Samsung Galaxy S7 e...
 
Notifications
Clear all

Samsung Galaxy S7 edge forensics  

  RSS
phoneauditor
(@phoneauditor)
New Member

Hello Reddit community!

This is my first ever post on Reddit so forgive me if I make any mistakes.

I have a Samsung Galaxy S7 edge. I am not sure when I bought it, but I formatted it and then had it repaired by Samsung around June 2017. I have used that phone constantly since then. I never updated it so I think it is still Android 7.0. I set a PIN for the SIM, lock screen, and Data Protection -> Strong Protection (I think this is what it was called). I also selected for the SD card to be encrypted. I did not use the secure folder Knox as I was too lazy to draw a pattern each time I opened an app, and I never downloaded any third party encryption apps.

I have since lost the PIN, and I do not want to try to guess it because I only have 15 attempts before my Samsung Galaxy S7 edge formats itself. I have stupidly switched the phone off and kept it in a draw. Sadly I also cannot unlock it from my PlayStore account, and I made no backups on Google Drive.

I have seen some good tutorials online, but from my understanding most require the phone to still be powered on, others even require the installation of apps. I saw a tutorial which claimed it's possible to put a Samsung engineering bootloader onto the device which can reset the PIN, I think because the default encryption is something in the chip + "default_password" but given my settings explained in the first paragraph I would have changed it from the easy to break default?

I heard Samsung phones are highly secure so nobody can access them, but before I format it and give it to my son I thought I would check with Reddit. Even something destructive such as JTAG or chip-off would be fine.

That phone means the world to me, I really hope this community can help. I have done as much investigating as possible before asking this question to be less of a time waster to the community.

Thank you,

Larry Dobson

Quote
Posted : 29/12/2019 7:40 pm
Igor_Michailov
(@igor_michailov)
Senior Member

Hello Reddit community!

Here is not Reddit bro. lol lol lol

ReplyQuote
Posted : 30/12/2019 4:57 am
Rich2005
(@rich2005)
Senior Member

Cellebrite.

ReplyQuote
Posted : 30/12/2019 12:47 pm
arcaine2
(@arcaine2)
Active Member

What you're describing seems to be a secure startup enabled device. No JTAG, ISP, chip-off is gonna help you. The only solution is to enter a valid password so the phone boots into Android and decrypts itself. Depending on the variant and firmware version, you may be able to find eng-root file and bruteforce it with help of Frida. There is a script to do that on github (google it) so that's something you can try, assuming you'll be able to find match eng-root file. There's still a risk that it'll wipe to phone so test it on spare device before.

ReplyQuote
Posted : 30/12/2019 5:23 pm
jaclaz
(@jaclaz)
Community Legend

Hello Reddit community!

Here is not Reddit bro. lol lol lol

Well, he posted there too, so maybe it is only a copy and paste in good faith
https://www.reddit.com/r/computerforensics/comments/egrhhz/samsung_galaxy_s7_edge_forensics/

jaclaz

ReplyQuote
Posted : 30/12/2019 7:15 pm
foresicnull
(@foresicnull)
New Member

Use Cellebrite UFED.

ReplyQuote
Posted : 17/01/2020 6:22 am
stetocina
(@stetocina)
Junior Member

Do you have samsung account at this phone. If you have and your phone connected to intenet you can unlock phone with samsung find my phone

ReplyQuote
Posted : 21/01/2020 6:59 pm
Share: