Related
If you ever used CWM, CWMT or other non factory recoveries to wipe your data, you probably noticed that you lost the ability to encrypt your phone. Or maybe you did not even realize this is why encryption does not work.
For the Android phone encryption to work, it needs the /data (usrdata) partition to have a little bit of unused space between the end of the filesystem and the end of the partition. And as soon as you use CWM to wipe, it actually reformats using all space, and encryption does not work anymore.
User lolo250612 brought this to my attention, and together we created a update.zip that shrinks the /data filesystem by 1MB
In fact, we created 2 patches: One to shrink, and one to first repair the filesystem. The first will refuse to shrink if the file system is not clean and healthy. They will automatically find the correct usrdata partition device and its size. The shrink will then resize to 1MB less then the partition size (which means it could also be used to grow if you somehow had a filesystem a lot smaller, for example because you restored an smaller image from somewhere).
Both patches are created with statically linked e2fsprogs binaries and its own static copy of busybox shell interpreter. So they should work on all Android devices that use ext file system (probably all V2.3.1 Gingerbread and higher androids), and you should not lose any data because of this. But it is always good to make a backup.
We tested this on 2 phones, both ICS phones, and with both CWM and TWRP type recoveries, and are fairly certain it is safe to use. But to repeat, you should always take a backup of your phone.
Both patches can be found on my shared drive:
ICS_usrdata_fix-fs.zip
ICS_usrdata_shrink.zip
Procedure:
- Make backup of your phone
- Place files on SD card
- Boot into recovery
- Apply the shrink update
- If it tells you the filesystem is damaged apply the fix-fs update first
The patch only shrinks the filesystem, nothing is actually installed or removed on the phone. But if you use encryption, you could leave this patch on your SD card so that every time you wipe data, you can run the shrink patch again afterward to enable encryption again.
If you do use this, please report back in this thread, possibly mentioning your phone model and ROM you are using.
Quick encryption guide (and more)
I won't go deep into useless details as everything has already been described about Android phone protection somewhere on the internet. I will just give some meaningful links and tips by illustrating how I have protected my phone. Really nothing new or innovative, just a compilation of a few hints that I have put in practice to protect the numerous pieces of information that are on my phone.
Step 0: awareness
----------------------------
Why bother with phone security?
In short, I am clearly paranoid. Well, in fact, I don’t really feel at ease when I know all the information, both personal and professional I have on my phone. Over the month, my Androphone has become a real digital Swiss-knife and personal secretary. This includes:
Personal and professional contacts
Personal and professional agendas
Personal and professional digital exchanges (SMS and email)
Personal and professional photos
Banking account information
Trails where I run
Etc… etc…
Don't want someone looks at them. Not you?
Fist step: on-line protection
----------------------------------------
The first step in protecting your data consists in making hard to access indirectly the data that lay on your phone memory. This access consists in using the system when the phone is on, either via the GUI and the phone controls, or remotely (essentially by network connections, or phone basic functionalities like sms). So, basically, you need to lock efficiently your phone from preventing someone else to unlock the user interface that allows interactions with the system, and protect all communication channels.
To lock efficiently your phone, you must use a pin code of at least 4 digits (6 is better) or a pass-phrase. The latter is much less practical without improving online security that much. Above all, you must avoid those silly locking solutions like face recognition unlocking, or pattern lock. Those are toys for naive young boys. Not for those concerned seriously by security.
For protecting remote access to your phone, I would suggest:
1) Double check that USB debugging is disabled. This a major security hole.
2) Turn on data connections (bluetooth, wifi and 2/G/3G/4G) only when required (email checking, web-surfing session, data synchronising), and off rest of the time.
3) Avoid install cracked unofficial apks, or applications that asks for permission far beyond their obvious and principal utility
4) Install a software security app, if possible, open source and recognised by xda members. Once an adept of Droiwall, I have switched to Avast mobile security because of its extra features. But it is not opensource and it is a question of taste. But do this carefully, see that for instance before making a choice: http://download.cnet.com/8301-2007_4-57391170-12/dont-get-faked-by-android-antivirus-apps/ and http://www.av-test.org/fileadmin/pdf/avtest_2012-02_android_anti-malware_report_english.pdf.
But, you must be rooted (which is in itself a security hole if not mastered) and one must have a kernel with netfilter functionalities activated. This is the case with the stock kernel of the phone I use at the present time (Lenovo A789). But was not the case of 2 Samsung phones I used before. You have to either install a custom kernel adapted to your phone, or make your own if you have access to its sources (see tutorials as: http://forum.xda-developers.com/showpost.php?p=22941057&postcount=1)
5) Personally, I would feel more at ease if I could find an easy to use firewall solution that could close, and better, make stealth all the local ports of my phone, especially when I am not behind a wifi router. But I haven’t found one yet. Droidwall, nor Avast, addresses this functionality, whereas it would be fairly easy to implement it with the netfilter system layer underneath.
Second step: offline protection
-------------------------------------------
Here we are. Now your phone is protected when it is on. But, what if you switch it off, or remove its sdcard? The data lay on the internal memory, unprotected (at best obfuscated). Really easy to find a custom recovery for almost all phones, write a script to dump /data on a sdcard and then make whatever you want with the copy.
Don’t like that? The only solution to prevent /data from being read by someone else is to encrypt the /data partition. To do that, your phone or tablet internal storage partitions must be seen by your system as block devices. This is the case with eMMC but not with Yaffs. So beware, if you want encryption you need to buy a device that answers this requirement. This is not always true and almost never documented. Notes on the implementation of Android encryption are there: http://source.android.com/tech/encryption/android_crypto_implementation.html
Now, as me, if you are reading these lines, you are certainly looking for extra information about your Android device and probably extra functionalities.
Certainly, the most frequent way to install extra functionalities and custom ROMs to your phone is to use an update zip file. With stock recovery, this zip file needs to be signed, otherwise it is rejected. For maximum flexibility and ease of use, alternative boot recovery have been developed, of which CWRP is certainly the most famous.
Usually, for 99% of users and operations, CWRP operates great. Sometimes, as nothing is perfect, a bug may occur. This is the case for built in ICS encryption process. As Cybermaus indicates in the first post, to be able to perform this encryption the /data filesystem must be slightly smaller than the underlying partition. But CWRP, at least up to the version 5.5, formats all the corresponding partition leaving no place for Android to store the required information to be able to start the encryption process. This is clearly described in the following links: http://forum.xda-developers.com/showthread.php?t=1792101 and http://rootzwiki.com/topic/25652-fixing-galaxy-tab-2-encryption/
I have discovered that by using aLogcat to track down the origin of the failure. The interesting part revealed to be: E/Cryptfs ( 87): Orig filesystem overlaps crypto footer region. Cannot encrypt in place.
To circumvent this problem, you will find in Cybermaus first post, two CWM update zip files that will do the trick in a simple and secure way. After flashing your ROM and wiping data with CWM, apply them, go to system encryption as described here:http://support.google.com/android/bin/answer.py?hl=en&answer=1663755, and after waiting one or two minutes (not more), the system should restart automagically to encrypt your /data partition.
Third step: making your phone even more secure and practical at the same time
-------------------------------------------------------------------------------------------------------------------
Android built-in encryption is in fact more or less Linux LUKS (http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup). Plus, it is open-source so that everyone with the required skills can make an audit of the code to see if no security hole is present in the Android implementation. The underlying mechanism is strong and secure, as long as you use a strong password. I mean by strong, at least 12 characters that includes at the same time lower-case letters, upper-case letters, numbers and symbols. And it must be something impossible to guess for others while easy to remember for yourself. You will find a lot of resources on the internet on how to create such a password. For instance: https://help.ubuntu.com/community/StrongPasswords .
The problem with Android, in its attempt to keep the system not too complicated to use, is that the GUI (I insist: only the GUI, not the system) does not distinguish between the PIN or passphrase that you use to lock your phone when it is on, and the password used to encrypt the data that lay physically on your phone storage. So the casual user is in front of a paradigm: either he chooses a strong password for its data, but this will rapidly become tedious to type at least 12 characters to unlock his device several times a day; or he decides to use a PIN code, which is more practical to unlock the phone, and consequently uses a really weak password to encrypt its data which contains only digits, and thus may be cracked in a breath by any PC.
Fortunately, this paradigm is addressed and solved by small tools like EncPassChanger or Cryptfs Password (both requiring that your phone be rooted, which is by the way, paradoxically, a security hole if not used with caution ). See: http://nelenkov.blogspot.fr/2012/08/changing-androids-disk-encryption.html for complete notes about that. So for me, the only way, both secure and practical, to secure your phone is by using a PIN code of at least 4 numbers (6 is better). Then use a handy tool like EncPassChanger to have a true complex password for decryption at boot time.
Fourth step: increase security, without sacrifying practicability
-----------------------------------------------------------------------------------------
As I am paranoid, but at the same time don’t want my phone to become a source of annoyances, the previous “basic” steps were not enough for me.
So I decided to improve security in two ways:
1) By following the following tip, which I find great and is itself self-explaining: http://forum.xda-developers.com/showpost.php?p=26730989&postcount=2
2) By encrypting the photos I take with my phone, because these are linked with my private life and I won’t like that somebody gain access to them.
3) By encrypting documents I scan with CamScanner, for home and work, which may be sensitive.
4) By automating the action that disables USB debugging in case I forget to put it off after using it .
For point 2 and 3, documents lay on your sd card uncrypted. Android built-in encryption does not deal with both internal and external sdcard (just to be clear, by sdcards I mean partitions mounted as /mnt/scard or /mnt/scard2). To encrypt them you have to use once again an external tool. As I am an opensource fanatic for all that deal with security, I would recommend to use LUKS Manager (https://play.google.com/store/apps/details?id=com.nemesis2.luksmanager&feature=search_result and http://forum.xda-developers.com/showthread.php?t=1141467) which is based on dm-crypt module (yes, the same that Android uses for its build-in encryption), or Cryptonite (https://play.google.com/store/apps/details?id=csh.cryptonite&feature=search_result) which is completely open-source and implements the rock-solid Linux encfs on Android.
The latter is my personal choice. I do not use Crytonite in itself, except for creating the initial .encfs6.xml file. For everyday use, I use directly the Android port of the binary file encfs that comes with Cryptonite, and embed it into shell scripts. Up to now, no flaw, no problem. The password to open my encfs encrypted volumes is stored in a text file located on the /data partition. It is thus encrypted by Android and made accessible on boot when you decrypt this partition. So nothing more to remember.
To make things usable and practical, I use Tasker to automate the following things:
- Mount encfs volumes on start-up, by reading directly the password in the file located on /data
- Umount encfs volumes when usb is plugged
- Copy photos on a regular basis from the unencrypted /mnt/sdcard/DCIM to the safe place I created with encfs, delete AND wipe the original ones
Fifth step: be coherent about security
-----------------------------------------------------
Some people, torn apart by the paradigm described in Third step, by negligence or by lack of knowledge, strongly secure one part of the system, but make other parts big security holes.
Concretely, I am thinking about two examples: mixing encryption with pattern lock (or, even worse, with face unlock), or mixing encryption with usb debugging. Face recognition is just a jock. It is not reliable and fails very often. Moreover it is really easy to crack, with a photo for example. One of my colleague even achieved to unlock my phone with its own face, just because we are morphologically close enough. Pattern lock is not much better. (See: http://forum.xda-developers.com/showpost.php?p=37649447&postcount=6 and https://www.google.fr/search?q=smudge+attack).
So always ponder over (two times rather than one) each action you take that may touch system security.
Thanks lolo
I'm trying to use this on my VZW Galaxy S3 16Gb and this is what I'm seeing in TWRP v2.2.0:
Mounting System
Extracting system fixes
Update script starting...
Update script started
Disk /dev/block/mmcblk0p15: 13.1GB, 13140754432
4 heads, 10 sectors/track, 401024 cylinders
Units = cylinders of 64 * 512 = 32768 bytes
ERROR: unlikely size of KB
aborting operation!
Update script ended
Unmounting system...
Update Complete
Click to expand...
Click to collapse
edit: The same thing happens with both scripts.
I need to enable device encryption because my employer requires it for email and other Google Apps for Business apps. Thank you for your help!
Anyone know why full disk encryption isn't available on some (if not most roms)? Is it something that needs to be added with intent aside in the building process, or dependent on how the stock rom was set-up to work with?
I was hoping this would help get encryption working on an EVO ics rom which has encryption available, but when you click "encrypt phone" it just hangs on an android screen and doesn't actually do anything.
i was really happy to find your solution to enable encryption on my HTC desire S (ICS, rooted), but unfotunately it doesn't work. the same thing happen to me as it happened to mushu13, only different numbers in lines 5 and 6. same result whichever script i choose. please help, i really need system encryption.
thanky you very much!
First thing you should know, I am not an Android Guru. And unfortunately, if your phone is not an A789, I won't be able to help you deep in technical details. Cybermaus is the most skilled of the two of us, technically speaking, and he may lack time to answer correctly every request he is regurlarly faced with.
Okay, I do not know your phones and don't own them. So, distant debugging is much harder in these conditions. But the first things you should check, before applying Cybermaus' patches, are :
1) if encryption works with stock rom
2) follow thoroughly all steps I described in "Second step: offline protection" of the second post of this thread :
- your phone or tablet internal storage partitions must be seen by your system as block devices. This is the case with eMMC but not with Yaffs. If you don't have this information from the manufacturer, install Terminal Emulator from the Play Store and type 'mount' in it. You should see lines beginning with /[email protected] and /[email protected] If this is not the case, I fear encryption won't be able to work on your device.
- use aLogcat to track down the origin of the failure (see resources on the internet to learn how to use it, and links I have put in the second post)
3) Be sure that required modules are built into the kernel you use, especially dm-crypt
4) Post your results and cross your fingers that either this is a problem I have already encountered (in this case I may help you further), or Cybermaus see your posts.
While this script did allow me to encrypt my phone, it also shrunk my /data partition to roughly 1.1 GB.
Any ideas on how to expand it back to a reasonable size? I supposedly have 4 GB of ROM, and I assume more than 1 GB ought to be available for data.
Sent from my HTC Sensation using xda app-developers app
Thank you for your nice guide.
Only one thing is missing: baseband security.
Attacks on the baseband system requires very skilled people. Such as government agencies. It is believed they use baseband attacks to break into almost every mobile device. And there is only little you can do. Some vendors like Cryptophone have mobile devices with a hardened Android system. All others have no way to protect their device against baseband attacks.
Is this patch and reasoning still valid for newer android releases.
I am running a custom kitkat rom and twrp on a note 3 and can't encrypt so im looking for a fix.
I have been looking around for fixes but different posts blame different things.
Sometimes its the fact its a custom recovery, sometimes its that root is on the device and then there is this reasoning
Is there a way to find out the cause and fix for kitkat?
Virus
Hi, i tried to download your files
ICS_usrdata_fix-fs.zip
ICS_usrdata_shrink.zip
But the file are exe files with viruses.
Any ideas?
u2funker said:
Hi, i tried to download your files
ICS_usrdata_fix-fs.zip
ICS_usrdata_shrink.zip
But the file are exe files with viruses.
Any ideas?
Click to expand...
Click to collapse
Maybe false alarm.
Lossyx said:
Maybe false alarm.
Click to expand...
Click to collapse
no, but if you search for these file, you will find some which work and which are without viruses. Check the link..it is not an zip file..it is an exe file
@cybermaus: just tried flashing the two *.zips on my Galaxy S 4 Mini running CM 12 (Android Lollipop) because my logcat tells me I'm getting the described cryptfs error. It seems my /data partition doesn't have that 1 MB of unused space needed for encryption. Now I would love to encrypt my phone using CM's integrated function without having to completely format the internal storage (because that's the other workaround I found: flash stock rom, wipe data (factory reset), flash Custom Recovery, flash CM again)
Do you have the time and device to update your script so it works with Android Lollipop as well? I see a lot of people come across this issue recently so there would be definetly use for such a nice script like yours!
Thanks for sharing this with us!
-Teutone
no available for download any mirror ?
Or write the script on the thread.
Thanks
Can you post the scripts? links are dead!
---------- Post added at 16:33 ---------- Previous post was at 16:32 ----------
cybermaus said:
If you ever used CWM, CWMT or other non factory recoveries to wipe your data, you probably noticed that you lost the ability to encrypt your phone. Or maybe you did not even realize this is why encryption does not work.
For the Android phone encryption to work, it needs the /data (usrdata) partition to have a little bit of unused space between the end of the filesystem and the end of the partition. And as soon as you use CWM to wipe, it actually reformats using all space, and encryption does not work anymore.
User lolo250612 brought this to my attention, and together we created a update.zip that shrinks the /data filesystem by 1MB
In fact, we created 2 patches: One to shrink, and one to first repair the filesystem. The first will refuse to shrink if the file system is not clean and healthy. They will automatically find the correct usrdata partition device and its size. The shrink will then resize to 1MB less then the partition size (which means it could also be used to grow if you somehow had a filesystem a lot smaller, for example because you restored an smaller image from somewhere).
Both patches are created with statically linked e2fsprogs binaries and its own static copy of busybox shell interpreter. So they should work on all Android devices that use ext file system (probably all V2.3.1 Gingerbread and higher androids), and you should not lose any data because of this. But it is always good to make a backup.
We tested this on 2 phones, both ICS phones, and with both CWM and TWRP type recoveries, and are fairly certain it is safe to use. But to repeat, you should always take a backup of your phone.
Both patches can be found on my shared drive:
ICS_usrdata_fix-fs.zip
ICS_usrdata_shrink.zip
Procedure:
- Make backup of your phone
- Place files on SD card
- Boot into recovery
- Apply the shrink update
- If it tells you the filesystem is damaged apply the fix-fs update first
The patch only shrinks the filesystem, nothing is actually installed or removed on the phone. But if you use encryption, you could leave this patch on your SD card so that every time you wipe data, you can run the shrink patch again afterward to enable encryption again.
If you do use this, please report back in this thread, possibly mentioning your phone model and ROM you are using.
Click to expand...
Click to collapse
links are dead. Can you post the scripts?
Hi everyone,
A friend of mine got a second-hand tablet Samsung 500t from one of her relatives.
She set her password, but she forgot it after a while. She asked me to help her to sort the problem out but I don't know windows RT and I don't know exactly what to do. In addition, we don't have any cd or user's manual. I tried to reset and I launched the procedure which always ended up with this message:
"Insert your windows installation or recovery media to continue".
I don't know what to do now, and, unfortunately, she hasn't got any back up.
Can anyone help me? Thank you.
Is she using a local account or a Microsoft account? If the latter, you can just reset your password the same way you would if you forgot, say, your Hotmail password. Go to https://login.live.com and follow the "forgot password" steps.
If it's a local account, that's more awkward. There are various steps (short of a full wipe) that you can do, but if you don't know the Admin password then most of the non-wipe options require things like Linux liveCD (or live flashdrive) images and forcibly resetting the password.
GoodDayToDie said:
Is she using a local account or a Microsoft account? If the latter, you can just reset your password the same way you would if you forgot, say, your Hotmail password. Go to login.live and follow the "forgot password" steps.
If it's a local account, that's more awkward. There are various steps (short of a full wipe) that you can do, but if you don't know the Admin password then most of the non-wipe options require things like Linux liveCD (or live flashdrive) images and forcibly resetting the password.
Click to expand...
Click to collapse
She is using a local account. We asked her relative, the former owner, about a Microsoft account, but he didn't know and remember anything about that.
Can you explain me more about using a Distro Linux to reset the password on the tablet?
I used a linux live many times, and I can manage it for easy tasks, but I have never used it to reset or to recover a password on a Window OS.
Thank you, Bob.
If you boot a Linux live image - probably off a flashdrive, unless you have a handy USB optical drive - it can mount the internal NTFS file system and find Security Account Manager (SAM). There are tools that will modify a SAM file to overwrite the password for a user. It's also possible for some tools to brute-force the password, though this can take a long time, or to look it up in a "rainbow table" of pre-computed password hashes (won't work for really complex passwords, though). Forcibly resetting the password will cause you to lose any data encrypted with it, which may include things like passwords the OS was storing for you.
Some stuff that can be used to try and recover passwords (or reset them): http://smallvoid.com/article/winnt-password-recovery.html
There's a bunch of others out there too. Here's another link: http://www.mydigitallife.info/reset...trator-or-user-password-with-chntpw-in-linux/
GoodDayToDie said:
If you boot a Linux live image - probably off a flashdrive, unless you have a handy USB optical drive - it can mount the internal NTFS file system and find Security Account Manager (SAM). There are tools that will modify a SAM file to overwrite the password for a user. It's also possible for some tools to brute-force the password, though this can take a long time, or to look it up in a "rainbow table" of pre-computed password hashes (won't work for really complex passwords, though). Forcibly resetting the password will cause you to lose any data encrypted with it, which may include things like passwords the OS was storing for you.
Some stuff that can be used to try and recover passwords (or reset them):smallvoid
There's a bunch of others out there too. Here's another link: mydigitallife.info/reset-and-change-windows-nt2000-administrator-or-user-password-
Click to expand...
Click to collapse
Can I simply delete the SAM file? I don't think she cares to lose any data so much.
Ok. I was wondering how I can run the usb drive on a windows rt tablet. Is there a "boot device option" like on an ordinary pc/notebook?
Thanks again?:
PS: By the way, where can I find an image of Window 8 rt if I want to totally reset the tablet and install a clear OS?
Aw crap, I can't believe this but I forgot you were talking about an RT device. Forget everything I just said; Secure Boot won't allow it to run a Linux image even if you had an ARM-based one.
Deleting the entire SAM will render the device unbootable. It's not just user account logon details stored there; every account (including the various system ones) are there. On the other hand, if you can extract the SAM somehow, another computer will be able to edit it just fine even though it comes from RT; it's a registry hive and is architecture-independent.
Total reset is probably the easiest option, if she doesn't mind the risk of losing data. It requires a device-specific image though; there should be one (recovery partition) on the tablet, but if that was removed you'll need to find one for download or get Samsung to handle it for you. The Surface RT / 2 images are available here on XDA but I don't know about any of the Samsung tablets.
Go look on the support website (or call support) for instructions on performing a factory reset of the tablet under normal circumstances. That will work if the recovery partition wasn't removed.
GoodDayToDie said:
Aw crap, I can't believe this but I forgot you were talking about an RT device. Forget everything I just said; Secure Boot won't allow it to run a Linux image even if you had an ARM-based one.
Deleting the entire SAM will render the device unbootable. It's not just user account logon details stored there; every account (including the various system ones) are there. On the other hand, if you can extract the SAM somehow, another computer will be able to edit it just fine even though it comes from RT; it's a registry hive and is architecture-independent.
Total reset is probably the easiest option, if she doesn't mind the risk of losing data. It requires a device-specific image though; there should be one (recovery partition) on the tablet, but if that was removed you'll need to find one for download or get Samsung to handle it for you. The Surface RT / 2 images are available here on XDA but I don't know about any of the Samsung tablets.
Go look on the support website (or call support) for instructions on performing a factory reset of the tablet under normal circumstances. That will work if the recovery partition wasn't removed.
Click to expand...
Click to collapse
Ok, I understood.
Can I somehow install a Window 8.1 pro x86 on this device? It has got an Intel Atom processor, after all.
I need drivers, though.
Thanks again.
Now you say it's a x86 device while earlier it was ARM (Windows RT). Make up your mind, it can't be both!
Amax said:
Now you say it's a x86 device while earlier it was ARM (Windows RT). Make up your mind, it can't be both!
Click to expand...
Click to collapse
...hmm actually I'm not sure. The tablet is not mine. I thought it had a Windows Rt OS. But since you say that it can't be an x86 device with an RT OS at same time...I need to find out what it really is. Thanks.
OK
I've finally found out what the OS is?
It's window 8 32bit.
The complete name of the tablet is:
samsung ativ smart xe500t1c-a01it
More, I have it at my home now.
Can we continue the topic?
Thanks
Then the methods GoodDayToDie mentioned in post #4 should work
ok
I fixed it by using Lazesoft recovery.
Thanks
Loss Password? All is not loss, even with the fact you can not boot from a USB stick drive with a password reset tool on it. The answer is actually quite simple with local access to the device Windows 8 is installed on. As long as you can get into recovery by using the "hold volume up" and pushing "Power" button method. You then simply picked Advance Recovery Options till you see Command Prompt in the menu and here's the link that'll take you the rest of the way below. What this does is replace Access Tools (for blind, etc) in Login Screen (lower left corner) with a Command Prompt window. Since it's in with the Root C drive, it makes it quite simple to merely change the password right there and be able to use it to log in immediately.
Thought your computer was safe from hackers locally? Think again (can only be run locally though, not remotely), but if you didn't have this option none of the free or pay4 password reset tools would work either. This is what they are actually doing and then they remove the Command Prompt window when done. Just like you will after using this very simple method. Or you need to use Windows Password Key to reset Samsung password.
The phone is fully working and connected on the Internet with the google account and everything, but who set the pattern to unlock the screen also forgot it
Apparently Google remove the option to set a temporary password using the Android Device Manager to unlock the device and the USB debugging is disable on the phone (so I guess no abd).... any ideas on how to recover the photos stored on the internal memory?
First of all, we need to know if it is yours. There are thiefs that steal phones and try to access personal data for their pleasure.
Hisuite for photos.
Johnny TDN said:
First of all, we need to know if it is yours. There are thiefs that steal phones and try to access personal data for their pleasure.
Click to expand...
Click to collapse
I'm actually trying to help the owner of the phone, no thief involved here
Since the google account is setup and the device has also internet connection, I was thinking about installing an app remotely from the play store website... but which one? I need one that installs, spawns a service and automatically exposes the content of the internal storage without touching it (wifi, ftp, ...). Any ideas?
I remember that recovery factor reset didn't remove the internal storage (in my case)
Johnny TDN said:
I remember that recovery factor reset didn't remove the internal storage (in my case)
Click to expand...
Click to collapse
The official Huawei customer support answered saying that for android >5.1.1 the procedure is to take a backup and disconnect the account before firing the "Wipe Data Factory Reset" from the recovery, if not all the user's data will be lost.
mrfree2ita said:
The official Huawei customer support answered saying that for android >5.1.1 the procedure is to take a backup and disconnect the account before firing the "Wipe Data Factory Reset" from the recovery, if not all the user's data will be lost.
Click to expand...
Click to collapse
Then the last method is this :
If you still have the warranty, make sure it has the same IMEI as the one written on the warranty (you can check what imei you have by removing the sim tray and look at the IMEI written on it), then go to HUAWEI and tell them that you forgotten your password and you need your files. They will ask you for the warranty and some security questions.(maybe, idk)
If you don't have warranty, then sorry, you are screwed.
mrfree2ita said:
The phone is fully working and connected on the Internet with the google account and everything, but who set the pattern to unlock the screen also forgot it
Apparently Google remove the option to set a temporary password using the Android Device Manager to unlock the device and the USB debugging is disable on the phone (so I guess no abd).... any ideas on how to recover the photos stored on the internal memory?
Click to expand...
Click to collapse
Does the device have a stock or custom recovery installed? In the case of a custom one, you don't need to enable USB debugging in the actual system; you can just boot into the recovery and go to town with ADB.
In the case of a stock ROM, try installing fastboot and ADB drivers, and booting into fastboot mode. I can't remember the exact key combination, but once you're booted into fastboot and connected to your PC via USB you should be able to flash TWRP or CWM without enabling debugging, I think. Guides to do this can be googled. Make sure to use the right .img for your phone though, or you'll brick it.
Once that's done and you're able to boot into a custom recovery, do so, connect to your PC via USB, fire up ADB, and use one of the following commands:
su
adb shell
cd /data/data/com.android.providers.settings/databases
sqlite3 settings.db
update system set value=0 where name='lock_pattern_autolock';
update system set value=0 where name='lockscreen.lockedoutpermanently';
.quit
or
su
adb shell rm /data/system/gesture.key
The first of these will nullify the order in which the pattern or PIN is supposed to be inserted, meaning you can do whatever and unlock the phone. The second removes the PIN or pattern entirely.
Let me know how this went, and if you need any help, feel free to reply here or PM me. I'll get back at you as soon as I can.
mrfree2ita said:
The phone is fully working and connected on the Internet with the google account and everything, but who set the pattern to unlock the screen also forgot it
Apparently Google remove the option to set a temporary password using the Android Device Manager to unlock the device and the USB debugging is disable on the phone (so I guess no abd).... any ideas on how to recover the photos stored on the internal memory?
Click to expand...
Click to collapse
Easy..But I won't help you cause I don't know if it's your phone or not sorry
Broken black screen - TWRP working but encrypted, & file transfer not enabled default
Hi all, novice here
OnePlus 5
OxygenOS (OnePlus5Oxygen_23_OTA_040_all_1811051816_c6670cf.zip) I think.
rooted
twrp-3.2.3-0-20180822-codeworkx-cheeseburger.img
I dropped my phone and I think a car ran over it. Screen is black and touchscreen not functional. At first the screen was fragmented and I could see parts of my home screen, but now it is totally black. So I think the phone itself is functional.
I can boot to TWRP and use ADB. I can navigate through the internal files system. I wish to copy the files to my PC. If I navigate to /sdcard, the folders have names like "wvTioi91z2FNnyelsUoraA" which I assume means they are encrypted. I can researched for 4 days and tried multiple methods. I have tried commands like mount, twrp decrypt 14789 for my lock pattern, to no avail.
I have tried a program called [email protected] to simulate touchscreen movements after booting to the system, but I'm flying blind.
I guess I want to know if this is all futile. I want to get my data off before I send it to OnePlus to get fixed because they will likely wipe it.
If I could somehow swipe down from the top when booted to the system and select MTP mode or whatever, I should be fine. But this is not working. Can I flash a different TWRP without losing data while removing encryption? I am not sure if I have USB debug mode on or off.
Any advice would be highly appreciated.
I had the same problem. But twrp decrypt <lockpattern> was the solution for me.
No idea why it do not work for you.
If you can get it into fastmode you could theoretically flash or just boot any recover you want without wiping anything.
Qnorsten said:
I had the same problem. But twrp decrypt <lockpattern> was the solution for me.
No idea why it do not work for you.
If you can get it into fastmode you could theoretically flash or just boot any recover you want without wiping anything.
Click to expand...
Click to collapse
Thanks. I think Android is having trouble matching the passwords.
Attempting to decrypt data partition via command line.
Iecrypting FBE for user 0
password filename is '/data/system/gatekeeper.pattern.key'
get_ce_key_directory_path 0: /data/misc/vold/user_keys/ce/0
Skipping non-key .Skipping non-key ..get_ce_key_paths adding: /data/misc/vold/user_keys/ce/0/current
Trying user CE key /data/misc/vold/user_keys/ce/0/currentOpenssl error: 0Failed to find working ce key for user 0Couldn't read key for 0e4crypt_unlock_user_key returned fail
I have another OnePlus 5 with Pie installed. After this error, I copied gatekeeper.pattern.key and then all of the contents in /data/system from my other OnePlus 5 to my broken OnePlus 5. It did not work.
I'm trying to make all of the encrypted passwords match somehow.
When I plugin my Samsung Galaxy J7 Prime and then select recovery module and it show as connected and then I select android data recovery option and then select recover documents only and then click next. Then it show and detected device model, downloading package and it went like that till 99% uncertain if it hit 100% or not and then it caused my device to reboot and after it reboot now it is asking for a password to start up device but I tried device screen password, google account password and samsung account password but all didnt work. Thus it shows have 7 attempts left before factory reset itself.
The boot up looks a bit different from normal too, unsure if it is coming through a different type of boot and if there is a way to reverse to how it was earlier?
In recovery mode it shows in recovery log pid 2064 ran. where first line filesystem table code was;
0/ efs ext4/ dev/block/platform/1354000.dwmmc0/by-name/EFS(/dev/block/mmcblk0p3) 0
and in following
#ls /cache/recovery
ksmg
-rw------root root 8190724 2022-04-02 11:19 last_ode_dumpstate_err_check_password.log
From what I could see further in log it seems like maybe dr fone tried to root phone since I see files seem to have been overwritten probably as same file name shown where earlier recorded in time stamp as either 2017 or 2008 and underneath that dst is run with today tim stamp.
What would be method to solve to get back to normal working state without any data loss?
It seems when check via dr fone transfer showing as mem capacity 2797mb and 1362mb used whereas it should show as 32Gb, also when start up it says Enter your password to start up your device but I am certain I enter correct passwords but it is not verifying. Also in recovery mode it shows No support single sku supported api:3.
And when try backup option no files come up on scan does that mean the Dr fone recovery package that it installed wiped out the data? Or is it like in another different boot system for recovery? How to solve this problem?
Also any backup software you think could backup stuff before applying any drastic fixes
I think your phone internal storage is corrupted because of Dr. Fone and this is caused by the data encryption inside the phone and I think that it requires the encryption password, and to solve this problem, you must flash a modified recovery like TWRP or CWM and then pull all the data by making a MOUNT of the internal storage it will only works on old Android version 6.x or 7.x but you can try
My android is 6.0.1 so I think it should work, do you have any video tutorials or a thread with stepwise instructions to get twrp or cwm to backup current data and later restore?
Also any idea if use the dr fone repair device feature it might fix?
Dr.Fone only one thing do transfer WhatsApp chat between android and iOS all else features not work perfect so try another way, ask google how mount internal storage on android phones by twrp it’s easy and not need a tutorial just flash a custom recovery and don’t let device to boot enter recovery mode immediately and go to mount and press mtp or mount storage
Looks like the device name has got renamed as well best try to see if have a file explorer or manager for android so can see if files still intact? Any pc softwares that can be used to clarify without need to unlock screen since it is asking for a pass saying Enter your password to start up your device but I am certain I enter correct passwords but it is not verifying.
If the files are intact then I can try twrp or odin cf root flashing to see if can flash home version file so files possibly stay intact. Or if they are anyways not then will try factory reset via recovery mode and then will need recommendation of good software to recover data for free
Any ideas?
That app is trashware. Do Not use!
If a factory reset doesn't clear it you'll need to reflash the stock rom.
The data is lost... that's my opinion.
Always backup all critical data redundantly to at least two hdds that are physically and electronically isolated from each other and the PC... or you will lose data, eventually!
NEVER encrypt a data backup drive.
Do copy/paste file transfer, verify file size and folder count match. Test for readability.
NEVER clone music data bases, copy/paste only.
Do not use compression or apps like SmartSwitch to backup critical data, they can fail you miserably.
You can never have too many backup data drive. Avoid using flash memory; quality hdds have better memory retainment. Store in more than one location. Near lightning strikes can wipe them; a metal earth grounded box or safe is best.
blackhawk said:
That app is trashware. Do Not use!
If a factory reset doesn't clear it you'll need to reflash the stock rom.
The data is lost... that's my opinion.
Always backup all critical data redundantly to at least two hdds that are physically and electronically isolated from each other and the PC... or you will lose data, eventually!
NEVER encrypt a data backup drive.
Do copy/paste file transfer, verify file size and folder count match. Test for readability.
NEVER clone music data bases, copy/paste only.
Do not use compression or apps like SmartSwitch to backup critical data, they can fail you miserably.
You can never have too many backup data drive. Avoid using flash memory; quality hdds have better memory retainment. Store in more than one location. Near lightning strikes can wipe them; a metal earth grounded box or safe is best.
Click to expand...
Click to collapse
Can you recommend a free pc software that could possibly backup device in current state? Or a free pc software that could do data recovery without need to root phone so if I do go ahead with flash and it wipes data or i do factory reset then I could try to get backup data.
NW_Work said:
Can you recommend a free pc software that could possibly backup device in current state? Or a free pc software that could do data recovery without need to root phone so if I do go ahead with flash and it wipes data or i do factory reset then I could try to get backup data.
Click to expand...
Click to collapse
Not on an unrooted phone. You can try this.
If you used Drfone it has likely already encrypted the data with their own encryption key.
Hopefully some of your data is backed up somewhere else because this is a dead horse... I believe.
I be more concerned about salvaging the phone at this point. It's a tough lesson from the U of hard knocks... don't repeat it. Sorry.