off do you get a device called MTK###_bootloader or MTK65###_flasher or similar come up as a new device when you plug it in? You may have to 'tap' the power button.

See this video here https://youtu.be/A3TmXtOA0IA?t=521

WARNING 'Download' in the tools seen in this video sends data too and over the phone deleting everything if you do it wrong.

If you test and know what you are doing looking up offsets etc. you can dump the nand flash with this. You could then get the swipe out of the nand dump using the CCL scripts here

http//www.cclgroupltd.com/a-rainbow-table-for-android-pattern-locks/

FYI This is known as a pattern lock.

IF YOU DO NOT KNOW WHAT YOU ARE DOING PLEASE PLEASE TRY THIS ON A TEST DEVICE FIRST. I cannot take responsibility for any wipes caused by 'I wonder what this button does' clicks I am sorry.

It can be done with flashers

The fact that both work with other devices I know.
When I got Lenovo YT3-850M and found (among other characteristics) that this device uses a processor Qualcomm MSM8909. When he saw protection, decided to try the method available fastboot> twrp> ADB> dd. TWRP sought out for this device. Before installation, I found a lot instructions. Each said that the establishment tvrp without unlocking bootloader not possible. In turn, unlock bootloader without data loss impossible. My riff box Lenovo YT3-850M does not support. So I turned to you, hoping that someone worked with secure tablet Lenovo YT3-850M and found a solution.
mobileforensitssschales, thank you for your feedback. However, the first method (with flashtool) will not work. I study the second method. Once the results, I immediately tell you.

ReplyQuote
Posted : 21/07/2016 3:25 am
passcodeunlock
(@passcodeunlock)
Senior Member

If the risks of brute-forcing are taken, the device can be unlocked.

Right now we do this only inlab with our own hardware, so I can't write here too many details about the process without advertising (

ReplyQuote
Posted : 22/07/2016 2:39 am
tito
 tito
(@tito)
New Member

If the risks of brute-forcing are taken, the device can be unlocked.

Right now we do this only inlab with our own hardware, so I can't write here too many details about the process without advertising (

To my knowledge, the use of "brute force" possible. Tell me what tools I can use to apply the method of "brute force"?

ReplyQuote
Posted : 22/07/2016 7:46 pm
mobileforensicswales
(@mobileforensicswales)
Active Member

XPIN clip maybe, you'd have to look on the forums

ReplyQuote
Posted : 22/07/2016 8:36 pm
passcodeunlock
(@passcodeunlock)
Senior Member

Or the susteen SV ?

I use none of these, so I can't tell. I got experience with our own tool only.

ReplyQuote
Posted : 22/07/2016 10:28 pm
Share: