Join Us!

Samsung Galaxy Ace ...
 
Notifications
Clear all

Samsung Galaxy Ace S5830i screen unlock ideas ?  

  RSS
passcodeunlock
(@passcodeunlock)
Senior Member

I got a physically damaged Samsung Galaxy Ace S5830i phone with unknown password screen lock. Previously the LE tried to make a physical image of it with UFED, but the process initialization failed for some reason. The failure could be related maybe to the physical damage of the phone ?!

The phone screen is cracked, but it is responsive. I tried a dictionary attack on it, containing names and numbers, but I had no luck with it. After each 5 bad tries 30 seconds delay is implemented. I could bruteforce with all combinations of characters and numbers, but all combinations would take too much time.

Does anybody have any idea how to unlock the screen password or bypass the screen lock somehow for this phone model ?

Quote
Posted : 17/07/2016 11:00 pm
Igor_Michailov
(@igor_michailov)
Senior Member

I am not sure, what bruteforce is good idea. I know about several cases when an investigator tried to use bruteforce, all data were erased from mobile devices.
I recommend to use chip off. And I can do it for you.

ReplyQuote
Posted : 18/07/2016 1:09 am
redcat
(@redcat)
Active Member

I got a physically damaged Samsung Galaxy Ace S5830i phone with unknown password screen lock. Previously the LE tried to make a physical image of it with UFED, but the process initialization failed for some reason. The failure could be related maybe to the physical damage of the phone ?!

The phone screen is cracked, but it is responsive

I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.

ReplyQuote
Posted : 18/07/2016 1:29 am
Igor_Michailov
(@igor_michailov)
Senior Member

I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.

Owner of the phone can lock bootloader.

ReplyQuote
Posted : 18/07/2016 1:35 am
passcodeunlock
(@passcodeunlock)
Senior Member

I'd be surprised if Cellebrite can't bypass that - I've had plenty of success with pin locked Android based Samsungs, including handsets in bad physical state. If it's alive and the screen's responding it will go eventually, I would keep trying the bootloader/PIN bypass. I can take a look tomorrow and see for sure whether that handset will work when I'm back in the lab.

Thanks! I was told that the phone is supported by UFED for physical dump, just the physical dumping process fails at initialization. Also, UFED is not supporting screen unlocking for this model. Let me know if you find tomorrow anything useful.

ReplyQuote
Posted : 18/07/2016 1:55 am
passcodeunlock
(@passcodeunlock)
Senior Member

I am not sure, what bruteforce is good idea. I know about several cases when an investigator tried to use bruteforce, all data were erased from mobile devices.
I recommend to use chip off. And I can do it for you.

Ok, I PM you, I don't want to flood the forum with details.

ReplyQuote
Posted : 18/07/2016 2:05 am
arcaine2
(@arcaine2)
Active Member

Flashing custom recovery via ODIN should be enough. That model doesn't come with locked bootloader.
In fact, i think that S5830i is able to switch from stock recovery to custom recovery via .zip file on microSD card so not even flashing required.
Once you'll have that, adb as root should be working and cracking the code or removing it at this point is easy. If, for some reason adb wouldn't work, you should be able to create a CWM compatible backup and extract the files required to cracking the code from that.

http//forum.xda-developers.com/showthread.php?t=2649491

ReplyQuote
Posted : 18/07/2016 2:42 am
passcodeunlock
(@passcodeunlock)
Senior Member

Updating from microSD is not working, I enter the recovery mode, I can move up and down with the Vol +/-, but the power button for selecting "Update from SD card" is not working. After this process, the phone remains in recovery loop mode, luckly I can flash with Odin the CSC, so it works normally again.

What would be the way to flash the recovery with Odin ? Do you got any link with sample for this older phone model ? Also, I have to be sure that flashing custom recovery would not kill the data of the device.

ReplyQuote
Posted : 18/07/2016 3:49 pm
mobileforensicswales
(@mobileforensicswales)
Active Member

If it is stuck in a boot loop reinstall the original stock recovery ROM

If I remember rightly I think this phone is susceptible to an AT attack.

http//securityaffairs.co/wordpress/46287/hacking/hacking-samsung-galaxy.html

With debugging on you could then do what you please but having the default on is only useful if auth isn't required when you try to connect.

Please consider using a test phone first next time S

ReplyQuote
Posted : 18/07/2016 5:22 pm
passcodeunlock
(@passcodeunlock)
Senior Member

SOLVED!!!

All the problems were caused by the physical damage of the phone. The USB connector was replaced and then the LE was able to create a physical dump of the device.

While none of the software approaches worked because of the bad USB connector, I still learned some things, thanks for all the answers!

ReplyQuote
Posted : 18/07/2016 6:57 pm
arcaine2
(@arcaine2)
Active Member

@passcodeunlock, there are couple different custom recovery versions you could try. It's strage that phone stucked in bootloop after installing that .zip but that could be related to that USB connector issues you mentioned later. Anyhow, glad you sorted this out.

In general, it it comes to changing recovery - it's relatively safe and harmless. With Samsung Android based phones, basically every model since S3 (and models around it's release date) comes with separate recovery partition (that's common among all modern Android phones) that you can flash with Odin. No data will be harmed here. For older models, like S2 and first Note, recovery is bundled with kernel so you have to flash both. While it's safe for data, your phone may not boot if kernel doesn't match the firmware (like flashing too old kernel for example) so that's something to check first. Some models, like the one you have are able to either boot or install custom recovery from stock recovery, but that may sometimes require few tries or few versions. It's always wise to check what the script inside the .zip file does. For example, S5360 have a couple custom recoveries available. These can only be run from stock recovery, using a .zip file. None of them works perfectly, only one supports proper adb support on root permissions. It's better with more modern phones. twrp.me and xda-developers are two sites worth checking for recoveries.
From my experience, only US variants (AT&T, Verizon sometimes also T-Mobile) have locked bootloaders and you simply won't be able to flash custom image, but data will be fine. There's also FRP (Factory Reset Protection) introduced in some cheaper phones using Android 5.1 released since last year and Samsung Reactivation Lock (for top models, Like Galaxy S5, S6, S7 and Note). While it's enabled (you can check it's status in bootloader), it'll act as locked bootloader and won't allow you to flash any custom stuff, data will be intact.
Some phones since S4 updated to 5.1 will overwrite custom recovery when booting, data will not be touched. To avoid it, you just uncheck reboot in Odin, flash recovery image then power off the phone (either by pulling the battery or with power button, doesn't matter) and start it in recovery mode on the first try.

For other phones, like any Nexus, LG, HTC, Motorola where you have to unlock bootloader in order to flash custom recovery, unlocking bootloader will wipe the data.

I often use custom recovery method to recover data from phones with broken digitizer or completely broken display for years. Never had any data loss, it's safe if you know what you're doing.

@mobileforensicswales, that looks interesting, will have to that a look out of curiosity what can be done with that.

ReplyQuote
Posted : 19/07/2016 12:18 am
passcodeunlock
(@passcodeunlock)
Senior Member

@passcodeunlock, there are couple different custom recovery versions you could try. It's strange that phone stuck in bootloop after installing that .zip but that could be related to that USB connector issues you mentioned later. Anyhow, glad you sorted this out.

I wasn't able to install the update.zip, as I wrote before, the Vol +/- was working, but I couldn't select the "Update from sdcard" menu with the Power button. Actually I couldn't select none of the menus (the reboot system menu either), so I turned it off by pulling the battery. From there on the phone remained in recovery loop, but after flashing the CSC with Odin in download mode, it booted in normal mode again.

What I don't get is how could I flash CSC with the original bad USB connector n download mode, but the LE couldn't make a physical image with the same USB connector.

I'm also glad that this got sorted out, one of our engineers suggested the USB connector replacement, he soldered it, so even if we didn't bypass the lock, overall we provided the right solution )

ReplyQuote
Posted : 20/07/2016 2:13 pm
 Anonymous

You can get the phone into download mode and flash new image to the phone. After that, the password will be removed. Here is a great tutorial on this How to reset screen passcode for samsung

ReplyQuote
Posted : 01/09/2016 2:17 pm
passcodeunlock
(@passcodeunlock)
Senior Member

Thanks, but it got solved already )

The device had physical damage, which was preventing normal communication over the USB, after the new USB connector was soldered, the LE was able to bypass the lock and create a physical dump of the device with UFED.

ReplyQuote
Posted : 04/09/2016 4:39 pm
Share: